CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-6055 – chromium-browser: Insufficient policy enforcement in Catalog Service
https://notcve.org/view.php?id=CVE-2018-6055
Insufficient policy enforcement in Catalog Service in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially run arbitrary code outside sandbox via a crafted HTML page. Aplicación de políticas insuficiente en Catalog Service en Google Chrome en versiones anteriores a la 64.0.3282.119 permitía que un atacante remoto ejecutase código arbitrario fuera del sandbox mediante una página HTML manipulada. Chromium suffers from a sandbox escape vulnerability via an exposed filesystem::mojom::Directory mojo interface in the catalog service. • http://www.securityfocus.com/bid/105516 https://chromereleases.googleblog.com/2018/01/stable-channel-update-for-desktop_24.html https://crbug.com/791003 https://access.redhat.com/security/cve/CVE-2018-6055 https://bugzilla.redhat.com/show_bug.cgi?id=1633393 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 68EXPL: 0CVE-2017-1000483
https://notcve.org/view.php?id=CVE-2017-1000483
Accessing private content via str.format in through-the-web templates and scripts in Plone 2.5-5.1rc1. This improves an earlier hotfix. Since the format method was introduced in Python 2.6, this part of the hotfix is only relevant for Plone 4 and 5. Acceso a contenido privado mediante str.format plantillas y scripts a través de la web en Plone 2.5-5.1rc1. Esto mejora un hotfix anterior. • https://plone.org/security/hotfix/20171128/sandbox-escape •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2017-12340
https://notcve.org/view.php?id=CVE-2017-12340
The vulnerability is due to insufficient sanitization of user-supplied parameters that are passed to certain functions of the Python scripting sandbox of the affected system. An attacker could exploit this vulnerability to escape the scripting sandbox and enter the Bash shell of the operating system with the privileges of the authenticated user for the affected system. ... La vulnerabilidad se debe a la sanitización insuficiente de parámetros proporcionados por el usuario que se pasan a algunas funciones del sandbox de scripting de Python del dispositivo afectado. Un atacante podría explotar esta vulnerabilidad para escapar la sandbox de scripting y ejecutar el shell Bash del sistema operativo con los privilegios del usuario autenticado para el sistema afectado. • http://www.securityfocus.com/bid/102069 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-switch • CWE-116: Improper Encoding or Escaping of Output CWE-284: Improper Access Control •
CVSS: 4.6EPSS: 0%CPEs: 7EXPL: 0CVE-2017-12336
https://notcve.org/view.php?id=CVE-2017-12336
A vulnerability in the TCL scripting subsystem of Cisco NX-OS System Software could allow an authenticated, local attacker to escape the interactive TCL shell and gain unauthorized access to the underlying operating system of the device. ... An attacker could exploit this vulnerability to escape the scripting sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user. ... Una vulnerabilidad en el subsistema de scripting TCL de Cisco NX-OS System Software podría permitir que un atacante local autenticado escape el shell TCL interactivo y obtenga acceso no autorizado al sistema operativo subyacente del dispositivo. ... Un atacante podría explotar esta vulnerabilidad para escapar la sandbox de scripting y ejecutar comandos arbitrarios en el sistema operativo en el que se ejecuta con los privilegios del usuario autenticado. • http://www.securityfocus.com/bid/102168 http://www.securitytracker.com/id/1039936 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-nxos5 • CWE-20: Improper Input Validation •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2016-10702
https://notcve.org/view.php?id=CVE-2016-10702
Pebble Smartwatch devices through 4.3 mishandle UUID storage, which allows attackers to read an arbitrary application's flash storage, and access an arbitrary application's JavaScript instance, by modifying a UUID value within the header of a crafted application binary. Los dispositivos Pebble Smartwatch hasta la versión 4.3 gestionan el almacenamiento UUID de manera incorrecta. Esto permite que atacantes lean el almacenamiento flash de una aplicación arbitraria y accedan a la instancia JavaScript de una aplicación arbitraria modificando un valor UUID en la cabecera de un binario de aplicación manipulado. • https://blog.fletchto99.com/2016/november/pebble-app-sandbox-escape • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •