CVSS: 3.6EPSS: 0%CPEs: 6EXPL: 0CVE-2024-38531 – Nix sandbox escape
https://notcve.org/view.php?id=CVE-2024-38531
Nix is a package manager for Linux and other Unix systems that makes package management reliable and reproducible. A build process has access to and can change the permissions of the build directory. After creating a setuid binary in a globally accessible location, a malicious local user can assume the permissions of a Nix daemon worker and hijack all future builds. This issue was patched in version(s) 2.23.1, 2.22.2, 2.21.3, 2.20.7, 2.19.5 and 2.18.4. Nix es un administrador de paquetes para Linux y otros sistemas Unix que hace que la administración de paquetes sea confiable y reproducible. • https://github.com/NixOS/nix/pull/10501 https://github.com/NixOS/nix/security/advisories/GHSA-q82p-44mg-mgh5 • CWE-278: Insecure Preserved Inherited Permissions •
CVSS: 5.3EPSS: 0%CPEs: -EXPL: 2CVE-2024-28397 – Pyload Remote Code Execution
https://notcve.org/view.php?id=CVE-2024-28397
CVE-2024-28397 is a sandbox escape in js2py versions 0.74 and below. js2py is a popular python package that can evaluate javascript code inside a python interpreter. The vulnerability allows for an attacker to obtain a reference to a python object in the js2py environment enabling them to escape the sandbox, bypass pyimport restrictions and execute arbitrary commands on the host. • https://github.com/Marven11/CVE-2024-28397-js2py-Sandbox-Escape https://github.com/CYBER-WARRIOR-SEC/CVE-2024-28397-js2py-Sandbox-Escape https://github.com/Marven11 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.3EPSS: 0%CPEs: -EXPL: 1CVE-2024-29510 – ghostscript: format string injection leads to shell command execution (SAFER bypass)
https://notcve.org/view.php?id=CVE-2024-29510
Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device. Artifex Ghostscript anterior a 10.03.1 permite la corrupción de la memoria y una omisión MÁS SEGURA de la sandbox mediante la inyección de cadena de formato con un dispositivo uniprint. • https://github.com/swsmith2391/CVE-2024-29510 https://bugs.ghostscript.com/show_bug.cgi?id=707662 https://codeanlabs.com/blog/research/cve-2024-29510-ghostscript-format-string-exploitation https://www.openwall.com/lists/oss-security/2024/07/03/7 https://access.redhat.com/security/cve/CVE-2024-29510 https://bugzilla.redhat.com/show_bug.cgi?id=2293950 • CWE-20: Improper Input Validation CWE-693: Protection Mechanism Failure •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34098 – ZDI-CAN-XXXX: [Pwn2Own] Acrobat sandbox bypass part 1 of 2
https://notcve.org/view.php?id=CVE-2024-34098
Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. • https://helpx.adobe.com/security/products/acrobat/apsb24-29.html • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34099 – ZDI-CAN-XXXX: [Pwn2Own] Acrobat sandbox bypass part 2 of 2
https://notcve.org/view.php?id=CVE-2024-34099
Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. • https://helpx.adobe.com/security/products/acrobat/apsb24-29.html • CWE-284: Improper Access Control •