You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
this is not really an issue in the code.
There are currently at minimum 2 exploits missing for CVE-2019-1129 and CVE-2019-1130. That was the fix for the latest sandboxescaper CVE-2019-0841 Bypass vulnerability from july.
As wes-ng collects information from various sources, including exploit links from Mitre's CVE database hosted at NVD (https://nvd.nist.gov/), there is indeed not much we can do about it in the code of wes-ng.
To complement the information regarding the 2 CVEs you mentioned, you can submit the exploit links at https://cveform.mitre.org/. This updated information will then be propagated to NVD and be included in the future definitions update of wes-ng.
Hi,
this is not really an issue in the code.
There are currently at minimum 2 exploits missing for CVE-2019-1129 and CVE-2019-1130. That was the fix for the latest sandboxescaper CVE-2019-0841 Bypass vulnerability from july.
One way to exploit this is here (Race Condition, so multiple cores needed):
https://github.com/SecureThisShit/SharpByeBear
Greetings
The text was updated successfully, but these errors were encountered: