CVSS: 7.6EPSS: 0%CPEs: 3EXPL: 0CVE-2024-51745 – Wasmtime doesn't fully sandbox all the Windows device filenames
https://notcve.org/view.php?id=CVE-2024-51745
05 Nov 2024 — Wasmtime's filesystem sandbox implementation on Windows blocks access to special device filenames such as "COM1", "COM2", "LPT0", "LPT1", and so on, however it did not block access to the special device filenames which use superscript digits, such as "COM¹", "COM²", "LPT⁰", "LPT¹", and so on. Untrusted Wasm programs that are given access to any filesystem directory could bypass the sandbox and access devices through those special device filenames with superscript digits, and through the... • https://en.wikipedia.org/wiki/ISO/IEC_8859-1 • CWE-67: Improper Handling of Windows Device Names CWE-184: Incomplete List of Disallowed Inputs •
CVSS: 8.4EPSS: 0%CPEs: 7EXPL: 0CVE-2024-51481 – Nix allows macOS sandbox escape via built-in builders
https://notcve.org/view.php?id=CVE-2024-51481
31 Oct 2024 — On macOS, built-in builders (such as `builtin:fetchurl`, exposed to users with `import <nix/fetchurl.nix>`) were not executed in the macOS sandbox. Thus, these builders (which are running under the `nixbld*` users) had read access to world-readable paths and write access to world-writable paths outside of the sandbox. ... The Nix sandbox is not primarily intended as a security mechanism, but as an aid to improve reproducibility and purity of Nix builds. • https://github.com/NixOS/nix/commit/597fcc98e18e3178734d06a9e7306250e8cb8d74 • CWE-693: Protection Mechanism Failure •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8923 – Sandbox Escape in Now Platform
https://notcve.org/view.php?id=CVE-2024-8923
29 Oct 2024 — ServiceNow has addressed an input validation vulnerability that was identified in the Now Platform. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. ServiceNow deployed an update to hosted instances and ServiceNow provided the update to our partners and self-hosted customers. Further, the vulnerability is addressed in the listed patches and hot fixes. ServiceNow has addressed an input validation vulnerability that was identified in the ... • https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1706070 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2024-44256 – Apple Security Advisory 10-28-2024-5
https://notcve.org/view.php?id=CVE-2024-44256
28 Oct 2024 — An app may be able to break out of its sandbox. macOS Sonoma 14.7.1 addresses buffer overflow, bypass, information leakage, out of bounds access, out of bounds read, and out of bounds write vulnerabilities. • https://support.apple.com/en-us/121568 •
CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 0CVE-2024-44216 – Apple Security Advisory 10-28-2024-5
https://notcve.org/view.php?id=CVE-2024-44216
28 Oct 2024 — An access issue was addressed with additional sandbox restrictions. ... An app may be able to access user-sensitive data. macOS Sonoma 14.7.1 addresses buffer overflow, bypass, information leakage, out of bounds access, out of bounds read, and out of bounds write vulnerabilities. • https://support.apple.com/en-us/121568 • CWE-922: Insecure Storage of Sensitive Information •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-44270 – Apple Security Advisory 10-28-2024-5
https://notcve.org/view.php?id=CVE-2024-44270
28 Oct 2024 — A sandboxed process may be able to circumvent sandbox restrictions. macOS Sonoma 14.7.1 addresses buffer overflow, bypass, information leakage, out of bounds access, out of bounds read, and out of bounds write vulnerabilities. • https://support.apple.com/en-us/121568 • CWE-863: Incorrect Authorization •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-44122 – Apple Security Advisory 10-28-2024-5
https://notcve.org/view.php?id=CVE-2024-44122
28 Oct 2024 — An application may be able to break out of its sandbox. macOS Sonoma 14.7.1 addresses buffer overflow, bypass, information leakage, out of bounds access, out of bounds read, and out of bounds write vulnerabilities. • https://support.apple.com/en-us/121238 • CWE-693: Protection Mechanism Failure •
CVSS: 9.8EPSS: 54%CPEs: -EXPL: 2CVE-2024-39205 – Pyload RCE (CVE-2024-39205) with js2py sandbox escape (CVE-2024-28397)
https://notcve.org/view.php?id=CVE-2024-39205
28 Oct 2024 — CVE-2024-28397 is a sandbox escape in js2py versions 0.74 and below. js2py is a popular python package that can evaluate javascript code inside a python interpreter. The vulnerability allows for an attacker to obtain a reference to a python object in the js2py environment enabling them to escape the sandbox, bypass pyimport restrictions and execute arbitrary commands on the host. ... This endpoint was designed to only accept connections from localhost but by manipul... • https://github.com/Marven11/CVE-2024-28397-js2py-Sandbox-Escape •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7024
https://notcve.org/view.php?id=CVE-2024-7024
23 Sep 2024 — Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. • https://issues.chromium.org/issues/334120897 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-44132 – Apple Security Advisory 09-16-2024-2
https://notcve.org/view.php?id=CVE-2024-44132
16 Sep 2024 — An app may be able to break out of its sandbox. macOS Sequoia 15 addresses buffer overflow, bypass, cross site scripting, integer overflow, out of bounds access, out of bounds read, out of bounds write, and spoofing vulnerabilities. • https://support.apple.com/en-us/121238 • CWE-61: UNIX Symbolic Link (Symlink) Following •