Lucene search
K

8 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/05 7:34 p.m.6 views

CVE-2026-34596

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, a Time-of-Check-to-Time-of-Use TOCTOU race condition exists during addon installation. When a user installs an addon through the SandMan interface, UpdUtil.exe is spawned as SYSTEM by...

5.4CVSS5.7AI score0.00106EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.8 views

PT-2026-37231

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, a Time-of-Check-to-Time-of-Use TOCTOU race condition exists during addon installation. When a user installs an addon through the SandMan interface, UpdUtil.exe is spawned as SYSTEM by...

5.4CVSS5.7AI score0.00106EPSS
Exploits1References2
hivepro
hivepro
added 2023/12/13 11:22 a.m.7 views

The Unseen Thread Linking Sandman APT and KEYPLUG Backdoor

Summary: The Sandman Advanced Persistent Threat APT is closely linked to suspected threat clusters originating from China, specifically identified as Storm-0866, also known as Red Dev 40. Within the same victim environments, the Sandmans Lua-based malware, LuaDream, and the KEYPLUG backdoor have...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2023/12/11 1:59 p.m.20 views

Researchers Unmask Sandman APT's Hidden Link to China-Based KEYPLUG Backdoor

Tactical and targeting overlaps have been discovered between the enigmatic advanced persistent threat APT called Sandman and a China-based threat cluster that's known to use a backdoor referred to as KEYPLUG. The assessment comes jointly from SentinelOne, PwC, and the Microsoft Threat Intelligenc...

7.1AI score
Exploits0
hivepro
hivepro
added 2023/09/25 6:37 a.m.29 views

Sandman APT Strikes the Telecom Sector with the LuaDream Backdoor

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Sandman APT, an espionage group of unknown origins that surfaced mysteriously in August, is orchestrating a sophisticated campaign aimed squarely at telecommunications providers spanning the Middle East,...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/09/21 7:55 p.m.41 views

Mysterious 'Sandman' Threat Actor Targets Telecom Providers Across Three Continents

A previously undocumented threat actor dubbed Sandman has been attributed to a set of cyber attacks targeting telecommunication providers in the Middle East, Western Europe, and the South Asian subcontinent. Notably, the intrusions leverage a just-in-time JIT compiler for the Lua programming...

7.4AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/07/26 8:18 p.m.6 views

sandman-store.com XSS vulnerability

Open Bug Bounty ID: OBB-654187 Description| Value ---|--- Affected Website:| sandman-store.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
0day.today
0day.today
added 2009/12/24 12:0 a.m.26 views

linux/x86 unlink(/etc/passwd) & exit() 35 bytes

Exploit for linux/x86 platform in category shellcode =============================================== linux/x86 unlink/etc/passwd & exit 35 bytes =============================================== Title: linux/x86 unlink/etc/passwd & exit 35 bytes Date: 2009-12-24 Author: sandman Tested on:...

7AI score
Exploits0
Rows per page
Query Builder