63 matches found
CVE-2026-34208 SandboxJS: Sandbox integrity escape
SandboxJS is a JavaScript sandboxing library. Prior to 0.8.36, SandboxJS blocks direct assignment to global objects for example Math.random = ..., but this protection can be bypassed through an exposed callable constructor path: this.constructor.calltarget, attackerObject. Because this.constructo...
SandboxJS 安全漏洞
SandboxJS is a security assessment tool developed by nyariv. Versions of SandboxJS prior to 0.8.36 contained security vulnerabilities; these vulnerabilities stemmed from the ability to bypass global object protection through constructor paths, potentially allowing modification of host global obje...
CVE-2025-36192 Missing Authorization with the DS8900F and DS8A00 Hardware Management Console
IBM DS8A00 R10.1 10.10.106.0 and IBM DS8A00 R10.0 10.1.3.010.2.45.0 and IBM DS8900F R9.4 89.40.83.089.42.18.089.44.5.0 IBM System Storage DS8000 could allow a local user with authorized CCW update permissions to delete or corrupt backups due to missing authorization in IBM Safeguarded Copy / GDPS...
EUVD-2017-8840
Malware in sbrugna...
EUVD-2014-3462
Malware in sbrugna...
EUVD-2009-4184
Malware in sbrugna...
EUVD-2018-18083
Malware in sbrugna...
EUVD-2018-18082
Malware in sbrugna...
EUVD-2017-8841
Malware in sbrugna...
Panda Security多款产品 代码问题漏洞
Panda Security Antivirus and others are products of the Spanish company Panda Security.Panda Security Antivirus is a suite of antivirus programs.Panda Security Internet Security is a suite of cloud-based antivirus programs. Panda Security Free Antivirus is a free antivirus program. A security...
CVE-2017-17684
Panda Global Protection 17.0.1 allows a system crash via a 0xb3702c04 \\.\PSMEMDriver DeviceIoControl request...
CVE-2017-17683
Panda Global Protection 17.0.1 allows a system crash via a 0xb3702c44 \\.\PSMEMDriver DeviceIoControl request...
A refresher on Talos’ open-source tools and the importance of the open-source community
Open-source software that is free to download, deploy and modify is a vital component in the fight for cyber security. Freely available software not only helps defend systems that would otherwise be unprotected, but it also allows people to learn and develop vital cybersecurity skills. In this...
Panda Global Protection <= 17.0.1 Multiple Vulnerabilities
Panda Global Protection is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
Panda Global Protection Unquoted Windows Search Path Vulnerability
Panda Global Protection is a suite of antivirus software from the Spanish company Panda Security. The software protects devices from viruses, spyware, hackers and other Internet threats. A security vulnerability exists in the pandaurlfiltering service in Panda Global Protection version 17.0.1. A...
Panda Global Protection Elevation of Privilege Vulnerability
Panda Global Protection is a suite of antivirus software from the Spanish company Panda Security. The software protects devices from viruses, spyware, hackers and other Internet threats. A security vulnerability exists in Panda Global Protection version 17.0.1. A local attacker can exploit the...
CVE-2018-6322
Panda Global Protection 17.0.1 allows local users to gain privileges or cause a denial of service by impersonating all the pipes through a use of .\pipe\PSANMSrvcPpal -- an "insecurely created named pipe." Ensures full access to Everyone users group...
CVE-2018-6321
Unquoted Windows search path vulnerability in the pandaurlfiltering service in Panda Global Protection 17.0.1 allows local users to gain privileges via a malicious artefact...
CVE-2018-6321
Unquoted Windows search path vulnerability in the pandaurlfiltering service in Panda Global Protection 17.0.1 allows local users to gain privileges via a malicious artefact...
CVE-2018-6322
Panda Global Protection 17.0.1 allows local users to gain privileges or cause a denial of service by impersonating all the pipes through a use of .\pipe\PSANMSrvcPpal -- an "insecurely created named pipe." Ensures full access to Everyone users group...