Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4616 matches found

UbuntuCve
UbuntuCveadded 2026/05/08 3:16 p.m.8 views

CVE-2026-43395

In the Linux kernel, the following vulnerability has been resolved: drm/xe/sync: Cleanup partially initialized sync on parse failure xesyncentryparse can allocate references syncobj, fence, chain fence, or user fence before hitting a later failure path. Several of those paths returned directly,...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References6
UbuntuCve
UbuntuCveadded 2026/05/08 3:16 p.m.6 views

CVE-2026-43362

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix in-place encryption corruption in SMB2write SMB2write places write payload in iov1..n as part of rqiov. smb3inittransformrq pointer-shares rqiov, so cryptmessage encrypts iov1 in-place, replacing the original...

8.1CVSS5.8AI score0.00217EPSS
Exploits0References7
OSV
OSVadded 2026/05/08 3:16 p.m.7 views

UBUNTU-CVE-2026-43395

In the Linux kernel, the following vulnerability has been resolved: drm/xe/sync: Cleanup partially initialized sync on parse failure xesyncentryparse can allocate references syncobj, fence, chain fence, or user fence before hitting a later failure path. Several of those paths returned directly,...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References7
OSV
OSVadded 2026/05/08 3:16 p.m.7 views

UBUNTU-CVE-2026-43396

In the Linux kernel, the following vulnerability has been resolved: drm/xe/sync: Fix user fence leak on alloc failure When dmafencechainalloc fails, properly release the user fence reference to prevent a memory leak. cherry picked from commit a5d5634cde48a9fcd68c8504aa07f89f175074a0...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References6
Cvelist
Cvelistadded 2026/05/08 2:21 p.m.29 views

CVE-2026-43396 drm/xe/sync: Fix user fence leak on alloc failure

In the Linux kernel, the following vulnerability has been resolved: drm/xe/sync: Fix user fence leak on alloc failure When dmafencechainalloc fails, properly release the user fence reference to prevent a memory leak. cherry picked from commit a5d5634cde48a9fcd68c8504aa07f89f175074a0...

0.00121EPSS
Exploits0References3
CVE
CVEadded 2026/05/08 2:21 p.m.15 views

CVE-2026-43396

In the Linux kernel, the vulnerability CVE-2026-43396 is in the drm/xe/sync path. When dma_fence_chain_alloc() fails, the user fence reference is not released, causing a memory leak. Documented across multiple sources (Red Hat, SUSE, Ubuntu, Debian OSV entries, and NVD), the issue is fixed by the...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVEadded 2026/05/08 2:21 p.m.7 views

CVE-2026-43396

In the Linux kernel, the following vulnerability has been resolved: drm/xe/sync: Fix user fence leak on alloc failure When dmafencechainalloc fails, properly release the user fence reference to prevent a memory leak. cherry picked from commit a5d5634cde48a9fcd68c8504aa07f89f175074a0...

5.5CVSS5.7AI score0.00121EPSS
Exploits0
Cvelist
Cvelistadded 2026/05/08 2:21 p.m.62 views

CVE-2026-43395 drm/xe/sync: Cleanup partially initialized sync on parse failure

In the Linux kernel, the following vulnerability has been resolved: drm/xe/sync: Cleanup partially initialized sync on parse failure xesyncentryparse can allocate references syncobj, fence, chain fence, or user fence before hitting a later failure path. Several of those paths returned directly,...

0.00122EPSS
Exploits0References4
CVE
CVEadded 2026/05/08 2:21 p.m.11 views

CVE-2026-43395

In the Linux kernel, the vulnerability CVE-2026-43395 affects the drm/xe/sync subsystem. During xe_sync_entry_parse(), references (syncobj, fence, chain fence, or user fence) can be allocated before a later failure path is reached, leaving partially initialized state and leaking refs. The fix rou...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2026/05/08 2:21 p.m.27 views

CVE-2026-43355 iio: light: bh1780: fix PM runtime leak on error path

In the Linux kernel, the following vulnerability has been resolved: iio: light: bh1780: fix PM runtime leak on error path Move pmruntimeputautosuspend before the error check to ensure the PM runtime reference count is always decremented after pmruntimegetsync, regardless of whether the read...

0.00123EPSS
Exploits0References6
NVD
NVDadded 2026/05/08 2:16 p.m.30 views

CVE-2026-43322

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: Fix UAF in lereadfeaturescomplete This fixes the following backtrace caused by hciconn being freed before lereadfeaturescomplete but after hcilereadremotefeaturessync so hciconndel - hcicmdsyncdequeue is not...

8.8CVSS0.00219EPSS
Exploits0References2
UbuntuCve
UbuntuCveadded 2026/05/08 2:16 p.m.7 views

CVE-2026-43322

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: Fix UAF in lereadfeaturescomplete This fixes the following backtrace caused by hciconn being freed before lereadfeaturescomplete but after hcilereadremotefeaturessync so hciconndel - hcicmdsyncdequeue is not...

8.8CVSS5.8AI score0.00219EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/05/08 1:31 p.m.49 views

CVE-2026-43322 Bluetooth: hci_sync: Fix UAF in le_read_features_complete

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: Fix UAF in lereadfeaturescomplete This fixes the following backtrace caused by hciconn being freed before lereadfeaturescomplete but after hcilereadremotefeaturessync so hciconndel - hcicmdsyncdequeue is not...

8.8CVSS0.00219EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/05/08 1:26 p.m.40 views

CVE-2026-43318 drm/amdgpu: fix sync handling in amdgpu_dma_buf_move_notify

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix sync handling in amdgpudmabufmovenotify Invalidating a dmabuf will impact other users of the shared BO. In the scenario where process A moves the BO, it needs to inform process B about the move and process B will...

0.00122EPSS
Exploits0References4
Debian CVE
Debian CVEadded 2026/05/08 1:26 p.m.5 views

CVE-2026-43318

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix sync handling in amdgpudmabufmovenotify Invalidating a dmabuf will impact other users of the shared BO. In the scenario where process A moves the BO, it needs to inform process B about the move and process B will...

5.5CVSS5.8AI score0.00122EPSS
Exploits0
CVE
CVEadded 2026/05/08 1:0 p.m.14 views

CVE-2026-41161

Summary: CVE-2026-41161 affects Sync-in Server before version 2.2.0. The /api/auth/login endpoint exposes a timing-based flaw that allows unauthenticated remote attackers to enumerate valid usernames by measuring response times. This is confirmed in the GitHub advisory and CVE descriptions, which...

6.9CVSS5.8AI score0.00333EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologiesadded 2026/05/08 12:0 a.m.7 views

PT-2026-39120

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the ALSA System on Chip ASoC core. When a sound card is unbound while a PCM stream is open, the close delayed work workqueue handler calls snd soc dapm...

7.3CVSS5.5AI score0.00113EPSS
Exploits0References20
Positive Technologies
Positive Technologiesadded 2026/05/08 12:0 a.m.10 views

PT-2026-38908

Kavita is a cross platform reading server. Prior to 0.9.0, the ReaderController.GetImage endpoint is decorated with AllowAnonymous, allowing completely unauthenticated access to page images from any chapter in any library. While the endpoint accepts an apiKey parameter, it is never validated. Sin...

6.9CVSS5.7AI score0.00281EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/05/08 12:0 a.m.15 views

PT-2026-39056

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the Linux kernel when the xe sync entry parse function fails during parsing. The function may allocate references for syncobj, fence, chain fence, or user fence...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References17
Positive Technologies
Positive Technologiesadded 2026/05/08 12:0 a.m.7 views

PT-2026-39057

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the Linux kernel when the dma fence chain alloc function fails, as the user fence reference is not properly released. Recommendations At the moment, there is no...

5.8AI score0.00121EPSS
Exploits0References7
Rows per page
Query Builder