CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-18603
https://notcve.org/view.php?id=CVE-2018-18603
360 Total Security 3.5.0.1033 allows a Sandbox Escape via an "import os" statement, followed by os.system("CMD") or os.system("PowerShell"), within a .py file. NOTE: the vendor's position is that this cannot be categorized as a vulnerability, although it is a security-related issue ** EN DISPUTA ** 360 Total Security 3.5.0.1033 permite el escape del sandbox mediante una instrucción "import os", seguida por os.system ("CMD") u os.system("PowerShell"), en un archivo .py. • https://exchange.xforce.ibmcloud.com/vulnerabilities/151867 https://github.com/sandboxescape/360-3.5.0.1033-Sandbox-Escape-Exploit •
CVSS: 8.6EPSS: 0%CPEs: 17EXPL: 1CVE-2018-18284 – ghostscript: 1Policy operator allows a sandbox protection bypass
https://notcve.org/view.php?id=CVE-2018-18284
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator. Artifex Ghostscript 9.25 y anteriores permite que los atacantes omitan un mecanismo de protección de sandbox mediante vectores relacionados con el operador 1Policy. • http://git.ghostscript.com/?p=ghostpdl.git%3Bh=8d19fdf63f91f50466b08f23e2d93d37a4c5ea0b http://www.openwall.com/lists/oss-security/2018/10/16/2 http://www.securityfocus.com/bid/107451 https://access.redhat.com/errata/RHSA-2018:3834 https://bugs.chromium.org/p/project-zero/issues/detail?id=1696 https://bugs.ghostscript.com/show_bug.cgi?id=699963 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101 https://lists.debian.org/debian-lts-announce/2018/10/msg00013.html https:&#x •
CVSS: 8.6EPSS: 0%CPEs: 13EXPL: 3CVE-2018-17961 – ghostscript - executeonly Bypass with errorhandler Setup
https://notcve.org/view.php?id=CVE-2018-17961
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. ... Artifex Ghostscript 9.25 y anteriores permite que los atacantes omitan un mecanismo de protección de sandbox mediante vectores relacionados con la configuración de errorhandler. ... Ghostscript suffers from an executeonly bypass with errorhandler setup. • https://www.exploit-db.com/exploits/45573 https://github.com/matlink/CVE-2018-17961 http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=a54c9e61e7d0 http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=a5a9bf8c6a63 http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=a6807394bd94 http://www.openwall.com/lists/oss-security/2018/10/09/4 https://access.redhat.com/errata/RHSA-2018:3834 https://bugs.chromium.org/p/project-zero/issues/detail?id=1682&desc& • CWE-209: Generation of Error Message Containing Sensitive Information CWE-460: Improper Cleanup on Thrown Exception •
CVSS: 7.5EPSS: 0%CPEs: 13EXPL: 0CVE-2018-18073 – ghostscript: Saved execution stacks can leak operator arrays
https://notcve.org/view.php?id=CVE-2018-18073
Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object. Artifex Ghostscript permite que los atacantes omitan un mecanismo de protección de sandbox aprovechando la exposición de los operadores del sistema en la pila de ejecución guardada en un objeto error. • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=34cc326eb2c5695833361887fe0b32e8d987741c http://packetstormsecurity.com/files/149758/Ghostscript-Exposed-System-Operators.html http://www.openwall.com/lists/oss-security/2018/10/10/12 https://access.redhat.com/errata/RHSA-2018:3834 https://bugs.chromium.org/p/project-zero/issues/detail?id=1690 https://bugs.ghostscript.com/show_bug.cgi?id=699927 https://lists.debian.org/debian-lts-announce/2018/10/msg00013.html https://usn.ubuntu.com/ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-460: Improper Cleanup on Thrown Exception •
CVSS: 7.4EPSS: 0%CPEs: 2EXPL: 1CVE-2018-8463 – Microsoft Edge - Sandbox Escape
https://notcve.org/view.php?id=CVE-2018-8463
An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser, aka "Microsoft Edge Elevation of Privilege Vulnerability." ... Existe una vulnerabilidad de elevación de privilegios en Microsoft Edge que podría permitir que un atacante escape del sandbox AppContainer en el navegador. ... Microsoft Edge suffers from a sandbox escape vulnerability. • https://www.exploit-db.com/exploits/45502 http://www.securityfocus.com/bid/105260 http://www.securitytracker.com/id/1041623 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8463 •