Malicious code in unique-id-64 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8ab3b19e4bd1602de93ca092a5909f8b69927c01d5a690d3484116024dfc46e2 Package impersonates the well-known sindresorhus/unique-string utility: package.json copies the author block name 'Sindre Sorhus', email...

MAL-2026-4357 Malicious code in helu (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 15a97c1f0e23d838c86d69a3ceae306071a9b4b8c17162a1f563aefe489ffbe4 During import, the hidden code downloads and executes the second-stage code. After performing anti-analysis checks, it downloads a malicious executable and...

Incorrect Privilege Assignment

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Privilege Assignment via the sessionsspawn process when using runtime="acp" in a sandboxed environment. An attacker can gain unauthorized access to host-side ACP initialization ...

Apple macOS 安全漏洞

Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS Sequoia versions prior to 15.7.2, which stems from insufficient sandbox checking and could cause an application to escape sandbox...

EUVD-2019-9847

Malware in sbrugna...

Apple Xcode Improper Access Control Vulnerability

Apple Xcode is an integrated development tool that runs on the operating system Mac OS X. It is used for the development of the Mac OS X software. Apple Xcode suffers from an Improper Access Control vulnerability that stems from insufficient sandbox checking, which can be exploited by an attacker...

Apple Xcode 安全漏洞

Apple Xcode is an integrated development tool that runs on the operating system Mac OS X. It is used for the development of the Mac OS X software. Apple Xcode suffers from an Improper Access Control vulnerability that stems from insufficient sandbox checking, which can be exploited by an attacker...

UBUNTU-CVE-2024-45411

Twig is a template language for PHP. Under some circumstances, the sandbox security checks are not run which allows user-contributed templates to bypass the sandbox restrictions. This vulnerability is fixed in 1.44.8, 2.16.1, and 3.14.0...

Twig 安全漏洞

Twig is a PHP template engine open-sourced by Twig. A security vulnerability exists in Twig that stems from the fact that sandbox security checks will not be run under certain circumstances, allowing user-contributed templates to bypass sandbox restrictions...

CVE-2024-27813

CVE-2024-27813 is a macOS Sonoma 14.5 fix for a local vulnerability where an app may execute arbitrary code outside its sandbox or with elevated privileges. The issue is addressed by improved checks and is fixed in macOS Sonoma 14.5. The available sources describe the vulnerability and the update...

Design/Logic Flaw

This issue was addressed with improved checks. This issue is fixed in watchOS 8.7, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to break out of its sandbox...

Microsoft Windows Common Log File System Driver Information Disclosure Vulnerability

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. Windows Common Log File System Driver is one of the common log file system drivers. An...

CVE-2019-1282

An information disclosure exists in the Windows Common Log File System CLFS driver when it fails to properly handle sandbox checks, aka 'Windows Common Log File System Driver Information Disclosure Vulnerability'...

CVE-2019-1282

An information disclosure exists in the Windows Common Log File System CLFS driver when it fails to properly handle sandbox checks, aka 'Windows Common Log File System Driver Information Disclosure Vulnerability'...