CVSS: 9.6EPSS: 0%CPEs: 2EXPL: 0CVE-2017-15402
https://notcve.org/view.php?id=CVE-2017-15402
Using an ID that can be controlled by a compromised renderer which allows any frame to overwrite the page_state of any other frame in the same process in Navigation in Google Chrome on Chrome OS prior to 62.0.3202.74 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. La utilización de un identificador que puede ser controlado por un renderizador que permite a cualquier trama sobreescribir el parámetro page_state de cualquier otra trama en el mismo proceso en "Navigation" en Google Crome en Chrome OS, en versiones anteriores a la 62.0.3202.74, permitió a un atacante remoto, que había comprometido el proceso del renderizador, realizar un sandbox esape mediante una página HTML manipulada. • https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-chrome-os_27.html https://crbug.com/766262 • CWE-20: Improper Input Validation •
CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 1CVE-2018-18555
https://notcve.org/view.php?id=CVE-2018-18555
A sandbox escape issue was discovered in VyOS 1.1.8. ... Se ha descubierto un problema de escape del sandbox en VyOS 1.1.8. • https://blog.vyos.io/the-operator-level-is-proved-insecure-and-will-be-removed-in-the-next-releases • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-1000865
https://notcve.org/view.php?id=CVE-2018-1000865
A sandbox bypass vulnerability exists in Script Security Plugin 1.47 and earlier in groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM, if plugins using the Groovy sandbox are installed. Existe una vulnerabilidad de omisión de sandbox en Script Security Plugin 1.47 y anteriores en groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java que permite que los atacantes con permiso Job/Configure ejecuten código arbitrario en el maestro JVM de Jenkins, si están instalados los plugins que emplean el sandbox de Groovy. • https://access.redhat.com/errata/RHBA-2019:0326 https://access.redhat.com/errata/RHBA-2019:0327 https://jenkins.io/security/advisory/2018-10-29/#SECURITY-1186 • CWE-269: Improper Privilege Management •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-1000866
https://notcve.org/view.php?id=CVE-2018-1000866
A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.59 and earlier in groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java, groovy-cps/lib/src/main/java/com/cloudbees/groovy/cps/SandboxCpsTransformer.java that allows attackers with Job/Configure permission, or unauthorized attackers with SCM commit privileges and corresponding pipelines based on Jenkinsfiles set up in Jenkins, to execute arbitrary code on the Jenkins master JVM Existe una vulnerabilidad de omisión del sandbox en Pipeline: Groovy Plugin 2.59 y anteriores en groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java y groovy-cps/lib/src/main/java/com/cloudbees/groovy/cps/SandboxCpsTransformer.java que permite que los atacantes con el permiso Job/Configure, o atacantes no autorizados con privilegios del commit SCM y las pipelines basadas en Jenkinsfiles establecidas en Jenkins, ejecuten código arbitrario en el maestro JVM de Jenkins. • https://access.redhat.com/errata/RHBA-2019:0326 https://access.redhat.com/errata/RHBA-2019:0327 https://jenkins.io/security/advisory/2018-10-29/#SECURITY-1186 • CWE-269: Improper Privilege Management •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2018-18748
https://notcve.org/view.php?id=CVE-2018-18748
Sandboxie 5.26 allows a Sandbox Escape via an "import os" statement, followed by os.system("cmd") or os.system("powershell"), within a .py file. NOTE: the vendor disputes this issue because the observed behavior is consistent with the product's intended functionality ** EN DISPUTA ** Sandboxie 5.26 permite el escape del sandbox mediante una instrucción "import os", seguida por os.system("cmd") u os.system("powershell"), en un archivo .py. • https://github.com/sandboxescape/Sandboxie-5.26-Sandbox-Escape-Exploit https://github.com/sandboxescape/Sandboxie-5.26-Sandbox-Escape-Exploit/blob/2632a5f7409e52b2e020f5d4467fa019f9095e73/README.doc •