Lucene search
K

1292 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Firefox, Thunderbird

If a custom mouse cursor is specified in CSS, under certain circumstances the cursor might be drawn over the browser UI, potentially causing confusion for users or leading to spoofing attacks. This vulnerability affects Firefox ESR 102.5, Thunderbird 102.5, and Firefox 107...

6.1CVSS7.4AI score0.00728EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Qemu

A flaw was discovered in the QXL display device emulation in QEMU. The double retrieval of the guest-controlled values cursor-header.width and cursor-header.height can lead to the allocation of a small cursor object, followed by a subsequent heap-based buffer overflow. A malicious privileged gues...

8.2CVSS7.4AI score0.00399EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validated the box size for the snooped cursor. Invalid user-space DMA surface copies could potentially cause an overflow when copying data from the surface to the snooped image, leading to crashes. To address this...

5.5CVSS5.9AI score0.00149EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Qemu

A flaw was discovered in the QXL display device emulation in QEMU. An integer overflow in the cursoralloc function can lead to the allocation of a small cursor object, followed by a subsequent heap-based buffer overflow. This flaw allows a malicious privileged guest user to crash the QEMU process...

8.2CVSS7.5AI score0.00834EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: drm: msm: fixed a possible memory leak in mdp5crtccursorset drmgemobjectlookup will call drmgemobjectget inside it. Therefore, cursorbo needs to be set when msmgemgetandpiniova fails...

5.5CVSS6.1AI score0.00253EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 4:58 a.m.9 views

Malicious code in @mastra/cursor (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ac742321cf72f2fa4cb958772f032eeb2a3ac062d31237ef0699b9de6ac0bc41 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.4AI score
Exploits0References1
OSV
OSV
added 2026/06/17 4:58 a.m.6 views

MAL-2026-6013 Malicious code in @mastra/cursor (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ac742321cf72f2fa4cb958772f032eeb2a3ac062d31237ef0699b9de6ac0bc41 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.4AI score
Exploits0References1
NVD
NVD
added 2026/06/15 9:17 p.m.7 views

CVE-2026-48124

Cursor is a code editor built for programming with AI. In versions prior to 3.0.0, the Cursor Desktop could execute workspace-defined Claude hook commands from .claude/settings.local.json without dedicated user approval. A malicious workspace or agent-created file could configure hooks that run...

8.5CVSS0.00144EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/15 7:56 p.m.14 views

EUVD-2026-37002

Cursor is a code editor built for programming with AI. In versions prior to 3.0.0, the Cursor Desktop could execute workspace-defined Claude hook commands from .claude/settings.local.json without dedicated user approval. A malicious workspace or agent-created file could configure hooks that run...

8.5CVSS5.5AI score0.00144EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 7:56 p.m.28 views

CVE-2026-48124 Cursor Desktop sandbox escape via Claude hook configuration

Cursor is a code editor built for programming with AI. In versions prior to 3.0.0, the Cursor Desktop could execute workspace-defined Claude hook commands from .claude/settings.local.json without dedicated user approval. A malicious workspace or agent-created file could configure hooks that run...

8.5CVSS0.00144EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 7:15 p.m.18 views

CVE-2026-52722

GStreamer VMnc decoder in gstreamer1-plugins-bad-free contains a signed integer overflow in cursor payload handling. A crafted VMnc stream with large cursor dimensions can cause signed payload-size arithmetic overflow, bypass a length check, and lead to out-of-bounds reads. This may allow a remot...

7.1CVSS5.4AI score0.00288EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.17 views

PT-2026-49469

Name of the Vulnerable Software and Affected Versions Cursor versions prior to 3.0.0 Description Cursor Desktop allows the execution of workspace-defined Claude hook commands located in .claude/settings.local.json without requiring explicit user approval. A malicious workspace or a file created b...

8.5CVSS6.1AI score0.00144EPSS
Exploits0References3
OSV
OSV
added 2026/06/12 9:0 p.m.5 views

GHSA-X4QR-QW6H-WVXQ Fleet: Observer-level enrollment secret extraction via ORDER BY oracle on Apple MDM commands endpoint

Summary A vulnerability in Fleet's Apple MDM commands listing endpoint allowed authenticated users with the lowest-privilege Observer role to extract sensitive values from joined database tables — including host enrollment secrets and Apple Push Notification Service APNS tokens — through a...

6.5CVSS5.5AI score0.00019EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.15 views

PT-2026-49057

Name of the Vulnerable Software and Affected Versions Fleet affected versions not specified Description An issue in the Apple MDM commands listing endpoint allows authenticated users with the Observer role to extract sensitive data from joined database tables, such as host enrollment secrets and...

6.5CVSS5.9AI score0.00019EPSS
Exploits0References4
Metasploit
Metasploit
added 2026/06/11 7:0 p.m.197 views

VS Code Extension Persistence

This module installs a malicious VS Code extension into the target's VS Code extensions directory. The extension executes the payload each time VS Code is launched, providing persistent code execution. Supports VS Code, VS Code Insiders, VSCodium, VS Code Server, and Cursor. Tested against 1.120....

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.10 views

VS Code Extension Persistence

This Metasploit module installs a malicious VS Code extension into the target's VS Code extensions directory. The extension executes the payload each time VS Code is launched, providing persistent code execution. Supports VS Code, VS Code Insiders, VSCodium, VS Code Server, and Cursor. Tested...

5.5AI score
Exploits0
MongoDB
MongoDB
added 2026/06/09 9:59 p.m.7 views

Aggregation sub-pipeline null dereference may allow DoS via crafted getMore

In MongoDB Server 8.0, an aggregation stage can leave its subPipeline field null during processing of certain pipelines. If a getMore is subsequently issued on the same cursor, the server may dereference this null sub-pipeline when reattaching to the operation context, accessing an invalid addres...

7.1CVSS5.5AI score0.00307EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/06 12:0 a.m.16 views

PT-2026-47154

Name of the Vulnerable Software and Affected Versions Cursor versions prior to 3.0 Description A sandbox escape exists due to improper input validation and path traversal in how the agent handles the working directory parameter. By manipulating this parameter, a malicious agent can include writab...

9.8CVSS6.3AI score0.00637EPSS
Exploits0References23
Positive Technologies
Positive Technologies
added 2026/06/06 12:0 a.m.19 views

PT-2026-47155

Name of the Vulnerable Software and Affected Versions Cursor versions prior to 3.0 Description Cursor runs agent terminal commands in a sandbox by default. Before performing a write operation, the agent canonicalizes the target path to ensure it remains within the workspace. However, if...

9.8CVSS6.3AI score0.00638EPSS
Exploits0References20
Microsoft CVE
Microsoft CVE
added 2026/05/29 8:7 a.m.9 views

sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL

...

7.8CVSS5.4AI score0.00104EPSS
Exploits0
Rows per page
Query Builder