CVE-2025-46716 – Sandboxie Kernel Pointer Read Vulnerability

May 22, 2025

CVE ID : CVE-2025-46716

Published : May 22, 2025, 5:15 p.m. | 1 hour, 36 minutes ago

Description : Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Starting in version 1.3.0 and prior to version 1.15.12, Api_SetSecureParam fails to sanitize incoming pointers, and implicitly trusts that the pointer the user has passed in is safe to read from. SetRegValue then reads an arbitrary address, which can be a kernel pointer, into a HKLM Security SBIE registry value. This can later be retrieved by API_GET_SECURE_PARAM. Version 1.15.12 fixes the issue.

Severity: 5.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-47779 – Asterisk SIP Message Authentication Spoofing Vulnerability

Next Article CVE-2025-46715 – Sandboxie Kernel Pointer Write Vulnerability

A Week In The Life Of An AI-Augmented Designer

This week in AI updates: Gemini Code Assist Agent Mode, GitHub’s Agents panel, and more (August 22, 2025)

Microsoft adds Copilot-powered debugging features for .NET in Visual Studio

Blackstone portfolio company R Systems Acquires Novigo Solutions, Strengthening its Product Engineering and Full-Stack Agentic-AI Capabilities

The best AirTag alternative for Samsung users is currently 30% off

One of the biggest new features on the Google Pixel 10 is also one of the most overlooked

I tested these viral ‘crush-proof’ Bluetooth speakers, and they’re not your average portables

I compared the best smartwatches from Google and Apple – and there’s a clear winner

MongoDB Data Types

MongoDB Data Types

Building Cross-Platform Alerts with Laravel’s Notification Framework

Add Notes Functionality to Eloquent Models With the Notable Package

Microsoft Teams updated with a feature you probably thought already existed — “Can you hear me?” is now a thing of the past

Microsoft Teams updated with a feature you probably thought already existed — “Can you hear me?” is now a thing of the past

Xbox Game Pass gets Gears of War: Reloaded, Dragon Age: The Veilguard, and more — here’s what is coming through the rest of August

Resident Evil ‘9’ Requiem has some of the most incredible lighting I’ve seen in a game — and Capcom uses it as a weapon

CVE-2025-46716 – Sandboxie Kernel Pointer Read Vulnerability

Blue Locker ransomware hits critical infrastructure – is your organisation ready?

GeoServer Exploits, PolarEdge, and Gayfemboy Push Cybercrime Beyond Traditional Botnets

AdventureLog is a self-hostable travel tracker and trip planner

Paleta generates color palettes with ease

Save 20% on this encrypted Kingston portable SSD to lock down your data

Laurie Anderson: Building an ARK | Starmus highlights

A Step-by-Step Coding Guide to Building an Iterative AI Workflow Agent Using LangGraph and Gemini

How to Free Up and Automatically Manage Disk Space for WSL on Windows 10/11

Verroche Denture Clinic

Rilasciato Mozilla Thunderbird 137: tutte le novità del client email open-source

CVE-2025-46716 – Sandboxie Kernel Pointer Read Vulnerability

Related Posts