JeecgBoot 跨站脚本漏洞

JeecgBoot is a Java low-code platform developed by Jeecg Corporation, designed for enterprise web applications. JeecgBoot versions 3.9.1 and earlier contained a cross-site scripting vulnerability. This vulnerability originated from an unknown function in the SVG File Handler component, specifical...

CVE-2026-7985

An use after free flaw was found in the GPU component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=498352423...

CVE-2026-7972

An uninitialized use flaw was found in the GPU component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497546281...

CVE-2026-7955

An uninitialized use flaw was found in the GPU component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=496441232...

CVE-2026-7918

An use after free flaw was found in the GPU component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=498780188...

CVE-2026-7912

An integer overflow flaw was found in the GPU component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497639714...

CVE-2026-7906

An use after free flaw was found in the SVG component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=496284584...

CVE-2026-43369

A flaw was found in the Linux kernel's drm/amd graphics driver. When a GPU initialization fails due to an unsupported hardware block, certain IP blocks may have a null version pointer. During the device cleanup process, the amdgpudevicesetpgstate and amdgpudevicesetcgstate functions attempt to...

CVE-2026-43368

A flaw was found in the Linux kernel's graphics memory management drm/i915 component. This vulnerability occurs when a large shared memory object's internal list of memory segments, called a scatterlist, is populated. If the total size of these segments exceeds 4 Gigabytes GB, a numerical overflo...

EUVD-2026-28702

In the Linux kernel, the following vulnerability has been resolved: drm/xe/sync: Fix user fence leak on alloc failure When dmafencechainalloc fails, properly release the user fence reference to prevent a memory leak. cherry picked from commit a5d5634cde48a9fcd68c8504aa07f89f175074a0...

EUVD-2026-28706

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound check on user inputs in signal ioctl Huge input values in amdgpuuserqsignalioctl can lead to a OOM and could be exploited. So check these input value against AMDGPUUSERQMAXHANDLES which is big enough...

EUVD-2026-28674

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix potential overflow of shmem scatterlist length When a scatterlists table of a GEM shmem object of size 4 GB or more is populated with pages allocated from a folio, unsigned int .length attribute of a scatterlist may...

CVE-2026-43444

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Unreserve bo if queue update failed Error handling path should unreserve bo then return failed. cherry picked from commit c24afed7de9ecce341825d8ab55a43a254348b33...

CVE-2026-43368

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix potential overflow of shmem scatterlist length When a scatterlists table of a GEM shmem object of size 4 GB or more is populated with pages allocated from a folio, unsigned int .length attribute of a scatterlist may...

UBUNTU-CVE-2026-43395

In the Linux kernel, the following vulnerability has been resolved: drm/xe/sync: Cleanup partially initialized sync on parse failure xesyncentryparse can allocate references syncobj, fence, chain fence, or user fence before hitting a later failure path. Several of those paths returned directly,...

UBUNTU-CVE-2026-43367

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix a few more NULL pointer dereference in device cleanup I found a few more paths that cleanup fails due to a NULL version pointer on unsupported hardware. Add NULL checks as applicable. cherry picked from commit...

CVE-2026-43395

In the Linux kernel, the vulnerability CVE-2026-43395 affects the drm/xe/sync subsystem. During xe_sync_entry_parse(), references (syncobj, fence, chain fence, or user fence) can be allocated before a later failure path is reached, leaving partially initialized state and leaking refs. The fix rou...

CVE-2026-43395

In the Linux kernel, the following vulnerability has been resolved: drm/xe/sync: Cleanup partially initialized sync on parse failure xesyncentryparse can allocate references syncobj, fence, chain fence, or user fence before hitting a later failure path. Several of those paths returned directly,...

CVE-2026-43370

The CVE-2026-43370 issue affects the Linux kernel DRM/AMDGPU subsystem, specifically a use-after-free race in VM acquisition. Root cause: a non-atomic vm->process_info assignment could race when parent and child processes sharing a drm_file both attempt to acquire the same VM after fork(). The...

CVE-2026-43369

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix NULL pointer dereference in device cleanup When GPU initialization fails due to an unsupported HW block IP blocks may have a NULL version pointer. During cleanup in amdgpudevicefinihw, the code calls...