Read Time:12 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

Advisories

ZDI-23-224: Omron CX-One CXP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

March 7, 2023

Read Time:12 Second

Advisories

dcmtk-3.6.4-11.el8

March 7, 2023

Read Time:19 Second

FEDORA-EPEL-2023-40e1d58afe

Packages in this update:

dcmtk-3.6.4-11.el8

Update description:

This update contains several high and critical security fixes.

CVE-2021-41687/CVE-2021-41688/CVE-2021-41690
CVE-2021-41689
CVE-2022-2119/CVE-2022-2120/CVE-2022-2121
CVE-2022-43272

It also switches to use bundled charls v1 to match the behavior in Fedora.

Advisories

dcmtk-3.6.6-12.el9

March 7, 2023

Read Time:19 Second

FEDORA-EPEL-2023-c14f77e922

Packages in this update:

dcmtk-3.6.6-12.el9

Update description:

This update contains several high and critical security fixes.

CVE-2021-41687/CVE-2021-41688/CVE-2021-41690
CVE-2021-41689
CVE-2022-2119/CVE-2022-2120/CVE-2022-2121
CVE-2022-43272

It also switches to use bundled charls v1 to match the behavior in Fedora.

Advisories

[CVE-2023-25355/25356] No fix available – vulnerabilities in CoreDial sipXcom sipXopenfire

March 7, 2023

Read Time:3 Second

Posted by Systems Research Group via Fulldisclosure on Mar 06

Advisories

SEC Consult SA-20230306-0 :: Multiple Vulnerabilities in Arris DG3450 Cable Gateway

March 7, 2023

Read Time:17 Second

Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Mar 06

SEC Consult Vulnerability Lab Security Advisory < 20230306-0 >
=======================================================================
title: Multiple Vulnerabilities
product: Arris DG3450 Cable Gateway
vulnerable version: AR01.02.056.18_041520_711.NCS.10
fixed version: –
CVE number: CVE-2023-27571, CVE-2023-27572
impact: medium
homepage: https://www.commscope.com…