CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-18603
https://notcve.org/view.php?id=CVE-2018-18603
360 Total Security 3.5.0.1033 allows a Sandbox Escape via an "import os" statement, followed by os.system("CMD") or os.system("PowerShell"), within a .py file. • https://exchange.xforce.ibmcloud.com/vulnerabilities/151867 https://github.com/sandboxescape/360-3.5.0.1033-Sandbox-Escape-Exploit •
CVSS: 7.4EPSS: 0%CPEs: 7EXPL: 1CVE-2018-8469 – Microsoft Edge - Sandbox Escape
https://notcve.org/view.php?id=CVE-2018-8469
Microsoft Edge suffers from a sandbox escape vulnerability. • https://www.exploit-db.com/exploits/45502 http://www.securityfocus.com/bid/105263 http://www.securitytracker.com/id/1041623 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8469 •
CVSS: 7.4EPSS: 0%CPEs: 2EXPL: 1CVE-2018-8463 – Microsoft Edge - Sandbox Escape
https://notcve.org/view.php?id=CVE-2018-8463
Microsoft Edge suffers from a sandbox escape vulnerability. • https://www.exploit-db.com/exploits/45502 http://www.securityfocus.com/bid/105260 http://www.securitytracker.com/id/1041623 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8463 •
CVSS: 4.7EPSS: 0%CPEs: 15EXPL: 1CVE-2018-8468 – Microsoft Edge - Sandbox Escape
https://notcve.org/view.php?id=CVE-2018-8468
An elevation of privilege vulnerability exists when Windows, allowing a sandbox escape, aka "Windows Elevation of Privilege Vulnerability." ... Microsoft Edge suffers from a sandbox escape vulnerability. • https://www.exploit-db.com/exploits/45502 http://www.securityfocus.com/bid/105275 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8468 •
CVSS: 9.6EPSS: 1%CPEs: 5EXPL: 0CVE-2018-16068 – chromium-browser: Out of bounds write in Mojo
https://notcve.org/view.php?id=CVE-2018-16068
Missing validation in Mojo in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. • http://www.securityfocus.com/bid/105215 https://access.redhat.com/errata/RHSA-2018:2666 https://chromereleases.googleblog.com/2018/09/stable-channel-update-for-desktop.html https://crbug.com/877182 https://security.gentoo.org/glsa/201811-10 https://www.debian.org/security/2018/dsa-4289 https://access.redhat.com/security/cve/CVE-2018-16068 https://bugzilla.redhat.com/show_bug.cgi?id=1625470 • CWE-20: Improper Input Validation •