| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Cursor is a code editor built for programming with AI. Cursor allows writing in-workspace files with no user approval in versions below 1.3.9, If the file is a dotfile, editing it requires approval but creating a new one doesn't. Hence, if sensitive MCP files, such as the .cursor/mcp.json file don't already exist in the workspace, an attacker can chain a indirect prompt injection vulnerability to hijack the context to write to the settings file and trigger RCE on the victim without user approval. This is fixed in version 1.3.9. |
| Memory corruption while handling test pattern generator IOCTL command. |
| Memory corruption while processing DDI command calls. |
| A crafted request with invalid offsets may cause an out-of-bounds read or write access in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition or local memory overwrite. |
| A crafted request may cause a read access to an uninitialized pointer in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition. |
| An uninitialized stack variable vulnerability in load_tic_series() in set.c in gnuplot 5.2.rc1 allows an attacker to cause Denial of Service (Segmentation fault and Memory Corruption) or possibly have unspecified other impact when a victim opens a specially crafted file. |
| Memory corruption when a compat IOCTL call is followed by another IOCTL call from userspace to a driver. |
| Memory corruption while validating the TID to Link Mapping action request frame, when a station connects to an access point. |
| Memory corruption when input parameter validation for number of fences is missing for fence frame IOCTL calls, |
| Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption. |
| Memory corruption while verifying the serialized header when the key pairs are generated. |
| Memory corruption in video while parsing invalid mp2 clip. |
| Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element. |
| Memory corruption in Audio while running invalid audio recording from ADSP. |
| Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points. |
| Memory corruption in Audio while processing RT proxy port register driver. |
| Memory corruption in Modem while processing security related configuration before AS Security Exchange. |
| Memory corruption when the payload received from firmware is not as per the expected protocol size. |
| Memory corruption while passing untrusted/corrupted pointers from DSP to EVA. |
| Luxion KeyShot DAE File Parsing Access of Uninitialized Pointer Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of dae files. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23698. |
