CVE-2024-23682

HIGH Year: 2024
CVSS v3 Score
8.2
High
Weakness Type
CWE-501
View all →

Vulnerability Description

Artemis Java Test Sandbox versions before 1.8.0 are vulnerable to a sandbox escape when an attacker includes class files in a package that Ares trusts. An attacker can abuse this issue to execute arbitrary Java when a victim executes the supposedly sandboxed code.

Related Vulnerabilities

CVE-2023-0627

HIGH
CVSS:7.8(High)

Docker Desktop 4.11.x allows --no-windows-containers flag bypass via IPC response spoofing which may lead to Local Privilege Escalation (LPE).This issue affects Docker Desktop: 4.11.X.

CWE-5012023

CVE-2024-49050

HIGH
CVSS:8.8(High)

Visual Studio Code Python Extension Remote Code Execution Vulnerability

CWE-5012024

CVE-2023-28597

HIGH
CVSS:7.5(High)

Zoom clients prior to 5.13.5 contain an improper trust boundary implementation vulnerability. If a victim saves a local recording to an SMB location and later opens it using a link from Zoom’s web por...

CWE-5012023

CVE-2024-9779

HIGH
CVSS:7.5(High)

A flaw was found in Open Cluster Management (OCM) when a user has access to the worker nodes which contain the cluster-manager or klusterlet deployments. The cluster-manager deployment uses a service ...

CWE-5012024

CVE-2020-4076

CRITICAL
CVSS:9.0(Critical)

In Electron before versions 7.2.4, 8.2.4, and 9.0.0-beta21, there is a context isolation bypass. Code running in the main world context in the renderer can reach into the isolated Electron context and...

CWE-5012020

CVE-2019-0035

MEDIUM
CVSS:6.8(Medium)

When "set system ports console insecure" is enabled, root login is disallowed for Junos OS as expected. However, the root password can be changed using "set system root-authentication plain-text-passw...

CWE-5012019