859 results (0.048 seconds)

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

09 Jun 2025 — The Sandbox container (fastgpt-sandbox) is a specialized, isolated environment used by FastGPT to safely execute user-submitted or dynamically generated code in isolation. The sandbox before version 4.9.11 has insufficient isolation and inadequate restrictions on code execution by allowing overly permissive syscalls, which allows attackers to escape the intended sandbox boundaries. Attackers could exploit this to read and overwrite arbitrary files and bypass Python module ... • https://github.com/labring/FastGPT/pkgs/container/fastgpt-sandbox • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

03 Jun 2025 — Prior to version 1.10.8-lts, Sandbox only restricts the execution permissions of binary files in common directories, such as `/bin,/usr/bin`, etc. • https://github.com/1Panel-dev/MaxKB/commit/187e9c1e4ea1ebb6864c5bf61558c42f2fc6c005 • CWE-276: Incorrect Default Permissions •

CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0

15 May 2025 — On WAMR running in Windows, creating a symlink pointing outside of the preopened directory and subsequently opening it with create flag will create a file on host outside of the sandbox. • https://github.com/bytecodealliance/wasm-micro-runtime/security/advisories/GHSA-8fc8-4g25-c8m7 • CWE-61: UNIX Symbolic Link (Symlink) Following •

CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0

14 May 2025 — This can result in sandbox bypass. Version 0.8.4 fixes the issue. • https://github.com/bullfrogsec/bullfrog/commit/ae7744ae4b3a6f8ffc2e49f501e30bf1a43d4671 • CWE-201: Insertion of Sensitive Information Into Sent Data •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

30 Apr 2025 — Tesla Model S Iris Modem QCMAP_ConnectionManager Improper Input Validation Sandbox Escape Vulnerability. This vulnerability allows local attackers to escape the sandbox on affected affected Tesla Model S vehicles. ... This vulnerability allows local attackers to escape the sandbox on affected affected Tesla Model S vehicles. • https://www.zerodayinitiative.com/advisories/ZDI-25-262 • CWE-20: Improper Input Validation •

CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0

30 Apr 2025 — Tesla Model S oFono Unnecessary Privileges Sandbox Escape Vulnerability. This vulnerability allows local attackers to escape the sandbox on affected Tesla Model S vehicles. This vulnerability allows local attackers to escape the sandbox on affected Tesla Model S vehicles. ... An attacker can leverage this vulnerability to bypass the iptables network sandbox. An attacker can leverage this vulnerability to bypass the iptables network sandbox. ... • https://www.zerodayinitiative.com/advisories/ZDI-25-263 • CWE-250: Execution with Unnecessary Privileges •

CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0

29 Apr 2025 — Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or a bypass of sandbox restrictions. • https://bugzilla.mozilla.org/show_bug.cgi?id=1894100 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0

29 Apr 2025 — Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or a bypass of sandbox restrictions. • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1951161%2C1952105 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 7.6EPSS: 0%CPEs: 6EXPL: 0

29 Apr 2025 — Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or a bypass of sandbox restrictions. • https://bugzilla.mozilla.org/show_bug.cgi?id=1952465 • CWE-125: Out-of-bounds Read •

CVSS: 9.4EPSS: 0%CPEs: 6EXPL: 0

29 Apr 2025 — A process isolation vulnerability in Firefox stemmed from improper handling of javascript: URIs, which could allow content to execute in the top-level document's process instead of the intended frame, potentially enabling a sandbox escape. This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Firefox ESR < 115.23, Thunderbird < 138, and Thunderbird ESR < 128.10. A process isolation vulnerability in Thunderbird stemmed from improper handling of javascript: URIs, which could all... • https://bugzilla.mozilla.org/show_bug.cgi?id=1958350 • CWE-653: Improper Isolation or Compartmentalization •