#dos

Ubuntu Security Notice 7126-1 - It was discovered that libsoup ignored certain characters at the end of header names. A remote attacker could possibly use this issue to perform a HTTP request smuggling attack. It was discovered that libsoup did not correctly handle memory while performing UTF-8 conversions. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. It was discovered that libsoup could enter an infinite loop when reading certain websocket data. An attacker could possibly use this issue to cause a denial of service.

Ubuntu Security Notice 7127-1 - It was discovered that libsoup ignored certain characters at the end of header names. A remote attacker could possibly use this issue to perform a HTTP request smuggling attack. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. It was discovered that libsoup did not correctly handle memory while performing UTF-8 conversions. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code.

Ubuntu Security Notice 7125-1 - It was discovered that RapidJSON incorrectly parsed numbers written in scientific notation, leading to an integer underflow. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code.

Ubuntu Security Notice 7129-1 - It was discovered that TinyGLTF performed file path expansion in an insecure way on certain inputs. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code.

Ubuntu Security Notice 7128-1 - Sebastian Chnelik discovered that Pygments had an inefficient regex query for analyzing certain inputs. An attacker could possibly use this issue to cause a denial of service.

Red Hat Security Advisory 2024-10389-03 - Red Hat OpenShift Virtualization release 4.13.11 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2024-10289-03 - An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8. Issues addressed include denial of service and traversal vulnerabilities.

Over the past year, "Matrix" has used publicly available malware tools and exploit scripts to target weakly secured IoT devices — and enterprise servers.

A threat actor named Matrix has been linked to a widespread distributed denial-of-service (DoD) campaign that leverages vulnerabilities and misconfigurations in Internet of Things (IoT) devices to co-opt them into a disruptive botnet. "This operation serves as a comprehensive one-stop shop for scanning, exploiting vulnerabilities, deploying malware, and setting up shop kits, showcasing a

Two men have been arrested for allegedly stealing data from and extorting dozens of companies that used the cloud data storage company Snowflake, but a third suspect -- a prolific hacker known as Kiberphant0m -- remains at large and continues to publicly extort victims. However, this person's identity may not remain a secret for long: A careful review of Kiberphant0m's daily chats across multiple cybercrime personas suggests they are a U.S. Army soldier who is or was recently stationed in South Korea.