NotCVE - SandBox Bypass

Page 46 of 584 results (0.089 seconds)

CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0

CVE-2020-2279

https://notcve.org/view.php?id=CVE-2020-2279

A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.74 and earlier allows attackers with permission to define sandboxed scripts to provide crafted return values or script binding content that can result in arbitrary code execution on the Jenkins controller JVM. Una vulnerabilidad de omisión del sandbox en Jenkins Script Security Plugin versiones 1.74 y anteriores, permite a atacantes con permiso para definir scripts en sandbox proporcionar valores de retorno diseñados o contenido de enlace de script que puede resultar en la ejecución de código arbitrario en la JVM del controlador de Jenkins • http://www.openwall.com/lists/oss-security/2020/09/23/1 https://www.jenkins.io/security/advisory/2020-09-23/#SECURITY-2020 •

CVSS: 9.6EPSS: 0%CPEs: 9EXPL: 1

CVE-2020-15963 – chromium-browser: Insufficient policy enforcement in extensions

https://notcve.org/view.php?id=CVE-2020-15963

Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. Una aplicación insuficiente de la política en extensions en Google Chrome versiones anteriores a 85.0.4183.121, permitía a un atacante que convenció a un usuario de instalar una extensión maliciosa llevar a cabo potencialmente un escape del sandbox por medio de una Chrome Extension diseñada • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00087.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00095.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00096.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00049.html https://chromereleases.googleblog.com/2020/09/stable-channel-update-for-desktop_21.html https://crbug.com/1113558 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FN7HZI •

CVSS: 9.6EPSS: 0%CPEs: 9EXPL: 1

CVE-2020-15961 – chromium-browser: Insufficient policy enforcement in extensions

https://notcve.org/view.php?id=CVE-2020-15961

Insufficient policy validation in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. Una comprobación insuficiente de la política en extensions en Google Chrome versiones anteriores a 85.0.4183.121, permitía a un atacante que convenció a un usuario de instalar una extensión maliciosa llevar a cabo potencialmente un escape del sandbox por medio de una Chrome Extension diseñada • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00087.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00095.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00096.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00049.html https://chromereleases.googleblog.com/2020/09/stable-channel-update-for-desktop_21.html https://crbug.com/1114636 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FN7HZI •

CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1

CVE-2020-24046

https://notcve.org/view.php?id=CVE-2020-24046

A sandbox escape issue was discovered in TitanHQ SpamTitan Gateway 7.07. ... Se detectó un problema de escape del sandbox en TitanHQ SpamTitan Gateway versión 7.07. • https://github.com/felmoltor https://sensepost.com/blog/2020/clash-of-the-spamtitan https://twitter.com/felmoltor https://www.titanhq.com • CWE-269: Improper Privilege Management •

CVSS: 9.0EPSS: 1%CPEs: 1EXPL: 1

CVE-2020-24045

https://notcve.org/view.php?id=CVE-2020-24045

1...44 45 46 47 48