CVE-2026-46036 vfio/cdx: Serialize VFIO_DEVICE_SET_IRQS with a per-device mutex

In the Linux kernel, the following vulnerability has been resolved: vfio/cdx: Serialize VFIODEVICESETIRQS with a per-device mutex vfiocdxsetmsitrigger reads vdev-configmsi and operates on the vdev-cdxirqs array based on its value, but provides no serialization against concurrent VFIODEVICESETIRQS...

UBUNTU-CVE-2025-21915

In the Linux kernel, the following vulnerability has been resolved: cdx: Fix possible UAF error in driveroverrideshow Fixed a possible UAF problem in driveroverrideshow in drivers/cdx/cdx.c This function driveroverrideshow is part of DEVICEATTRRW, which includes both driveroverrideshow and...

Use the IIS semicolon parsing upload vulnerability analysis-vulnerability warning-the black bar safety net

First look at the following a very common file upload extension filter code: fileExt=lcaseofile. FileExt arrUpFileType=splitUpFileType,"|" for i=0 to uboundarrUpFileType if fileEXT=trimarrUpFileTypei then EnableUpload=true exit for end if next if fileEXT="asp" or fileEXT="asa" or fileEXT="aspx" o...