Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988942)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988942 advisory. In the Linux kernel, the following vulnerability has been resolved: drm: msm: fix possible memory leak in mdp5crtccursorset drmgemobjectlookup will call...

Cap Collectif 代码问题漏洞

Cap Collectif is a fully customizable online platform from Cap Collectif Open Source. Cap Collectif has a code issue vulnerability that stems from DebateAlternateArgumentsResolver deserializing a Cursor object, which could lead to remote code execution...

CVE-2022-49467

In the Linux kernel, the following vulnerability has been resolved: drm: msm: fix possible memory leak in mdp5crtccursorset drmgemobjectlookup will call drmgemobjectget inside. So cursorbo needs to be put when msmgemgetandpiniova fails...

(Pwn2Own) Microsoft Windows NtUserLinkDpiCursor Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

Microsoft Windows - Cursor Object Memory Leak (MS15-115)

Source: https://code.google.com/p/google-security-research/issues/detail?id=510 The attached poc crashes 32-bit Windows 7 with a screen resolution of 1024x768 and 32bit color depth. The crash occurs during a memmove opperation while copying the cursor content from unmapped memory. This could...

Microsoft Windows - Cursor Object Memory Leak (MS15-115)

Microsoft Windows - Cursor Object Memory Leak MS15-115 Source: https://code.google.com/p/google-security-research/issues/detail?id=510 The attached poc crashes 32-bit Windows 7 with a screen resolution of 1024x768 and 32bit color depth. The crash occurs during a memmove opperation while copying t...

Microsoft Windows Kernel - Use-After-Free with Cursor Object (MS15-097)

Microsoft Windows Kernel - Use-After-Free with Cursor Object MS15-097 Source: https://code.google.com/p/google-security-research/issues/detail?id=457 --- The attached testcase crashes Win 7 with Special Pool enabled while accessing the freed global cursor object gpqCursor​. See poc.cpp for...

Microsoft Windows Kernel - Use-After-Free with Cursor Object (MS15-097)

Source: https://code.google.com/p/google-security-research/issues/detail?id=457 --- The attached testcase crashes Win 7 with Special Pool enabled while accessing the freed global cursor object gpqCursor​. See poc.cpp for instructions on how to compile and run. Proof of Concept:...

CVE-2015-0058

Double free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 allows local users to gain privileges via a crafted application, aka "Windows Cursor Object Double Free Vulnerability."...

Double free

Double free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 allows local users to gain privileges via a crafted application, aka "Windows Cursor Object Double Free Vulnerability."...