CVSS: 9.0EPSS: 0%CPEs: 10EXPL: 0CVE-2019-0938 – Microsoft Edge DownloadOperation Sandbox Escape Vulnerability
https://notcve.org/view.php?id=CVE-2019-0938
An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser, aka 'Microsoft Edge Elevation of Privilege Vulnerability'. Hay una vulnerabilidad de elevación de privilegios en Microsoft Edge que podría permitir a un atacante escapar de AppContainer sandbox en el navegador, también conocida como "vulnerabilidad de elevación de privilegios de Microsoft Edge". This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of messages passed from the renderer process to the broker process of Microsoft Edge. A crafted message can trigger execution of a privileged operation. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0938 •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8604 – Apple macOS securityd Heap-based Buffer Overflow Sandbox Escape Vulnerability
https://notcve.org/view.php?id=CVE-2019-8604
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.5. An application may be able to execute arbitrary code with system privileges. Un problema de corrupción de memoria fue abordado mejorando el manejo de la memoria. Este problema es corregido en macOS Mojave versión 10.14.5. • https://support.apple.com/HT210119 • CWE-787: Out-of-bounds Write •
CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0CVE-2019-10306
https://notcve.org/view.php?id=CVE-2019-10306
A sandbox bypass vulnerability in Jenkins ontrack Plugin 3.4 and earlier allowed attackers with control over ontrack DSL definitions to execute arbitrary code on the Jenkins master JVM. • http://www.securityfocus.com/bid/108045 https://jenkins.io/security/advisory/2019-04-17/#SECURITY-1341 •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10745 – python-jinja2: Sandbox escape due to information disclosure via str.format
https://notcve.org/view.php?id=CVE-2016-10745
In Pallets Jinja before 2.8.1, str.format allows a sandbox escape. En Pallets Jinja versiones anteriores a 2.8.1, str.format permite un scape de sandbox A flaw was found in Pallets Jinja prior to version 2.8.1 allows sandbox escape. • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00030.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00064.html https://access.redhat.com/errata/RHSA-2019:1022 https://access.redhat.com/errata/RHSA-2019:1237 https://access.redhat.com/errata/RHSA-2019:1260 https://access.redhat.com/errata/RHSA-2019:3964 https://access.redhat.com/errata/RHSA-2019:4062 https://github.com/pallets/jinja/commit/9b53045c34e61013dc8f09b7e52a555fa16bed16 https://palletsprojects.com/bl • CWE-134: Use of Externally-Controlled Format String CWE-138: Improper Neutralization of Special Elements •
CVSS: 9.0EPSS: 0%CPEs: 13EXPL: 0CVE-2019-10906 – python-jinja2: str.format_map allows sandbox escape
https://notcve.org/view.php?id=CVE-2019-10906
In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape. • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00030.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00064.html https://access.redhat.com/errata/RHSA-2019:1152 https://access.redhat.com/errata/RHSA-2019:1237 https://access.redhat.com/errata/RHSA-2019:1329 https://lists.apache.org/thread.html/09fc842ff444cd43d9d4c510756fec625ef8eb1175f14fd21de2605f%40%3Cdevnull.infra.apache.org%3E https://lists.apache.org/thread.html/2b52b9c8b9d6366a4f1b407a8bde6af28d9fc73fdb3b37695fd0d9ac%40%3Cdevnull.infra.apac • CWE-138: Improper Neutralization of Special Elements •