14 matches found
Fedora 44 : libinput (2026-56fa441129)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-56fa441129 advisory. libinput 1.31.1, fixes Lua plugin sandbox escape CVE-2026-35093, CVE-2026-35094 Tenable has extracted the preceding description block directly from...
CVE-2026-33139
PySpector has a Plugin Sandbox Bypass vulnerability (GHSA-V3XV-8VC3-H2M6) affecting versions
CVE-2026-33139 PySpector: Plugin Sandbox Bypass leads to Arbitrary Code Execution
PySpector is a static analysis security testing SAST Framework engineered for modern Python development workflows. PySpector versions 0.1.6 and prior are affected by a security validation bypass in the plugin system. The validateplugincode function in pluginsystem.py, performs static AST analysis...
GHSA-V3XV-8VC3-H2M6 PySpector has a Plugin Sandbox Bypass leads to Arbitrary Code Execution
Summary PySpector versions = 0.1.6 are affected by a security validation bypass in the plugin system. The validateplugincode function in pluginsystem.py, performs static AST analysis to block dangerous API calls before a plugin is trusted and executed. However, the internal resolvename helper onl...
EUVD-2024-52318
Malicious code in bioql PyPI...
CVE-2024-54154
In JetBrains YouTrack before 2024.3.51866 system takeover was possible through path traversal in plugin sandbox...
CVE-2024-54154
In JetBrains YouTrack before 2024.3.51866 system takeover was possible through path traversal in plugin sandbox...
CVE-2024-54154
In JetBrains YouTrack before 2024.3.51866 system takeover was possible through path traversal in plugin sandbox...
CVE-2024-54154
In JetBrains YouTrack before 2024.3.51866 system takeover was possible through path traversal in plugin sandbox...
CVE-2024-54154
CVE-2024-54154 affects JetBrains YouTrack prior to 2024.3.51866. The vulnerability enables system takeover via path traversal in the plugin sandbox. Affected component: YouTrack (plugin sandbox path handling). Impact is described by CVSS as high/critical in sources (system compromise, confidentia...
CVE-2024-54154
In JetBrains YouTrack before 2024.3.51866 system takeover was possible through path traversal in plugin sandbox...
PT-2024-36075 · Jetbrains · Youtrack
Name of the Vulnerable Software and Affected Versions: JetBrains YouTrack versions prior to 2024.3.51866 Description: The issue allows system takeover through path traversal in the plugin sandbox. Recommendations: For versions prior to 2024.3.51866, update to version 2024.3.51866 to resolve the...
CVE-2016-9072
When a new Firefox profile is created on 64-bit Windows installations, the sandbox for 64-bit NPAPI plugins is not enabled by default. Note: This issue only affects 64-bit Windows. 32-bit Windows and other operating systems are unaffected. This vulnerability affects Firefox 50...
CVE-2016-2837
Heap-based buffer overflow in the ClearKey Content Decryption Module CDM in the Encrypted Media Extensions EME API in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 might allow remote attackers to execute arbitrary code by providing a malformed video and leveraging a Gecko Media...