4 matches found
The vulnerability of the interpreter for Ghostscript software, which handles the processing, conversion, and generation of documents, relates to the execution of operations beyond the buffer boundaries in memory. This vulnerability allows an attacker to escape from the isolated software environment.
The vulnerability of the interpreter for software used to process, transform, and generate Ghostscript documents is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to escape from the isolated software environment...
Arbitrary Code Execution
October is vulnerable to arbitrary code execution. An authenticated backend user with cms.managepages, cms.managelayouts, or cms.managepartials permissions is allowed to write malicious Twig code leading to an escape from sandbox even if cms.enableSafeMode is set...
CVE-2019-11460
An issue was discovered in GNOME gnome-desktop 3.26, 3.28, and 3.30 prior to 3.30.2.2, and 3.32 prior to 3.32.1.1. A compromised thumbnailer may escape the bubblewrap sandbox used to confine thumbnailers by using the TIOCSTI ioctl to push characters into the input buffer of the thumbnailer's...
SolarWinds Log and Event Manager < 6.3.1 Hotfix 3 Jailbreak and Privilege Escalation
According to its self-reported version number, the SolarWinds Log and Event Manager installed on the remote host is prior to version 6.3.1 Hotfix 3. It is, therefore, affected by multiple vulnerabilities : - Due to the program setting insecure permissions for management scripts, a remote attacker...