CVE-2026-34462

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, several ProcessServer handlers KillAllHandler, SuspendAllHandler, and RunSandboxedHandler copy a WCHAR boxname34 field from request structures into WCHAR40 stack buffers using wcscpy...

CVE-2026-34462 Sandboxie-Plus ProcessServer boxname stack buffer overflows via unterminated wide string copy

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, several ProcessServer handlers KillAllHandler, SuspendAllHandler, and RunSandboxedHandler copy a WCHAR boxname34 field from request structures into WCHAR40 stack buffers using wcscpy...

Sandboxie-Plus 安全漏洞

Sandboxie-Plus is a sandbox isolation software developed by Sandboxie-Plus Inc. Versions of Sandboxie-Plus 1.17.2 and earlier contain security vulnerabilities. These vulnerabilities stem from the ProcessServer processing program’s use of wcscpy to copy the boxname field, without verifying an empt...

EUVD-2025-113023

Malicious code in grus-child-process-server-inquirer npm...

MAL-2025-143089 Malicious code in grus-child-process-server-inquirer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b28413cef90aca4f8fabcb9fcb9cc4c3737e32a1247520c569f1d849bef559a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2009-0511

Malware in sbrugna...

MAL-2025-47632 Malicious code in com.unity.process-server (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in com.unity.process-server (npm)

--- -= Per source details. Do not edit below this line.=-...

SUSE CVE-2016-9400

The CClient::ProcessServerPacket method in engine/client/client.cpp in Teeworlds before 0.6.4 allows remote servers to write to arbitrary physical memory locations and possibly execute arbitrary code via vectors involving snap handling...

Security Bulletin: IBM WebSphere Process Server Java API Documentation Frame Injection Vulnerability (CVE-2013-1571)

Abstract Java™ API Documentation contains a frame injection vulnerability. Content VULNERABILITY DETAILS: CVEID: CVE-2013-1571 DESCRIPTION: HTML documentation generated by the Javadoc tool contains a security vulnerability. The vulnerability allows an attacker to craft a malicious link to the...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Business Process Manager, WebSphere Process Server, WebSphere Enterprise Service Bus, and WebSphere Lombardi Edition (CVE-2017-1503)

Summary WebSphere Application Server is shipped as a component of IBM Business Process Manager, WebSphere Process Server, WebSphere Enterprise Service Bus, and WebSphere Lombardi Edition. Information about security vulnerabilities affecting IBM WebSphere Application Server have been published in ...

Security Bulletin: Security vulnerability in Apache Commons FileUpload might affect IBM Business Process Manager, WebSphere Process Server, and WebSphere Enterprise Service Bus (CVE-2016-1000031)

Summary A vulnerability for Apache Commons FileUpload before 1.3.3 has been reported which allows a remote attacker to execute arbitrary code on the system. Vulnerability Details CVEID: CVE-2016-1000031 DESCRIPTION: Apache Commons FileUpload, as used in certain products, could allow a remote...

Security Bulletin: Multiple vulnerabilities in WebSphere Application Server affect IBM Business Process Manager (BPM), WebSphere Process Server (WPS), WebSphere Enterprise Service Bus, and WebSphere Lombardi Edition (WLE) (Java CPU October 2017)

Summary WebSphere Application Server is shipped as a component of IBM Business Process Manager, WebSphere Process Server, WebSphere Enterprise Service Bus, and WebSphere Lombardi Edition. WebSphere Application Server Liberty is shipped as a component of the optional BPM component Process Federati...

Security Bulletin: Cross-site scripting vulnerability in Business Space affects IBM Business Process Manager, WebSphere Process Server, and WebSphere Enterprise Service Bus (CVE-2018-1384)

Summary Cross-site scripting vulnerability in Business Space allows a remote attacker to inject script. Vulnerability Details CVEID: CVE-2018-1384 DESCRIPTION: IBM Business Process Manager is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Business Process Manager, WebSphere Process Server, WebSphere Enterprise Service Bus, and WebSphere Lombardi Edition (CVE-2017-1731)

Summary WebSphere Application Server is shipped as a component of IBM Business Process Manager, WebSphere Process Server, WebSphere Enterprise Service Bus, and WebSphere Lombardi Edition. Information about a security vulnerability affecting IBM WebSphere Application Server Traditional have been...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Business Process Manager, WebSphere Process Server, WebSphere Enterprise Service Bus, and WebSphere Lombardi Edition (CVE-2017-1681)

Summary WebSphere Application Server is shipped as a component of IBM Business Process Manager, WebSphere Process Server, WebSphere Enterprise Service Bus, and WebSphere Lombardi Edition. WebSphere Application Server Liberty is shipped as a component of the optional BPM component Process Federati...

Security Bulletin: Multiple vulnerabilities in the IBM SDK for Java Technology Edition affect WebSphere Process Server (CVE-2014-6512, CVE-2014-6457, CVE-2014-6558, CVE-2014-3566)

Summary There are multiple vulnerabilities in IBM SDK for JavaTechnology Edition that is used by WebSphere Process Server. This also includes a fix for the Padding Oracle On Downgraded Legacy Encryption POODLE SSLv3 vulnerability CVE-2014-3566. These issues were disclosed as part of the IBM SDK f...

Security Bulletin: Multiple vulnerabilities in the IBM SDK for Java™ Technology Edition January 2015 CPU affect WebSphere Process Server

Summary There are multiple vulnerabilities in IBM SDK for Java™ Technology Edition that is used by WebSphere Process Server. These issues were disclosed as part of the IBM SDK for JavaTechnology Edition updates in January 2015. Vulnerability Details CVEID: CVE-2014-3566 DESCRIPTION: Multiple...

Security Bulletin: Vulnerability in IBM WebSphere Application Server affects WebSphere Process Server and WebSphere Process Server Hypervisor Editions (CVE-2015-0138)

Summary The “FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL client and server vulnerability affects IBM WebSphere Application Server Full Profile and IBM WebSphere Application Server Hypervisor Edition that is used by WebSphere Process Server and WebSphere Process Server Hypervisor Editions...

Security Bulletin: Vulnerability in RC4 stream cipher affects WebSphere Process Server (WPS) and WPS Hypervisor editions (CVE-2015-2808)

Summary The RC4 “Bar Mitzvah” attack for SSL/TLS affects IBM WebSphere Application Server that is used by WebSphere Process Server WPS and WPS Hypervisor editions. Vulnerability Details CVEID: CVE-2015-2808 DESCRIPTION: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow ...