CVSS: 10.0EPSS: 1%CPEs: 3EXPL: 2CVE-2019-11708 – Mozilla Firefox and Thunderbird Sandbox Escape Vulnerability
https://notcve.org/view.php?id=CVE-2019-11708
con el mensaje IPC de Prompt:Open, entre procesos hijo y padre puede resultar que el proceso padre fuera del Sandbox abra el contenido web elegido por un proceso hijo comprometido. ... Mozilla Firefox and Thunderbird contain a sandbox escape vulnerability that could result in remote code execution. • https://www.exploit-db.com/exploits/47752 https://github.com/0vercl0k/CVE-2019-11708 http://packetstormsecurity.com/files/155592/Mozilla-Firefox-Windows-64-Bit-Chain-Exploit.html https://bugzilla.mozilla.org/show_bug.cgi?id=1559858 https://security.gentoo.org/glsa/201908-12 https://www.mozilla.org/security/advisories/mfsa2019-19 https://www.mozilla.org/security/advisories/mfsa2019-20 https://access.redhat.com/security/cve/CVE-2019-11708 https://bugzilla.redhat.com/show_bug.cgi?id=1 • CWE-20: Improper Input Validation CWE-270: Privilege Context Switching Error •
CVSS: 9.0EPSS: 0%CPEs: 10EXPL: 0CVE-2019-0938 – Microsoft Edge DownloadOperation Sandbox Escape Vulnerability
https://notcve.org/view.php?id=CVE-2019-0938
An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser, aka 'Microsoft Edge Elevation of Privilege Vulnerability'. Hay una vulnerabilidad de elevación de privilegios en Microsoft Edge que podría permitir a un atacante escapar de AppContainer sandbox en el navegador, también conocida como "vulnerabilidad de elevación de privilegios de Microsoft Edge". ... An attacker can leverage this vulnerability to escalate privileges and escape the Microsoft Edge sandbox. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0938 •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8604 – Apple macOS securityd Heap-based Buffer Overflow Sandbox Escape Vulnerability
https://notcve.org/view.php?id=CVE-2019-8604
This vulnerability allows remote attackers to escape the sandbox on affected installations of Apple Safari. • https://support.apple.com/HT210119 • CWE-787: Out-of-bounds Write •
CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0CVE-2019-10306
https://notcve.org/view.php?id=CVE-2019-10306
A sandbox bypass vulnerability in Jenkins ontrack Plugin 3.4 and earlier allowed attackers with control over ontrack DSL definitions to execute arbitrary code on the Jenkins master JVM. Una vulnerabilidad de bypass en una sandbox de Jenkins ontrack Plugin 3.4 y anteriores permitía a los atacantes con control sobre las definiciones DSL de ontrack ejecutar código arbitrario en la JVM maestra de Jenkins. • http://www.securityfocus.com/bid/108045 https://jenkins.io/security/advisory/2019-04-17/#SECURITY-1341 •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10745 – python-jinja2: Sandbox escape due to information disclosure via str.format
https://notcve.org/view.php?id=CVE-2016-10745
In Pallets Jinja before 2.8.1, str.format allows a sandbox escape. En Pallets Jinja versiones anteriores a 2.8.1, str.format permite un scape de sandbox A flaw was found in Pallets Jinja prior to version 2.8.1 allows sandbox escape. Python's string format method added to strings can be used to discover potentially dangerous values including configuration values. • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00030.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00064.html https://access.redhat.com/errata/RHSA-2019:1022 https://access.redhat.com/errata/RHSA-2019:1237 https://access.redhat.com/errata/RHSA-2019:1260 https://access.redhat.com/errata/RHSA-2019:3964 https://access.redhat.com/errata/RHSA-2019:4062 https://github.com/pallets/jinja/commit/9b53045c34e61013dc8f09b7e52a555fa16bed16 https://palletsprojects.com/bl • CWE-134: Use of Externally-Controlled Format String CWE-138: Improper Neutralization of Special Elements •