CVSS: 4.7EPSS: 0%CPEs: 15EXPL: 1CVE-2018-8468 – Microsoft Edge - Sandbox Escape
https://notcve.org/view.php?id=CVE-2018-8468
An elevation of privilege vulnerability exists when Windows, allowing a sandbox escape, aka "Windows Elevation of Privilege Vulnerability." ... Existe una vulnerabilidad de elevación de privilegios en Windows que permite un escape del sandbox. ... Microsoft Edge suffers from a sandbox escape vulnerability. • https://www.exploit-db.com/exploits/45502 http://www.securityfocus.com/bid/105275 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8468 •
CVSS: 7.4EPSS: 0%CPEs: 7EXPL: 1CVE-2018-8469 – Microsoft Edge - Sandbox Escape
https://notcve.org/view.php?id=CVE-2018-8469
An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser, aka "Microsoft Edge Elevation of Privilege Vulnerability." ... Existe una vulnerabilidad de elevación de privilegios en Microsoft Edge que podría permitir que un atacante escape del sandbox AppContainer en el navegador. ... Microsoft Edge suffers from a sandbox escape vulnerability. • https://www.exploit-db.com/exploits/45502 http://www.securityfocus.com/bid/105263 http://www.securitytracker.com/id/1041623 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8469 •
CVSS: 9.6EPSS: 1%CPEs: 5EXPL: 0CVE-2018-16068 – chromium-browser: Out of bounds write in Mojo
https://notcve.org/view.php?id=CVE-2018-16068
Missing validation in Mojo in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Falta de validación en Mojo en Google Chrome en versiones anteriores a la 69.0.3497.81 permitía que un atacante remoto realizase un escape del sandbox mediante una página HTML manipulada. • http://www.securityfocus.com/bid/105215 https://access.redhat.com/errata/RHSA-2018:2666 https://chromereleases.googleblog.com/2018/09/stable-channel-update-for-desktop.html https://crbug.com/877182 https://security.gentoo.org/glsa/201811-10 https://www.debian.org/security/2018/dsa-4289 https://access.redhat.com/security/cve/CVE-2018-16068 https://bugzilla.redhat.com/show_bug.cgi?id=1625470 • CWE-20: Improper Input Validation •
CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 1CVE-2018-16367
https://notcve.org/view.php?id=CVE-2018-16367
In OnlineJudge 2.0, the sandbox has an incorrect access control vulnerability that can write a file anywhere. ... En OnlineJudge 2.0, el sandbox tiene una vulnerabilidad de control de acceso incorrecto que puede escribir un archivo en cualquier parte. • https://github.com/QingdaoU/OnlineJudge/issues/165 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.3EPSS: 0%CPEs: 13EXPL: 0CVE-2018-8357
https://notcve.org/view.php?id=CVE-2018-8357
An elevation of privilege vulnerability exists in Microsoft browsers allowing sandbox escape, aka "Microsoft Browser Elevation of Privilege Vulnerability." ... Existe una vulnerabilidad de elevación de privilegios en los navegadores de Microsoft que permite escaparse del sandbox. • http://www.securityfocus.com/bid/105022 http://www.securitytracker.com/id/1041457 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8357 •