A Comprehensive Review of Denial of Wallet Attacks in Serverless Architectures

The Denial of Wallet DoW attack poses a unique and growing threat to serverless architectures that rely on Function-as-a-Service FaaS models, exploiting the cost structure of pay-as-you-go billing to financially burden application owners. Unlike traditional Denial of Service DoS attacks, which ai...

CVE-2019-2684 vulnerabilities

Vulnerabilities for packages: openjdk-11-openj9, openjdk-21-openj9, openjdk-25-openj9, openjdk-17-openj9, openjdk-26-openj9, openjdk-8-openj9...

GHSA-W522-FX29-439V vulnerabilities

Vulnerabilities for packages: openjdk-11-openj9, openjdk-21-openj9, openjdk-25-openj9, openjdk-17-openj9, openjdk-26-openj9, openjdk-8-openj9...

SUSE CVE-2025-38618

In the Linux kernel, the following vulnerability has been resolved: vsock: Do not allow binding to VMADDRPORTANY It is possible for a vsock to autobind to VMADDRPORTANY. This can cause a use-after-free when a connection is made to the bound socket. The socket returned by accept also has port...

Picklescan missing detection when calling pytorch function torch.jit.unsupported_tensor_ops.execWrapper

Summary Using torch.jit.unsupportedtensorops.execWrapper function, which is a pytorch library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to torch.jit.unsupportedtensorops.execWrapper function...

CVE-2025-52094

Insecure Permissions vulnerability in PDQ Smart Deploy V.3.0.2040 allows a local attacker to execute arbtirary code via the \HKLM\SYSTEM\Setup\SmartDeploy component...

CISA: 2025 Minimum Elements for a Software Bill of Materials (SBOM)

CISA is requesting public comment on its updated guidance on Software Bill of Materials SBOM to reflect the current state of maturity in software transparency and supply chain security. Building on the 2021 NTIA SBOM Minimum Elements, this update aims to help agencies and organizations to manage...

tomcat: Apache Tomcat denial of service

A denial of service flaw was found in Apache Tomcat. A race condition during connection closure could trigger a JVM crash when using the APR/Native connector, leading to a denial of service. This issue was particularly noticeable with client-initiated closures of HTTP/2 connections...

tomcat: Apache Tomcat denial of service

A denial of service flaw was found in Apache Tomcat. A race condition during connection closure could trigger a JVM crash when using the APR/Native connector, leading to a denial of service. This issue was particularly noticeable with client-initiated closures of HTTP/2 connections...

OSV-2025-657 Heap-use-after-free in ftp_pp_statemachine

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=439473053 Crash type: Heap-use-after-free READ 8 Crash state: ftpppstatemachine ftpdoing multirunsingle...

docker-machine-driver-kvm2-1.36.0-2.1 on GA media (moderate)

docker-machine-driver-kvm2-1.36.0-2.1 on GA media Announcement ID: openSUSE-SU-2025:15464-1 Rating: moderate Cross-References: CVE-2024-45337 CVSS scores: CVE-2024-45337 SUSE : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Tumbleweed An update that solves one...

Cryostat 安全漏洞

Cryostat is a container-native JVM application open-sourced by Cryostat. A security vulnerability exists in Cryostat that stems from binding all network interfaces, which could lead to unauthorized access...

Linux Distros Unpatched Vulnerability : CVE-2021-4024

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in podman. The podman machine function used to create and manage Podman virtual machine containing a Podman process spawns a gvproxy process on...

When Machine Learning Meets Vulnerability Discovery: Challenges and Lessons Learned

In recent years, machine learning has demonstrated impressive results in various fields, including software vulnerability detection. Nonetheless, using machine learning to identify software vulnerabilities presents new challenges, especially regarding the scale of data involved, which was not a...

CVE-2025-38611

In the Linux kernel, the following vulnerability has been resolved: vmci: Prevent the dispatching of uninitialized payloads The reproducer executes the host's unlockedioctl call in two different tasks. When initcontext fails, the struct vmcieventctx is not fully initialized when executing...

CVE-2025-38611

Removed by vendor...

DDoS Attacks in Cloud Computing: Detection and Prevention

DDoS attacks are one of the most prevalent and harmful cybersecurity threats faced by organizations and individuals today. In recent years, the complexity and frequency of DDoS attacks have increased significantly, making it challenging to detect and mitigate them effectively. The study analyzes...

Security-As-A-Function for IDS/IPS in Softwarized Network and Applications to 5G Network Systems

The service-based architecture of 5G network allows network operators to place virtualized network functions on commodity hardware, unlike the traditional vendor-specific hardware-based functionalities. However, it expands the security vulnerabilities and threats to the 5G network. While there...

PT-2025-44106

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.16.0-smp--e6c618b51cfe-sleep 782 Description The Linux kernel contained an issue in the KVM component related to SVM fastpath emulation. Specifically, the fastpath emulation was not being skipped on VM-Exit if...

OPENSUSE-SU-2025:15463-1 docker-machine-driver-kvm2-1.36.0-2.1 on GA media

These are all security issues fixed in the docker-machine-driver-kvm2-1.36.0-2.1 package on the GA media of openSUSE Tumbleweed...