CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-0981 – Microsoft Windows NtFilterToken ParentTokenId Incorrect Setting Privilege Escalation
https://notcve.org/view.php?id=CVE-2020-0981
A security feature bypass vulnerability exists when Windows fails to properly handle token relationships.An attacker who successfully exploited the vulnerability could allow an application with a certain integrity level to execute code at a different integrity level, leading to a sandbox escape.The update addresses the vulnerability by correcting how Windows handles token relationships, aka 'Windows Token Security Feature Bypass Vulnerability'. ... Un atacante que explotara con éxito la vulnerabilidad podría permitir que una aplicación con un determinado nivel de integridad ejecute código con un nivel de integridad diferente, conllevando a un escape del sandbox. La actualización aborda la vulnerabilidad al corregir la manera en que Windows maneja las relaciones de token, también se conoce como "Windows Token Security Feature Bypass Vulnerability". • http://packetstormsecurity.com/files/157248/Microsoft-Windows-NtFilterToken-ParentTokenId-Incorrect-Setting-Privilege-Escalation.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0981 • CWE-863: Incorrect Authorization •
CVSS: 8.3EPSS: 0%CPEs: 127EXPL: 0CVE-2020-2803 – OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841)
https://notcve.org/view.php?id=CVE-2020-2803
., code that comes from the internet) and rely on the Java sandbox for security. ... Nota: Esta vulnerabilidad se aplica a las implementaciones de Java, generalmente en clientes que ejecutan aplicaciones Java Web Start dentro del sandbox o applets de Java dentro del sandbox, que cargan y ejecutan código no confiable (por ejemplo, código que proviene de Internet) y confían en el sandbox de Java para la seguridad. ... This flaw allows an untrusted Java application or applet o bypass Java sandbox restrictions. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00048.html https://lists.debian.org/debian-lts-announce/2020/04/msg00024.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CKAV6KFFAEANXAN73AFTGU7Z6YNRWCXQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L7VHC4EW36KZEIDQ56RPCW • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.3EPSS: 0%CPEs: 127EXPL: 0CVE-2020-2805 – OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274)
https://notcve.org/view.php?id=CVE-2020-2805
., code that comes from the internet) and rely on the Java sandbox for security. ... Nota: Esta vulnerabilidad se aplica a las implementaciones de Java, generalmente en clientes que ejecutan aplicaciones Java Web Start dentro del sandbox o applets de Java dentro del sandbox, que cargan y ejecutan código no confiable (por ejemplo, código que proviene de Internet) y confían en el sandbox de Java para la seguridad. ... This flaw allows an untrusted Java application or applet to bypass Java sandbox restrictions. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00048.html https://lists.debian.org/debian-lts-announce/2020/04/msg00024.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CKAV6KFFAEANXAN73AFTGU7Z6YNRWCXQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L7VHC4EW36KZEIDQ56RPCW • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-2134 – jenkins-script-security-plugin: sandbox protection bypass via crafted constructor calls and crafted constructor bodies
https://notcve.org/view.php?id=CVE-2020-2134
Sandbox protection in Jenkins Script Security Plugin 1.70 and earlier could be circumvented through crafted constructor calls and crafted constructor bodies. La protección de Sandbox en Jenkins Script Security Plugin versiones 1.70 y anteriores, podría ser omitida mediante llamadas de constructor diseñadas y cuerpos de constructor diseñados. • http://www.openwall.com/lists/oss-security/2020/03/09/1 https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1754 https://access.redhat.com/security/cve/CVE-2020-2134 https://bugzilla.redhat.com/show_bug.cgi?id=1819091 • CWE-863: Incorrect Authorization •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-2135 – jenkins-script-security-plugin: sandbox protection bypass leads to arbitrary code execution
https://notcve.org/view.php?id=CVE-2020-2135
Sandbox protection in Jenkins Script Security Plugin 1.70 and earlier could be circumvented through crafted method calls on objects that implement GroovyInterceptable. La protección de Sandbox en Jenkins Script Security Plugin versiones 1.70 y anteriores, podría ser omitida mediante llamadas de método diseñadas sobre objetos que implementan GroovyInterceptable. • http://www.openwall.com/lists/oss-security/2020/03/09/1 https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1754 https://access.redhat.com/security/cve/CVE-2020-2135 https://bugzilla.redhat.com/show_bug.cgi?id=1819078 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-863: Incorrect Authorization •