18 matches found
EUVD-2017-11695
Malware in sbrugna...
EUVD-2017-5353
Malware in sbrugna...
EUVD-2021-32109
Malicious code in bioql PyPI...
Directory traversal
Insufficient parameter validation in the Foswiki::Sandbox component of Foswiki v2.1.7 and below allows attackers to perform a directory traversal via supplying a crafted web request...
Foswiki Path Traversal Vulnerability
Foswiki is a Wiki software developed in the Perl language.Foswiki is a truly free and open-source Wiki and user-built application platform for public and corporate environments. A security vulnerability exists in Foswiki v2.1.7 and earlier versions, which stems from insufficient validation of...
CVE-2021-45335
Sandbox component in Avast Antivirus prior to 20.4 has an insecure permission which could be abused by local user to control the outcome of scans, and therefore evade detection or delete arbitrary system files...
CVE-2021-45336
Privilege escalation vulnerability in the Sandbox component of Avast Antivirus prior to 20.4 allows a local sandboxed code to gain elevated privileges by using system IPC interfaces which could lead to exit the sandbox and acquire SYSTEM privileges...
Code injection
Sandbox component in Avast Antivirus prior to 20.4 has an insecure permission which could be abused by local user to control the outcome of scans, and therefore evade detection or delete arbitrary system files...
CVE-2021-45335
CVE-2021-45335 affects Avast Antivirus: the sandbox component prior to version 20.4 has an insecure permission, enabling a local user to influence scan outcomes and potentially evade detection or delete arbitrary system files. Affected product is Avast Antivirus (sandbox module); root cause is an...
CVE-2021-45335
Sandbox component in Avast Antivirus prior to 20.4 has an insecure permission which could be abused by local user to control the outcome of scans, and therefore evade detection or delete arbitrary system files...
PT-2021-24229 · Avast · Avast Antivirus
Name of the Vulnerable Software and Affected Versions: Avast Antivirus versions prior to 20.4 Description: A privilege escalation issue in the Sandbox component allows local sandboxed code to gain elevated privileges by using system IPC interfaces, potentially leading to the acquisition of SYSTEM...
Avast Antivirus Sandbox component 权限许可和访问控制问题漏洞
Avast antivirus is a suite of antivirus software from the Czech company Avast. Avast Antivirus has an elevation of privilege vulnerability that can be exploited to cause an attacker to exit the sandbox and gain system privileges...
Apple macOS Catalina Sandbox Component Command Injection Vulnerability
Apple macOS Catalina is a specialized operating system developed by Apple for Mac computers, of which Sandbox is a sandbox component. A command injection vulnerability exists in the Sandbox component in Apple macOS Catalina versions prior to 10.15.6, which stems from the program failing to proper...
CVE-2019-14694
A use-after-free flaw in the sandbox container implemented in cmdguard.sys in Comodo Antivirus 12.0.0.6870 can be triggered due to a race condition when handling IRPMJCLEANUP requests in the minifilter for directory change notifications. This allows an attacker to cause a denial of service BSOD...
CVE-2018-4091
An issue was discovered in certain Apple products. macOS before 10.13.3 is affected. The issue involves the "Sandbox" component. It allows bypass of a sandbox protection mechanism...
CVE-2017-13838
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Sandbox" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service memory corruption via a crafted app...
Memory corruption
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Sandbox" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service memory corruption via a crafted app...
Mac OS X Multiple Vulnerabilities (Security Update 2017-002)
The remote host is running a version of Mac OS X 10.10.5 or 10.11.6 that is missing a security update. It is therefore, affected by multiple vulnerabilities : - A memory corruption issue exists in the Sandbox component that allows an unauthenticated, remote attacker to escape an application...