Lucene search
K

1294 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/19 12:0 a.m.4 views

MiracleLinux 7 : tigervnc-1.3.1-3.el7 (AXSA:2015-910:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-910:01 advisory. Virtual Network Computing VNC is a remote display system which allows you to view a computing 'desktop' environment not only on the machine where it ...

9.8CVSS6.6AI score0.08272EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/15 5:22 p.m.6 views

CVE-2026-22708

Cursor is a code editor built for programming with AI. Prior to 2.3, hen the Cursor Agent is running in Auto-Run Mode with Allowlist mode enabled, certain shell built-ins can still be executed without appearing in the allowlist and without requiring user approval. This allows an attacker via...

9.8CVSS7.4AI score0.00537EPSS
Exploits0References1
NVD
NVD
added 2026/01/14 5:16 p.m.11 views

CVE-2026-22708

Cursor is a code editor built for programming with AI. Prior to 2.3, hen the Cursor Agent is running in Auto-Run Mode with Allowlist mode enabled, certain shell built-ins can still be executed without appearing in the allowlist and without requiring user approval. This allows an attacker via...

9.8CVSS0.00537EPSS
Exploits0References1
CVE
CVE
added 2026/01/14 4:43 p.m.53 views

CVE-2026-22708

CVE-2026-22708 affects Cursor (AI-enhanced code editor). Prior to version 2.3, when the Cursor Agent runs in Auto-Run mode with Allowlist enabled, certain shell built-ins can be executed without appearing in the allowlist or requiring user approval. This enables an attacker to perform indirect or...

9.8CVSS7AI score0.00537EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/14 4:43 p.m.14 views

CVE-2026-22708 Cursor has a Terminal Tool Allowlist Bypass via Environment Variables

Cursor is a code editor built for programming with AI. Prior to 2.3, hen the Cursor Agent is running in Auto-Run Mode with Allowlist mode enabled, certain shell built-ins can still be executed without appearing in the allowlist and without requiring user approval. This allows an attacker via...

9.2CVSS7AI score0.00537EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/14 4:43 p.m.23 views

CVE-2026-22708 Cursor has a Terminal Tool Allowlist Bypass via Environment Variables

Cursor is a code editor built for programming with AI. Prior to 2.3, hen the Cursor Agent is running in Auto-Run Mode with Allowlist mode enabled, certain shell built-ins can still be executed without appearing in the allowlist and without requiring user approval. This allows an attacker via...

9.2CVSS0.00537EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/14 4:43 p.m.4 views

CVE-2026-22708

Cursor is a code editor built for programming with AI. Prior to 2.3, hen the Cursor Agent is running in Auto-Run Mode with Allowlist mode enabled, certain shell built-ins can still be executed without appearing in the allowlist and without requiring user approval. This allows an attacker via...

9.8CVSS5.7AI score0.00537EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/01/14 4:43 p.m.20 views

CVE-2026-22708 Cursor has a Terminal Tool Allowlist Bypass via Environment Variables

Cursor is a code editor built for programming with AI. Prior to 2.3, hen the Cursor Agent is running in Auto-Run Mode with Allowlist mode enabled, certain shell built-ins can still be executed without appearing in the allowlist and without requiring user approval. This allows an attacker via...

9.2CVSS5.8AI score0.00537EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/14 12:0 a.m.7 views

Cursor 安全漏洞

Cursor is a Cursor open source intelligent code editor with deep AI integration. A security vulnerability exists in versions prior to Cursor 2.3 that stems from the fact that in autorun mode, certain shell built-in commands can be executed without being whitelisted and without the need for user...

9.8CVSS7.1AI score0.00537EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/14 12:0 a.m.10 views

PT-2026-2918

Name of the Vulnerable Software and Affected Versions Cursor versions prior to 2.3 Description Cursor is a code editor designed for programming with AI. When the Cursor Agent operates in Auto-Run Mode with Allowlist mode enabled, certain shell built-ins can be executed without appearing on the...

9.8CVSS6.7AI score0.00537EPSS
Exploits0References16
RedhatCVE
RedhatCVE
added 2026/01/09 10:9 a.m.8 views

CVE-2019-11695

A custom cursor defined by scripting on a site can position itself over the addressbar to spoof the actual cursor when it should not be allowed outside of the primary web content area. This could be used by a malicious site to trick users into clicking on permission prompts, doorhanger...

4.3CVSS5.5AI score0.00737EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:49 a.m.6 views

CVE-2020-24822

A vulnerability in the dwarf::cursor::uleb function of Libelfin v0.3 allows attackers to cause a denial of service DOS through a segmentation fault via a crafted ELF file...

5.5CVSS6.6AI score0.00727EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:16 a.m.7 views

CVE-2025-1512

The PowerPack Elementor Addons Free Widgets, Extensions and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Custom Cursor Extension in all versions up to, and including, 2.9.0 due to insufficient input sanitization and output escaping. This makes it possible fo...

6.4CVSS6AI score0.00232EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.2 views

PT-2026-3466

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.21.0 Description FreeRDP, a free implementation of the Remote Desktop Protocol, contains a flaw where the xf Pointer New function incorrectly frees memory associated with cursorPixels both on failure and during norm...

9.8CVSS6.3AI score0.00467EPSS
Exploits8References237
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.5 views

PT-2026-26099

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the XFS file system related to the revalidation of two btrees during file system repair. Specifically, the issue arises when rebuilding both the...

5.5CVSS5.8AI score0.00141EPSS
Exploits0
OSV
OSV
added 2025/12/24 1:6 p.m.4 views

CVE-2023-54112 kcm: Fix memory leak in error path of kcm_sendmsg()

In the Linux kernel, the following vulnerability has been resolved: kcm: Fix memory leak in error path of kcmsendmsg syzbot reported a memory leak like below: BUG: memory leak unreferenced object 0xffff88810b088c00 size 240: comm "syz-executor186", pid 5012, jiffies 4294943306 age 13.680s hex dum...

6.3AI score0.00177EPSS
Exploits0References11
EUVD
EUVD
added 2025/12/16 6:31 p.m.4 views

EUVD-2025-203794

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check NULL before accessing WHAT IGT kmscursorlegacy's long-nonblocking-modeset-vs-cursor-atomic fails with NULL pointer dereference. This can be reproduced with both an eDP panel and a DP monitors connected. BUG...

5.8AI score0.00173EPSS
Exploits0References8
OSV
OSV
added 2025/12/16 4:16 p.m.8 views

AZL-72622 CVE-2025-68286 affecting package kernel for versions less than 6.6.119.3-1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check NULL before accessing WHAT IGT kmscursorlegacy's long-nonblocking-modeset-vs-cursor-atomic fails with NULL pointer dereference. This can be reproduced with both an eDP panel and a DP monitors connected. BUG...

5.8AI score0.00173EPSS
Exploits0References1
NVD
NVD
added 2025/12/16 4:16 p.m.4 views

CVE-2025-68286

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check NULL before accessing WHAT IGT kmscursorlegacy's long-nonblocking-modeset-vs-cursor-atomic fails with NULL pointer dereference. This can be reproduced with both an eDP panel and a DP monitors connected. BUG...

0.00173EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2025/12/16 4:16 p.m.3 views

CVE-2025-68286

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check NULL before accessing WHAT IGT kmscursorlegacy's long-nonblocking-modeset-vs-cursor-atomic fails with NULL pointer dereference. This can be reproduced with both an eDP panel and a DP monitors connected. BUG...

5.9AI score0.00173EPSS
Exploits0References35
Rows per page
Query Builder