17057 matches found
CVE-2024-7017
Inappropriate implementation in DevTools in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2024-7017
Inappropriate implementation in DevTools in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2024-7017
Inappropriate implementation in DevTools in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
EUVD-2024-55072
Inappropriate implementation in DevTools in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2024-7017
Inappropriate implementation in DevTools in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2024-7017
CVE-2024-7017: In Google Chrome DevTools an inappropriate implementation allows sandbox escape via a crafted HTML page. Affected product is Google Chrome (DevTools). Root cause: DevTools mal-implementation described as an inappropriate implementation. Impact: potential sandbox escape with high se...
CVE-2024-7017
Inappropriate implementation in DevTools in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2025-13097
Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-13097
CVE-2025-13097 is a Chrome/Chromium DevTools vulnerability caused by an inappropriate implementation that could allow a remote sandbox escape via a crafted HTML page. Affected product: Google Chrome (DevTools/Chromium). Root cause: DevTools handling defect leading to sandbox bypass. Impact: sandb...
CVE-2025-13097
Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-13097
Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by Google. A security vulnerability exists in Google Chrome versions prior to 136.0.7103.59, which stems from a flaw in the security handling of the sandboxing mechanism. The vulnerability can be exploited by an attacker to achieve a sandbox escape via a...
Google Chrome 安全漏洞
Google Chrome is a free web browser developed by Google Inc. Google Chrome suffers from a DevTools mal-implementation vulnerability that can be exploited by an attacker to cause a sandbox escape...
PT-2025-46935
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 136.0.7103.59 Description An improper implementation in the DevTools component of Google Chrome could allow a remote attacker to potentially escape the sandbox through a crafted HTML page. Recommendations Update...
Mozilla Thunderbird < 145.0
The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 145.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-90 advisory. - Memory safety bugs present in Firefox 144 and Thunderbird 144. Some of these bugs showed evidence of...
Linux Distros Unpatched Vulnerability : CVE-2024-7017
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in DevTools in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox escape via a crafte...
Updated ruby packages fix security vulnerabilities
Net::IMAP vulnerable to possible DoS by memory exhaustion. CVE-2025-25186 In the CGI gem before 0.4.2 for Ruby, the CGI::Cookie.parse method in the CGI library contains a potential Denial of Service DoS vulnerability. The method does not impose any limit on the length of the raw cookie value it...
CVE-2024-45301
Mintty is a terminal emulator for Cygwin, MSYS, and WSL. In versions 2.3.6 through 3.7.4, several escape sequences can cause the mintty process to access a file in a specific path. It is triggered by simply printing them out on bash. An attacker can specify an arbitrary network path, negotiate an...
runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects
A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process...
runc: container escape via 'masked path' abuse due to mount race conditions
A flaw was found in runc. This flaw exploits an issue with how masked paths are implementedin runc. When masking files, runc will bind-mount the container's /dev/null inode on top of the file. However, if an attacker can replace /dev/null with a symlink to some other procfs file, runc will instea...