Repository navigation

#

sandbox-escape

0vercl0k / CVE-2019-11708 

Full exploit chain (CVE-2019-11708 & CVE-2019-9810) against Firefox on Windows 64-bit.

exploitationcve-2019-11708cve-2019-9810Firefoxsandbox-escaperemote-code-executionExploit
JavaScript
621
5 年前
tijme / angularjs-csti-scanner 

Automated client-side template injection (sandbox escape/bypass) detection for AngularJS v1.x.

Angularxssxss-scannersExploitvulnerability-scannerssandbox-escape安全工具
Python
325
4 年前
0vercl0k / CVE-2022-28281 

PoC for CVE-2022-28281 a Mozilla Firefox Out of bounds write.

FirefoxMozillacve-2022-28281sandbox-escapeWebAuthnmemory-corruption
HTML
74
3 年前
JGoyd / Glass-Cage-iOS18-CVE-2025-24085-CVE-2025-24201 

Glass Cage is a zero-click PNG-based RCE chain in iOS 18.2.1, exploiting WebKit (CVE-2025-24201) and Core Media (CVE-2025-24085) to achieve sandbox escape, kernel-level access, and device bricking. Triggered via iMessage, it enables full compromise with no user interaction.

imessageiOSkernel-exploitprivilege-escalationrcesandbox-escape
10
2 天前
iosdec / Sandbox-Escape-POC-iOS-13.4.1-and-lower 

This is a POC of a sandbox escape by found by Siguza. Works up to iOS 13.4.1.

Exploitsandbox-escapeiOSObjective-C
Objective-C
5
5 年前
kai6u / TriBell_Edge_SandBox_Escape 

Tribell Edge Sandbox Escape - PoCs of Edge's legacy vulnerabilities BadgeUpdateManager / TileFlyoutUpdateManager / ToastNotificationManager to exploit cross-boundary XmlDocument sharing and escape Edge’s LPAC sandbox (CVE-2019-0555).

sandbox-escape
JavaScript
4
2 个月前
IlayTheVuln / MS-Ransomware 

All credits to wannacry :)

aesransomwaresandbox-escape
C#
1
2 年前
MrT3acher / angularjs-client-side-template-injection-lab 

A simple lab created for testing CSTI vulnerability in AngularJS version 1.0.8, 1.3.20 and 1.5.8 using Sandbox Escape.

Angularsandbox-escapelaboratoryJavaScript
PHP
0
4 年前