51 matches found
Improper Isolation or Compartmentalization
Overview org.webjars.npm:vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Affected versions of this package are vulnerable to Improper Isolation or Compartmentalization through the transformer fast-path in the source instrumentation logic. An attacker can...
Improper Isolation or Compartmentalization
Overview Affected versions of this package are vulnerable to Improper Isolation or Compartmentalization due to improper type and namespace isolation in the SingleUseObjectProvider. An attacker can obtain unauthorized access by forging authorization codes, which may result in the creation of...
EUVD-2019-4775
Malware in sbrugna...
EUVD-2019-4770
Malware in sbrugna...
EUVD-2019-4777
Malware in sbrugna...
EUVD-2021-2679
Malware in sbrugna...
EUVD-2019-4773
Malware in sbrugna...
EUVD-2019-4778
Malware in sbrugna...
EUVD-2025-6303
Malicious code in bioql PyPI...
CVE-2019-13265
D-link DIR-825AC G1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. They forward ARP requests, which are sent as broadcast packets, between the host and the guest networks. To use this leakage as a direct covert...
CVE-2019-13270
Edimax BR-6208AC V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. In order to transfer data from the host network to the guest network, the sender joins and then leaves an IGMP group. After it leaves, the router...
CVE-2019-13271
Edimax BR-6208AC V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. They forward ARP requests, which are sent as broadcast packets, between the host and the guest networks. To use this leakage as a direct covert...
CVE-2019-13266
TP-Link Archer C3200 V1 and Archer C2 V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. A DHCP Request is sent to the router with a certain Transaction ID field. Following the DHCP protocol, the router responds wi...
CVE-2019-13269
Edimax BR-6208AC V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. A DHCP Request is sent to the router with a certain Transaction ID field. Following the DHCP protocol, the router responds with an ACK or NAK...
Redefining IABs: Impacts of compartmentalization on threat tracking and modeling
Cisco Talos has observed a growing trend of attack kill chains being split into two stages -- initial compromise and subsequent exploitation -- executed by separate threat actors. This compartmentalization increases the complexity and difficulty of performing threat modeling and actor profiling...
Juniper Junos OS Improper Isolation or Compartmentalization Vulnerability
Juniper Junos OS contains an improper isolation or compartmentalization vulnerability. This vulnerability could allows a local attacker with high privileges to inject arbitrary code...
Improper Isolation or Compartmentalization
Overview promptflow-core is a Prompt flow core Affected versions of this package are vulnerable to Improper Isolation or Compartmentalization due to improper isolation or compartmentalization in the handling of Jinja templates. Remediation Upgrade promptflow-core to version 1.17.2 or higher...
Juniper Junos OS Vulnerability (JSA79089)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA79089 advisory. - An Improper Isolation or Compartmentalization vulnerability in the Packet Forwarding Engine pfe of Juniper Networks Junos OS on QFX5000 Series, or an EX4100 Series, EX4400...
CVE-2021-0060
Insufficient compartmentalization in HECI subsystem for the IntelR SPS before versions SPSE504.01.04.516.0, SPSE504.04.04.033.0, SPSE504.04.03.281.0, SPSE503.01.03.116.0, SPSE305.01.04.309.0, SPS02.04.00.101.0, SPSSoC-A05.00.03.114.0, SPSSoC-X04.00.04.326.0, SPSSoC-X03.00.03.117.0,...
CVE-2021-0060
CVE-2021-0060 affects Intel Chipset Firmware’s Server Platform Services (SPS) HECI, where insufficient compartmentalization could let an authenticated user escalate privileges with physical access. Affected products include Intel SPS firmwares, before versions SPS_E5_04.01.04.516.0, SPS_E5_04.04....