CWE-653: CWE-653

This vulnerability allows attackers within Bluetooth range to bypass authentication on Sony XAV-AX8500 car multimedia systems. The flaw exists in Blue...

CVE-2024-23683 is a sandbox escape vulnerability in Artemis Java Test Sandbox (part of the Ares framework) that allows attackers to execute arbitrary ...

This vulnerability in Intel processors allows an authenticated user with local access to potentially escalate privileges by exploiting improper isolat...

NVIDIA Container Toolkit has an improper isolation vulnerability where malicious container images can modify host binaries. This affects systems using...

NVIDIA Container Toolkit has an improper isolation vulnerability where specially crafted container images could allow untrusted code to access host de...

This vulnerability allows users with advanced report application access rights to perform unauthorized actions beyond their intended permissions. It a...

This CVE describes a container escape vulnerability in Foundry Container Service where misconfigured deployments allow pods within the same namespace ...

This vulnerability allows a high-privileged remote attacker to execute arbitrary operating system commands by escaping the LUA sandbox implementation....

This vulnerability in Azure PromptFlow allows unauthorized attackers to execute arbitrary code remotely due to improper isolation between components. ...

CVE-2024-55456 is a segmentation violation vulnerability in lunasvg's gray_find_cell component that can cause denial of service or potentially allow a...

CVE-2024-57723 is a segmentation violation vulnerability in lunasvg's composition_source_over component that can cause denial of service or potentiall...

Lunasvg v3.0.0 contains a segmentation violation vulnerability in the plutovg_path_add_path component that can cause denial of service or potentially ...

This vulnerability in DSPy's PythonInterpreter class allows attackers to bypass sandbox restrictions and read arbitrary files when users build AI agen...

This vulnerability in the archived 'mcp-run-python' project allows Python code executed via Pyodide to modify the JavaScript environment without isola...

NVIDIA Container Toolkit has an improper isolation vulnerability where specially crafted container images could allow untrusted code to run in the hos...

An improper isolation vulnerability in Fortinet FortiSandbox allows unauthenticated attackers to bypass sandbox scanning by submitting specially craft...

A vulnerability in Eclipse Open VSX Registry's automated publishing system allowed unauthorized uploads of extensions due to insufficient isolation of...

A local privilege escalation vulnerability in Juniper Junos OS kernel allows attackers with shell access to inject arbitrary code and compromise devic...

This vulnerability allows users with vpuser credentials to bypass restricted shell (rbash) limitations and gain a full-featured Linux shell on affecte...

This vulnerability allows authenticated attackers to inject code via Electron environment variables in Fortinet desktop applications. It affects Forti...

This vulnerability in the Grafana Databricks Datasource Plugin allows unauthorized data access when OAuth passthrough is enabled and multiple users sh...

This vulnerability in the Grafana Snowflake Datasource Plugin allows user identifier confusion when OAuth passthrough is enabled and multiple users ac...