14 matches found
CVE-2026-44287
FastGPT is an AI Agent building platform. Prior to 4.15.0-beta1, the JavaScript sandbox worker at projects/code-sandbox/src/pool/worker.ts:356 blocks dynamic import with the regex /\bimport\s/.testcode. JavaScript syntax accepts a block comment between import and ; the regex matches only ASCII...
CVE-2025-46297
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.2. An app may be able to access protected files within an App Sandbox container...
EUVD-2019-5844
Malware in sbrugna...
EUVD-2025-17467
Malicious code in bioql PyPI...
MAL-2025-39879 Malicious code in xml-sandbox-container-process-long (npm)
The package xml-sandbox-container-process-long was found to contain malicious code...
PT-2025-24438
Name of the Vulnerable Software and Affected Versions FastGPT versions prior to 4.9.11 Description The issue concerns the Sandbox container in FastGPT, which has insufficient isolation and inadequate restrictions on code execution. This allows attackers to escape the intended sandbox boundaries b...
Apple macOS 安全漏洞
Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS version 15, which originates from an application that may be able to access protected files within the application sandbox contain...
CVE-2024-44135
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7. An app may be able to access protected files within an App Sandbox container...
CVE-2024-44135
This CVE (CVE-2024-44135) concerns a permissions issue in macOS that could allow an app to access protected files inside an App Sandbox container. The vulnerability is fixed in macOS Sonoma 14.7 and macOS Sequoia 15; the underlying cause relates to insufficient permission restrictions, and the is...
Design/Logic Flaw
A vulnerability in the health check RPM of Cisco IOS XR Software could allow an unauthenticated, remote attacker to access the Redis instance that is running within the NOSi container. This vulnerability exists because the health check RPM opens TCP port 6379 by default upon activation. An attack...
CVE-2022-20821 Cisco IOS XR Software Health Check Open Port Vulnerability
A vulnerability in the health check RPM of Cisco IOS XR Software could allow an unauthenticated, remote attacker to access the Redis instance that is running within the NOSi container. This vulnerability exists because the health check RPM opens TCP port 6379 by default upon activation. An attack...
Race condition
A use-after-free flaw in the sandbox container implemented in cmdguard.sys in Comodo Antivirus 12.0.0.6870 can be triggered due to a race condition when handling IRPMJCLEANUP requests in the minifilter for directory change notifications. This allows an attacker to cause a denial of service BSOD...
CVE-2019-14694
A use-after-free flaw in the sandbox container implemented in cmdguard.sys in Comodo Antivirus 12.0.0.6870 can be triggered due to a race condition when handling IRPMJCLEANUP requests in the minifilter for directory change notifications. This allows an attacker to cause a denial of service BSOD...
CVE-2019-14694
CVE-2019-14694 describes a use-after-free in the sandbox container of Comodo Antivirus 12.0.0.6870, triggered by a race condition in the minifilter handling IRP_MJ_CLEANUP for directory change notifications. The flaw in cmdguard.sys could allow a local attacker to cause a denial of service (BSOD)...