Sandboxie-Plus 注入漏洞

Sandboxie-Plus is a sandbox isolation software developed by Sandboxie-Plus Inc. Versions of Sandboxie-Plus 1.17.2 and earlier had an injection vulnerability. This vulnerability stems from an INI injection flaw that allows standard local users to bypass configuration restrictions and inject...

PT-2026-37337

Name of the Vulnerable Software and Affected Versions vm2 versions prior to 3.11.1 Description When a NodeVM is created with the nesting variable set to true, sandbox code can unconditionally use require'vm2' regardless of the outer VM's require configuration, including when require is set to...

PT-2026-38101

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description A use after free issue in Fullscreen allows a remote attacker to potentially perform a sandbox escape by using a crafted HTML page. Use after free is a memory corruption flaw that occur...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a resource management vulnerability. This vulnerability stemmed from the reuse of resources after printing, which could allow a remote attacker with access to the renderer process to...

PT-2026-38120

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description A type confusion issue in the Runtime allows a remote attacker to execute arbitrary code within a sandbox by utilizing a specially crafted HTML page. Type confusion occurs when a progra...

PT-2026-38119

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description A use after free issue in the PresentationAPI allows a remote attacker to execute arbitrary code inside a sandbox by utilizing a crafted HTML page. Use after free is a memory corruption...

PT-2026-38166

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description An integer overflow in Dawn allows a remote attacker to potentially perform a sandbox escape by using a crafted HTML page. A sandbox escape is a technique used to break out of a...

PT-2026-38149

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description A use after free issue in Navigation allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Use after free is...

PT-2026-38178

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description A use after free issue in the GPU component allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Use after...

PT-2026-38168

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description A use after free issue in DevTools allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Use after free is a...

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a vulnerability related to input validation errors. This vulnerability stemmed from insufficient trust-based input validation in Navigation, which could allow remote attackers to...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a security vulnerability caused by integer overflow in Dawn, which could allow remote attackers to execute a sandbox escape through a specially crafted HTML page...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a resource management vulnerability. This vulnerability stemmed from the reuse of resources after TopChrome was released, which could allow remote attackers to execute a sandbox esca...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a resource management vulnerability. This vulnerability stemmed from the reusing of resources after they were released in DevTools, which could allow remote attackers to execute a...

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a buffer overflow vulnerability. This vulnerability stemmed from out-of-bounds write-ups related to WebRTC, which could allow remote attackers to execute arbitrary code within a...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a resource management vulnerability. This vulnerability stemmed from the reuse of resources after the Navigation object was released, which could allow remote attackers to execute a...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a resource management vulnerability. This vulnerability stemmed from the reuse of Skia objects after its release, which could allow remote attackers to exploit the vulnerability...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a resource management vulnerability. This vulnerability stemmed from the reuse of resources after the Fullscreen mode was released, which could allow remote attackers to exploit the...

PT-2026-38156

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description An inappropriate implementation in ServiceWorker allows a remote attacker who has already compromised the renderer process to potentially perform a sandbox escape through a crafted HTML...

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a buffer overflow vulnerability, which was caused by excessive writing within Skia. This vulnerability could allow remote attackers to exploit the system through specially crafted HT...