CVSS: 10.0EPSS: 67%CPEs: 1EXPL: 1CVE-2024-28185 – Judge0 vulnerable to Sandbox Escape via Symbolic Link
https://notcve.org/view.php?id=CVE-2024-28185
18 Apr 2024 — The application does not account for symlinks placed inside the sandbox directory, which can be leveraged by an attacker to write to arbitrary files and gain code execution outside of the sandbox. When executing a submission, Judge0 writes a `run_script` to the sandbox directory. ... An attacker can leverage this vulnerability to overwrite scripts on the system and gain code execution outside of the sandbox. ... Al ejecutar un envío, Judge0 escribe un `run_script` en el directori... • https://packetstorm.news/files/id/182718 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-61: UNIX Symbolic Link (Symlink) Following •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3157 – Debian Security Advisory 5656-1
https://notcve.org/view.php?id=CVE-2024-3157
10 Apr 2024 — Out of bounds memory access in Compositing in Google Chrome prior to 123.0.6312.122 allowed a remote attacker who had compromised the GPU process to potentially perform a sandbox escape via specific UI gestures. • https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_10.html • CWE-787: Out-of-bounds Write •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 2CVE-2024-2839 – Colibri Page Builder <= 1.0.263 - Authenticated (Contributor+) Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2024-2839
01 Apr 2024 — The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'colibri_post_title' shortcode in all versions up to, and including, 1.0.263 due to insufficient input sanitization and output escaping on user supplied attributes such as 'heading_type'. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. El complemento Colibr... • https://github.com/Marven11/CVE-2024-28397-js2py-Sandbox-Escape • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.6EPSS: 0%CPEs: 7EXPL: 0CVE-2023-42947
https://notcve.org/view.php?id=CVE-2023-42947
28 Mar 2024 — An app may be able to break out of its sandbox. • https://support.apple.com/en-us/HT214035 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 0%CPEs: 32EXPL: 0CVE-2024-29944 – Mozilla Firefox Exposed Dangerous Function Sandbox Escape Vulnerability
https://notcve.org/view.php?id=CVE-2024-29944
22 Mar 2024 — This vulnerability allows remote attackers to escape the sandbox on affected installations of Mozilla Firefox. ... An attacker can leverage this vulnerability to escape the sandbox and execute arbitrary code in the context of the current user at medium integrity. • http://www.openwall.com/lists/oss-security/2024/03/23/1 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-830: Inclusion of Web Functionality from an Untrusted Source •
CVSS: 9.0EPSS: 57%CPEs: 1EXPL: 5CVE-2024-28116 – Server-Side Template Injection (SSTI) with Grav CMS security sandbox bypass
https://notcve.org/view.php?id=CVE-2024-28116
21 Mar 2024 — Grav CMS prior to version 1.7.45 is vulnerable to a Server-Side Template Injection (SSTI), which allows any authenticated user (editor permissions are sufficient) to execute arbitrary code on the remote server bypassing the existing security sandbox. • https://packetstorm.news/files/id/182033 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine •
CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-27102 – Improper isolation of server file access in github.com/pterodactyl/wings
https://notcve.org/view.php?id=CVE-2024-27102
13 Mar 2024 — The full scope of impact is exactly unknown, but reading files outside of a server's base directory (sandbox root) is possible. • https://github.com/pterodactyl/wings/commit/d1c0ca526007113a0f74f56eba99511b4e989287 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-363: Race Condition Enabling Link Following •
CVSS: 6.4EPSS: 0%CPEs: 4EXPL: 0CVE-2024-27297 – Nix Corruption of fixed-output derivations
https://notcve.org/view.php?id=CVE-2024-27297
11 Mar 2024 — It was discovered that insufficient restriction of unix daemon sockets in the GNU Guix functional package manager could result in sandbox bypass. • https://github.com/NixOS/nix/commit/f8170ce9f119e5e6724eb81ff1b5a2d4c0024000 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 8.6EPSS: 0%CPEs: 5EXPL: 0CVE-2024-23278 – Apple Security Advisory 03-07-2024-2
https://notcve.org/view.php?id=CVE-2024-23278
08 Mar 2024 — An app may be able to break out of its sandbox. ... Es posible que una aplicación pueda salir de su zona de pruebas. macOS Sonoma 14.4 addresses buffer overflow, bypass, code execution, out of bounds read, out of bounds write, and spoofing vulnerabilities. • http://seclists.org/fulldisclosure/2024/Mar/21 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 0%CPEs: 5EXPL: 0CVE-2024-0258 – Apple Security Advisory 03-07-2024-2
https://notcve.org/view.php?id=CVE-2024-0258
08 Mar 2024 — An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges. ... Es posible que una aplicación pueda ejecutar código arbitrario fuera de su zona de pruebas o con ciertos privilegios elevados. macOS Sonoma 14.4 addresses buffer overflow, bypass, code execution, out of bounds read, out of bounds write, and spoofing vulnerabilities. • http://seclists.org/fulldisclosure/2024/Mar/21 • CWE-284: Improper Access Control •