CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2016-7630 – Apple iOS legacy-diagnostics Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2016-7630
The issue involves the "WebSheet" component, which allows attackers to bypass a sandbox protection mechanism via unspecified vectors. ... The issue lies in the launching of a diagnostic application that is able to render webpages outside of the sandbox. An attacker can leverage this vulnerability to escalate privileges outside the context of the sandbox. • https://support.apple.com/HT207422 • CWE-254: 7PK - Security Features •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4617
https://notcve.org/view.php?id=CVE-2016-4617
The issue involves a sandbox escape related to launchctl process spawning in the "libxpc" component. ... El problema involucra una fuga de sandbox relacionada con la generación de procesos launchctl en el componente "libxpc". • http://www.securityfocus.com/bid/96329 https://support.apple.com/HT207170 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-5940
https://notcve.org/view.php?id=CVE-2017-5940
Firejail before 0.9.44.6 and 0.9.38.x LTS before 0.9.38.10 LTS does not comprehensively address dotfile cases during its attempt to prevent accessing user files with an euid of zero, which allows local users to conduct sandbox-escape attacks via vectors involving a symlink and the --private option. • http://www.openwall.com/lists/oss-security/2017/01/31/16 http://www.securityfocus.com/bid/96221 https://firejail.wordpress.com/download-2/release-notes https://github.com/netblue30/firejail/commit/38d418505e9ee2d326557e5639e8da49c298858f https://github.com/netblue30/firejail/commit/903fd8a0789ca3cc3c21d84cd0282481515592ef https://github.com/netblue30/firejail/commit/b8a4ff9775318ca5e679183884a6a63f3da8f863 https://security.gentoo.org/glsa/201702-03 • CWE-269: Improper Privilege Management •
CVSS: 7.5EPSS: 0%CPEs: 19EXPL: 0CVE-2016-3102
https://notcve.org/view.php?id=CVE-2016-3102
The Script Security plugin before 1.18.1 in Jenkins might allow remote attackers to bypass a Groovy sandbox protection mechanism via a plugin that performs (1) direct field access or (2) get/set array operations. El plugin Script Security en versiones anteriores a 1.18.1 en Jenkins podría permitir a atacantes remotos eludir el mecanismo de protección sandbox de Groovy a través del plugin que realiza (1) acceso directo al campo o (2) operaciones de array get/set. • https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-04-11 • CWE-254: 7PK - Security Features •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2017-5180 – Firejail < 0.9.44.4 / < 0.9.38.8 LTS - Local Sandbox Escape
https://notcve.org/view.php?id=CVE-2017-5180
Firejail before 0.9.44.4 and 0.9.38.x LTS before 0.9.38.8 LTS does not consider the .Xauthority case during its attempt to prevent accessing user files with an euid of zero, which allows local users to conduct sandbox-escape attacks via vectors involving a symlink and the --private option. • https://www.exploit-db.com/exploits/43359 http://openwall.com/lists/oss-security/2017/01/04/2 http://www.securityfocus.com/bid/95298 https://firejail.wordpress.com/download-2/release-notes https://security.gentoo.org/glsa/201701-62 • CWE-862: Missing Authorization •