This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

Read More

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

Read More

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

Read More

FEDORA-EPEL-2023-40e1d58afe

Packages in this update:

dcmtk-3.6.4-11.el8

Update description:

This update contains several high and critical security fixes.

CVE-2021-41687/CVE-2021-41688/CVE-2021-41690
CVE-2021-41689
CVE-2022-2119/CVE-2022-2120/CVE-2022-2121
CVE-2022-43272

It also switches to use bundled charls v1 to match the behavior in Fedora.

Read More

FEDORA-EPEL-2023-c14f77e922

Packages in this update:

dcmtk-3.6.6-12.el9

Update description:

This update contains several high and critical security fixes.

CVE-2021-41687/CVE-2021-41688/CVE-2021-41690
CVE-2021-41689
CVE-2022-2119/CVE-2022-2120/CVE-2022-2121
CVE-2022-43272

It also switches to use bundled charls v1 to match the behavior in Fedora.

Read More

Posted by Systems Research Group via Fulldisclosure on Mar 06

Read More

Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Mar 06

SEC Consult Vulnerability Lab Security Advisory < 20230306-0 >
=======================================================================
title: Multiple Vulnerabilities
product: Arris DG3450 Cable Gateway
vulnerable version: AR01.02.056.18_041520_711.NCS.10
fixed version: –
CVE number: CVE-2023-27571, CVE-2023-27572
impact: medium
homepage: https://www.commscope.com…

Read More

Posted by Erg Noor on Mar 06

Hi,

Fun OpenBSD bug.

ip_dooptions() will allow IPOPT_SSRR with optlen = 2.

save_rte() will set isr_nhops to very large value, which will cause
overflow in next ip_srcroute() call.

More info is here https://github.com/fuzzingrf/openbsd_tcpip_overflow/

-erg

Read More

FEDORA-2023-cd000ea847

Packages in this update:

containerd-1.6.19-1.fc38

Update description:

Update containerd to 1.16.19
– Mitigates CVE-2023-25153 / GHSA-259w-8hf6-59c2
– Mitigates CVE-2023-25173 / GHSA-hmfx-3pcx-653p

Read More

FEDORA-2023-aadd08ab96

Packages in this update:

containerd-1.6.19-1.fc36

Update description:

Update containerd to 1.16.19
– Mitigates CVE-2023-25153 / GHSA-259w-8hf6-59c2
– Mitigates CVE-2023-25173 / GHSA-hmfx-3pcx-653p

Read More