The vulnerability of the enf_broker process in the system for processing incoming packets on Cisco IOS XR allows a hacker to trigger a service failure.

The vulnerability of the enfbroker process in the Cisco IOS XR operating system’s incoming packet processing function is related to resource management errors. Exploiting this vulnerability can allow a malicious actor to cause service failures...

Microsoft Edge DownloadOperation Sandbox Escape Vulnerability

This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

The vulnerability of Google Chrome browser allows a hacker to bypass the sandboxing protection mechanism.

The vulnerability in the PPAPI implementation of the Google Chrome browser is related to the lack of verification for the source of IPC messages for the plugin process management system. Exploiting this vulnerability allows a malicious actor to bypass the sandboxing mechanism by sending messages...

Microsoft Internet Explorer EditWith Sandbox Escape Vulnerability

This vulnerability allows remote attackers to escape the Application Container and execute code in the context of the logged-in user on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious pag...

(Pwn2Own) Adobe Reader Portfolio Preview Privilege Escalation Vulnerability

This vulnerability allows attackers to elevate privileges on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw occurs within the handling of Portfolio...

Microsoft Internet Explorer DLL Planting Sandbox Escape Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Internet Explorer EPM Sandbox Escape CVE-2014-6350

Posted by James Forshaw This month Microsoft fixed 3 different Internet Explorer Enhanced Protected Mode EPM sandbox escapes which I disclosed in August. Sandboxes are one of the main areas of interest for Project Zero and me in particular as they are choke points for an attacker successfully...

(Pwn2Own) Google Chrome Clipboard Sandbox Escape Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Google Chrome. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of th...

(Pwn2Own) Google Chrome Directory Traversal Sandbox Escape Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Google Chrome. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

Adobe Details Reader Protected Mode Sandbox

Adobe officials have said that the next version of Reader, one of the more popular and oft-targeted applications on the Internet right now, will have a sandboxing feature, and now the company is providing a detailed description of the new Protected Mode addition. Adobe’s Brad Arkin, the director ...