Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Cvelist
Cvelistadded 2026/05/13 5:23 p.m.25 views

CVE-2026-44000 vm2: sandbox boundary bypass via host Promise resolution preserving host object identity

vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, a sandbox boundary violation in vm2 allows host object identity to cross into the sandbox through host Promise resolution. When a host-side Promise that resolves to a host object is exposed to the sandbox, the value delivered to the...

6.5CVSS0.00047EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2026/05/13 5:23 p.m.4 views

CVE-2026-44000 vm2: sandbox boundary bypass via host Promise resolution preserving host object identity

vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, a sandbox boundary violation in vm2 allows host object identity to cross into the sandbox through host Promise resolution. When a host-side Promise that resolves to a host object is exposed to the sandbox, the value delivered to the...

6.5CVSS5.5AI score0.00047EPSS
Exploits1References1
OSV
OSVadded 2026/05/07 4:29 a.m.2 views

GHSA-MPF8-4HX2-7CJG vm2 Host Promise Resolution Preserves Object Identity Across Sandbox Boundary

Summary A sandbox boundary violation in vm2 allows host object identity to cross into the sandbox through host Promise resolution. When a host-side Promise that resolves to a host object is exposed to the sandbox, the value delivered to the sandbox .then callback preserves host identity. This...

6.5CVSS5.5AI score0.00047EPSS
Exploits1References4
Patchstack
Patchstackadded 2026/05/07 4:29 a.m.5 views

NPM: vm2 Host Promise Resolution Preserves Object Identity Across Sandbox Boundary

NPM: vm2 Host Promise Resolution Preserves Object Identity Across Sandbox Boundary vulnerability discovered by ? in WordPress Npm vm2 versions = 3.10.5...

7.2CVSS5.8AI score0.00047EPSS
Exploits1References4Affected Software1
Cvelist
Cvelistadded 2004/04/16 4:0 a.m.25 views

CVE-2004-0124

The DCOM RPC interface for Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to cause network communications via an "alter context" call that contains additional data, aka the "Object Identity Vulnerability."...

6.5AI score0.49512EPSS
Exploits0References11
CVE
CVEadded 2004/04/16 4:0 a.m.50 views

CVE-2004-0124

CVE-2004-0124 describes an information disclosure flaw in how Microsoft Windows COM object identifiers are created, enabling an attacker to coax a system into opening network ports via specially crafted RPC messages. This is part of MS04-012 RPC/DCOM updates; the impact is described as enabling a...

2.6CVSS6.5AI score0.49512EPSS
Exploits0References11Affected Software4
Symantec
Symantecadded 2004/04/13 12:0 a.m.14 views

Microsoft Windows Object Identity Network Communication Vulnerability

Description It has been reported that Microsoft Windows is prone to a vulnerability in the method of creation of object identities that may allow unauthorized network communication. This issue is due to a design error that causes the process to be carried out insecurely. This issue may be leverag...

6.8AI score
Exploits0References1Affected Software7
Rows per page
Query Builder