CVSS: 8.8EPSS: 2%CPEs: 4EXPL: 1CVE-2017-7047 – Apple macOS/iOS - 'xpc_data' Objects Sandbox Escape Privilege Escalation
https://notcve.org/view.php?id=CVE-2017-7047
Permite a los atacantes ejecutar código arbitrario en un contexto privilegiado o provocar una denegación de servicio (corrupción de memoria) por medio de una aplicación creada. macOS and iOS sandbox escapes and privilege escalation vulnerabilities exist due to unexpected shared memory-backed xpc_data objects. • https://www.exploit-db.com/exploits/42407 http://www.securityfocus.com/bid/99883 http://www.securitytracker.com/id/1038950 https://support.apple.com/HT207922 https://support.apple.com/HT207923 https://support.apple.com/HT207924 https://support.apple.com/HT207925 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.1EPSS: 0%CPEs: 46EXPL: 0CVE-2017-10078 – OpenJDK: Nashorn incompletely blocking access to Java APIs (Scripting, 8171539)
https://notcve.org/view.php?id=CVE-2017-10078
Nota: Esta vulnerabilidad puede ser explotada mediante aplicaciones Java Web Start en sandbox y applets Java en sandbox. También puede ser explotada proporcionando datos a las API en los componentes especificados sin emplear aplicaciones Java Web Start en sandbox o applets Java en sandbox, como a través de un servicio web. ... An untrusted JavaScript executed by Nashorn could use this flaw to bypass intended restrictions. • http://www.debian.org/security/2017/dsa-3919 http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html http://www.securityfocus.com/bid/99752 http://www.securitytracker.com/id/1038931 https://access.redhat.com/errata/RHSA-2017:1789 https://access.redhat.com/errata/RHSA-2017:1790 https://access.redhat.com/errata/RHSA-2017:2469 https://access.redhat.com/errata/RHSA-2017:3453 https://cert.vde.com/en-us/advisories/vde-2017-002 https://security.gentoo.org/g •
CVSS: 6.5EPSS: 0%CPEs: 13EXPL: 0CVE-2017-3080 – Adobe Flash BrokerCreateFile Broker Method Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2017-3080
Adobe Flash Player versions 26.0.0.131 and earlier have a security bypass vulnerability related to the Flash API used by Internet Explorer. ... This vulnerability allows remote attackers to bypass the Enhanced Protected Mode sandbox of vulnerable installations of Adobe Flash Player and disclose file contents. • http://www.securityfocus.com/bid/99519 http://www.securitytracker.com/id/1038845 https://access.redhat.com/errata/RHSA-2017:1731 https://helpx.adobe.com/security/products/flash-player/apsb17-21.html https://security.gentoo.org/glsa/201707-15 https://access.redhat.com/security/cve/CVE-2017-3080 https://bugzilla.redhat.com/show_bug.cgi?id=1469763 •
CVSS: 9.6EPSS: 1%CPEs: 9EXPL: 0CVE-2017-5087 – chromium-browser: sandbox escape in indexeddb
https://notcve.org/view.php?id=CVE-2017-5087
A use after free in Blink in Google Chrome prior to 59.0.3071.104 for Mac, Windows, and Linux, and 59.0.3071.117 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page, aka an IndexedDB sandbox escape. ... Esto también se conoce como escape de espacio aislado o sandbox IndexedDB. • http://www.debian.org/security/2017/dsa-3926 http://www.securityfocus.com/bid/99096 http://www.securitytracker.com/id/1038765 https://access.redhat.com/errata/RHSA-2017:1495 https://chromereleases.googleblog.com/2017/06/stable-channel-update-for-desktop_15.html https://crbug.com/725032 https://security.gentoo.org/glsa/201706-20 https://access.redhat.com/security/cve/CVE-2017-5087 https://bugzilla.redhat.com/show_bug.cgi?id=1462148 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6986
https://notcve.org/view.php?id=CVE-2017-6986
It allows attackers to conduct sandbox-escape attacks or cause a denial of service (memory corruption) via a crafted app. • http://www.securitytracker.com/id/1038484 https://support.apple.com/HT207797 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •