Page 50 of 584 results (0.145 seconds)

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2020-9825

https://notcve.org/view.php?id=CVE-2020-9825

An access issue was addressed with additional sandbox restrictions. ... A malicious application may be able to bypass Privacy preferences. Se abordó un problema de acceso con restricciones de sandbox adicionales. • https://support.apple.com/HT211168 https://support.apple.com/HT211170 •

CVSS: 10.0EPSS: 1%CPEs: 3EXPL: 0

CVE-2020-12388 – Firefox Default Content Process DACL Sandbox Escape

https://notcve.org/view.php?id=CVE-2020-12388

The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this issue only affects Firefox on Windows operating systems.*. ... Los procesos de contenido de Firefox no bloquearon suficientemente el control de acceso, lo que podría resultar en un escape del sandbox. ... The Firefox content processes do not sufficiently lockdown access control which can result in a sandbox escape. • http://packetstormsecurity.com/files/157860/Firefox-Default-Content-Process-DACL-Sandbox-Escape.html https://bugzilla.mozilla.org/show_bug.cgi? • CWE-20: Improper Input Validation •

CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0

CVE-2020-12389

https://notcve.org/view.php?id=CVE-2020-12389

The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this issue only affects Firefox on Windows operating systems.*. ... Los procesos de contenido de Firefox no bloquearon suficientemente el control de acceso, lo que podría resultar en un escape del sandbox. • https://bugzilla.mozilla.org/show_bug.cgi?id=1554110 https://www.mozilla.org/security/advisories/mfsa2020-16 https://www.mozilla.org/security/advisories/mfsa2020-17 • CWE-20: Improper Input Validation •

CVSS: 9.6EPSS: 0%CPEs: 7EXPL: 1

CVE-2020-6471 – chromium-browser: Insufficient policy enforcement in developer tools

https://notcve.org/view.php?id=CVE-2020-6471

Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. Una aplicación insuficiente de políticas en developer tools en Google Chrome versiones anteriores a 83.0.4103.61, permitió a un atacante que convenció a un usuario de que instalara una extensión maliciosa llevar a cabo potencialmente un escape del sandbox por medio de una Chrome Extension diseñada. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00034.html http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00038.html https://chromereleases.googleblog.com/2020/05/stable-channel-update-for-desktop_19.html https://crbug.com/1059577 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OQYH5OK7O4BU6E37WWG5SEEHV65BFSGR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLFZ5N4EK6I4ZJP5YSKLLVN3ELXEB4XT https://security.g • CWE-276: Incorrect Default Permissions •

CVSS: 9.6EPSS: 0%CPEs: 7EXPL: 0

CVE-2020-6469 – chromium-browser: Insufficient policy enforcement in developer tools

https://notcve.org/view.php?id=CVE-2020-6469

Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. Una aplicación insuficiente de políticas en developer tools en Google Chrome versiones anteriores a la versión 83.0.4103.61, permitió a un atacante que convenció a un usuario de instalar una extensión maliciosa llevar a cabo potencialmente un escape del sandbox por medio de una Extension Chrome especialmente diseñada. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00034.html http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00038.html https://chromereleases.googleblog.com/2020/05/stable-channel-update-for-desktop_19.html https://crbug.com/1067382 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OQYH5OK7O4BU6E37WWG5SEEHV65BFSGR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLFZ5N4EK6I4ZJP5YSKLLVN3ELXEB4XT https://security.g • CWE-276: Incorrect Default Permissions •