Lucene search
K

49 matches found

Ubuntu
Ubuntu
added 2026/05/20 6:16 p.m.14 views

USN-8288-1: Bubblewrap vulnerability

It was discovered that Bubblewrap incorrectly handled the sandbox setup phase when installed in setuid mode. A local attacker could possibly use this issue to bypass sandbox restrictions...

8.7CVSS5.8AI score0.00274EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/03/31 12:0 a.m.5 views

PT-2026-29480

Name of the Vulnerable Software and Affected Versions Vim versions prior to 9.2.0276 Description Vim is susceptible to remote code execution through maliciously crafted "modelines" that can bypass sandboxes. This allows for the execution of commands. Recommendations Update to version 9.2.0276 or...

8.2CVSS6.5AI score0.0047EPSS
Exploits0References104
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2012-5558

Malware in sbrugna...

4.4CVSS6.4AI score0.00743EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2015-1258

Malware in sbrugna...

4.4CVSS6.4AI score0.0033EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-10018

Malware in sbrugna...

8.6CVSS9AI score0.16288EPSS
Exploits1References18
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-25230

Malicious code in bioql PyPI...

9.8CVSS6.3AI score0.00449EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/09/15 10:35 p.m.1 views

CVE-2025-43358

A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sonoma 14.8, iOS 26 and iPadOS 26, macOS Sequoia 15.7, iOS 18.7 and iPadOS 18.7. A shortcut may be able to bypass sandbox restrictions...

5.9AI score0.00277EPSS
Exploits0References4
NVD
NVD
added 2025/08/19 9:15 p.m.7 views

CVE-2025-54143

Sandboxed iframes on webpages could potentially allow downloads to the device, bypassing the expected sandbox restrictions declared on the parent page. This vulnerability was fixed in Firefox for iOS 141...

9.8CVSS0.00449EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/19 8:52 p.m.4 views

CVE-2025-54143 Sandboxed iframes could allow local downloads despite sandbox restrictions

Sandboxed iframes on webpages could potentially allow downloads to the device, bypassing the expected sandbox restrictions declared on the parent page. This vulnerability was fixed in Firefox for iOS 141...

5.8AI score0.00449EPSS
Exploits0References2
CVE
CVE
added 2025/08/19 8:52 p.m.22 views

CVE-2025-54143

CVE-2025-54143 is tied to Firefox for iOS prior to version 141. The issue arises from sandboxed iframes on web pages that could bypass the parent page’s sandbox restrictions, potentially allowing downloads to the device. Affected product: Firefox for iOS

9.8CVSS5.8AI score0.00449EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/07/24 12:23 a.m.16 views

CVE-2025-51482

Remote Code Execution in letta.server.restapi.routers.v1.tools.runtoolfromsource in letta-ai Letta 0.7.12 allows remote attackers to execute arbitrary Python code and system commands via crafted payloads to the /v1/tools/run endpoint, bypassing intended sandbox restrictions...

8.8CVSS8.3AI score0.01862EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/09/09 12:0 a.m.4 views

Twig 安全漏洞

Twig is a PHP template engine open-sourced by Twig. A security vulnerability exists in Twig that stems from the fact that sandbox security checks will not be run under certain circumstances, allowing user-contributed templates to bypass sandbox restrictions...

8.6CVSS9.2AI score0.00826EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/06/21 12:0 a.m.25 views

AlmaLinux 8 : thunderbird (ALSA-2024:4036)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2024:4036 advisory. thunderbird: Use-after-free in networking CVE-2024-5702 thunderbird: Use-after-free in JavaScript object transplant CVE-2024-5688 thunderbird: External...

8.6CVSS7.4AI score0.0107EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2024/06/20 6:2 a.m.7 views

Mozilla: Sandboxed iframes were able to bypass sandbox restrictions to open a new window

The Mozilla Foundation Security Advisory describes this flaw as: By tricking the browser with a X-Frame-Options header, a sandboxed iframe could have presented a button that, if clicked by a user, would bypass restrictions to open a new window...

4.7CVSS7.3AI score0.00654EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/06/20 5:42 a.m.5 views

Mozilla: Sandboxed iframes were able to bypass sandbox restrictions to open a new window

The Mozilla Foundation Security Advisory describes this flaw as: By tricking the browser with a X-Frame-Options header, a sandboxed iframe could have presented a button that, if clicked by a user, would bypass restrictions to open a new window...

4.7CVSS7.3AI score0.00654EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/06/17 1:21 p.m.4 views

Mozilla: Sandboxed iframes were able to bypass sandbox restrictions to open a new window

The Mozilla Foundation Security Advisory describes this flaw as: By tricking the browser with a X-Frame-Options header, a sandboxed iframe could have presented a button that, if clicked by a user, would bypass restrictions to open a new window...

4.7CVSS7.3AI score0.00654EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/06/17 1:19 p.m.5 views

Mozilla: Sandboxed iframes were able to bypass sandbox restrictions to open a new window

The Mozilla Foundation Security Advisory describes this flaw as: By tricking the browser with a X-Frame-Options header, a sandboxed iframe could have presented a button that, if clicked by a user, would bypass restrictions to open a new window...

4.7CVSS7.3AI score0.00654EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2023/10/30 12:0 a.m.16 views

Debian: Security Advisory (DSA-5537-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS6.4AI score0.014EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2023/04/18 7:33 a.m.96 views

CVE-2023-30547

A flaw was found in the vm2 sandbox. When exception handling is triggered, an unsanitized host is not managed properly. This issue may allow an attacker to bypass the sandbox protections, which can lead to remote code execution on the hypervisor host or the host that is running the sandbox...

9.8CVSS9.4AI score0.72087EPSS
Exploits5References4
CVE
CVE
added 2022/12/07 11:45 p.m.69 views

CVE-2022-4291

CVE-2022-4291 affects Avast Antivirus on Windows via the aswjsflt.dll in the Script Shield component, where a heap corruption could allow bypassing the application sandbox. The issue was fixed in Script Shield 18.0.1478. Some sources also note that the vulnerability could cause a Mozilla Firefox ...

10CVSS8.9AI score0.00421EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder