Lucene search
+L

5 matches found

osv
osv
added 2026/05/05 7:31 p.m.3 views

CVE-2026-34464 Sandboxie-Plus NamedPipeServer OpenHandler stack overflow via unterminated server field

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, NamedPipeServer::OpenHandler copies the server field from NAMEDPIPEOPENREQ into a fixed WCHAR pipename160 stack buffer using wcscat without verifying null termination. The handler only...

8.8CVSS6.5AI score0.00174EPSS
Exploits1References3
euvd
euvd
added 2026/05/05 7:28 p.m.9 views

EUVD-2026-27461

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, the SbieIniServer RunSbieCtrl handler contains a stack buffer overflow. The MSGIDSBIEINIRUNSBIECTRL message is handled before normal sandbox and impersonation checks, and for non-sandbox...

7.3CVSS6.5AI score0.00172EPSS
Exploits1References1
cve
cve
added 2026/05/05 7:28 p.m.17 views

CVE-2026-34461

Sandboxie-Plus

7.8CVSS6.5AI score0.00172EPSS
Exploits1References1Affected Software1
ptsecurity
ptsecurity
added 2026/05/05 12:0 a.m.13 views

PT-2026-37227

Name of the Vulnerable Software and Affected Versions Sandboxie-Plus versions prior to 1.17.3 Description The SbieIniServer RunSbieCtrl handler contains a stack buffer overflow. The MSGID SBIE INI RUN SBIE CTRL message is processed before standard sandbox and impersonation checks. For callers not...

7.8CVSS6.5AI score0.00172EPSS
Exploits1References6
euvd
euvd
added 2026/04/10 8:59 p.m.5 views

EUVD-2026-21599

Arcane has Unauthenticated SSRF with Conditional Response Reflection in Template Fetch Endpoint...

7.2CVSS5.8AI score0.00621EPSS
Exploits1References2
Rows per page
Query Builder