#dos

Ubuntu Security Notice 6102-1 - It was discovered that xmldom incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause unexpected syntactic changes during XML processing. This issue only affected Ubuntu 20.04 LTS. It was discovered that xmldom incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service.

Ubuntu Security Notice 5996-2 - USN-5996-1 fixed vulnerabilities in Liblouis. This update provides the corresponding updates for Ubuntu 23.04. It was discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service.

A buffer overflow vulnerability in the ID processing function in Zyxel ATP series firmware versions 4.32 through 5.36 Patch 1, USG FLEX series firmware versions 4.50 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.25 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.25 through 5.36 Patch 1, VPN series firmware versions 4.30 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.25 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device.

An update for rh-ruby27-ruby is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-33621: A vulnerability was found in Ruby that allows HTTP header injection. A CGI application using the CGI library may insert untrusted input into the HTTP response header. This issue can allow an attacker to insert a newline character to split a header and inject malicious content to deceive clients. * CVE-2023-28755: A flaw was found in the ...

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules allows a remote unauthenticated attacker to cause a denial of service (DoS) condition or execute malicious code on a target product by sending specially crafted packets. A system reset of the product is required for recovery from a denial of service (DoS) condition and malicious code execution.

Widespread cyber incidents will happen, but unlike natural disasters, specific security controls can help prevent a catastrophe.

IBM PowerVM Hypervisor FW860.00 through FW860.B3, FW950.00 through FW950.70, FW1010.00 through FW1010.50, FW1020.00 through FW1020.30, and FW1030.00 through FW1030.10 could allow a local attacker with control a partition that has been assigned SRIOV virtual function (VF) to cause a denial of service to a peer partition or arbitrary data corruption. IBM X-Force ID: 253175.

Ubuntu Security Notice 5725-2 - USN-5725-1 fixed a vulnerability in Go. This update provides the corresponding update for Ubuntu 16.04 LTS. Diederik Loerakker, Jonny Rhea, Raúl Kripalani, and Preston Van Loon discovered that Go incorrectly handled certain inputs. An attacker could possibly use this issue to cause Go applications to hang or crash, resulting in a denial of service.

Ubuntu Security Notice 6099-1 - It was discovered that ncurses was incorrectly performing bounds checks when processing invalid hashcodes. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. This issue only affected Ubuntu 18.04 LTS. It was discovered that ncurses was incorrectly handling end-of-string characters when processing terminfo and termcap files. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. This issue only affected Ubuntu 18.04 LTS.

Debian Linux Security Advisory 5409-1 - Two security issues have been discovered in libssh, a tiny C SSH library.