CVE-2026-34430 ByteDance DeerFlow LocalSandboxProvider Host Bash Escape

ByteDance DeerFlow versions prior to commit 92c7a20 contain a sandbox escape vulnerability in bash tool handling that allows attackers to execute arbitrary commands on the host system by bypassing regex-based validation using shell features such as directory changes and relative paths. Attackers...

EUVD-2009-1865

Malware in sbrugna...

SUSE CVE-2016-4271

Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-4277 and...

SUSE CVE-2017-5180

Firejail before 0.9.44.4 and 0.9.38.x LTS before 0.9.38.8 LTS does not consider the .Xauthority case during its attempt to prevent accessing user files with an euid of zero, which allows local users to conduct sandbox-escape attacks via vectors involving a symlink and the --private option...

CVE-2022-31699

VMware ESXi contains a heap-overflow vulnerability. A malicious local actor with restricted privileges within a sandbox process may exploit this issue to achieve a partial information disclosure...

Internet Bug Bounty: Flash Local Sandbox Bypass

Vulnerability already reported to adobe issue 2833 and patched CVE-2014-0554 http://helpx.adobe.com/security/products/flash-player/apsb14-21.html First of all, note that the Adobe Security Bulletin notes: 'Bas Venis and Masato Kinugawa' for the acknowledgement of this CVE. The poc I have reported...

RHEL 5 : flash-plugin (RHSA-2009:1188)

An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. The flash-plugin package contains a Mozilla Firefox...

RHEL 3 / 4 : flash-plugin (RHSA-2009:1189)

An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 3 and 4 Extras. This update has been rated as having critical security impact by the Red Hat Security Response Team. The flash-plugin package contains a Mozilla Firefox compatib...

RedHat Security Advisory RHSA-2009:1189

The remote host is missing updates announced in advisory RHSA-2009:1189. The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. Multiple security flaws were found in the way Flash Player displayed certain SWF content. An attacker could use these fla...

CVE-2009-1870

Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to obtain sensitive information via vectors involving saving an SWF file to a hard drive, related to a "local sandbox vulnerability."...

CVE-2009-1870

Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to obtain sensitive information via vectors involving saving an SWF file to a hard drive, related to a "local sandbox vulnerability."...

CVE-2009-1870

Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to obtain sensitive information via vectors involving saving an SWF file to a hard drive, related to a "local sandbox vulnerability."...

CVE-2009-1870

CVE-2009-1870 is a local sandbox vulnerability in Adobe Flash Player (affecting Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2) that could disclose sensitive information when a SWF is saved to the user’s hard drive. Connected advisories confirm Red Hat and ot...

flash-plugin: multiple information disclosure flaws (APSB09-10)

Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to obtain sensitive information via vectors involving saving an SWF file to a hard drive, related to a "local sandbox vulnerability."...

flash-plugin: multiple information disclosure flaws (APSB09-10)

Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to obtain sensitive information via vectors involving saving an SWF file to a hard drive, related to a "local sandbox vulnerability."...

Adobe AIR < 1.5.2 Multiple Vulnerabilities (APSB09-10)

Binary data 5109.prm...

Adobe AIR < 1.5.2 Multiple Vulnerabilities (APSB09-10)

The remote Windows host contains a version of Adobe AIR Player that is earlier than 1.5.2. Such versions are reportedly affected by multiple vulnerabilities : - A memory corruption vulnerability that could potentially lead to code execution. CVE-2009-1862 - A privilege escalation vulnerability th...