This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2023-37376.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2023-45204.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2023-45601.
cachelib-17^20231016-1.fc37
fb303-2023.10.16.00-1.fc37
fbthrift-2023.10.16.00-1.fc37
fizz-2023.10.16.00-1.fc37
folly-2023.10.16.00-1.fc37
mcrouter-0.41.0.20231016-1.fc37
mvfst-2023.10.16.00-1.fc37
proxygen-2023.10.16.00-1.fc37
wangle-2023.10.16.00-1.fc37
watchman-2021.05.10.00-24.fc37
wdt-1.32.1910230^20230711git3b52ef5-2.fc37
Update Folly stack to the latest 2023.10.16.00 tag
proxygen: Security fix for CVE-2023-44487
cachelib-17^20231016-1.fc38
fb303-2023.10.16.00-1.fc38
fbthrift-2023.10.16.00-1.fc38
fizz-2023.10.16.00-1.fc38
folly-2023.10.16.00-1.fc38
mcrouter-0.41.0.20231016-1.fc38
mvfst-2023.10.16.00-1.fc38
proxygen-2023.10.16.00-1.fc38
wangle-2023.10.16.00-1.fc38
watchman-2021.05.10.00-24.fc38
wdt-1.32.1910230^20230711git3b52ef5-2.fc38
Update Folly stack to the latest 2023.10.16.00 tag
proxygen: Security fix for CVE-2023-44487
cachelib-17^20231016-1.fc39
fb303-2023.10.16.00-1.fc39
fbthrift-2023.10.16.00-1.fc39
fizz-2023.10.16.00-1.fc39
folly-2023.10.16.00-1.fc39
mcrouter-0.41.0.20231016-1.fc39
mvfst-2023.10.16.00-1.fc39
proxygen-2023.10.16.00-1.fc39
wangle-2023.10.16.00-1.fc39
watchman-2021.05.10.00-24.fc39
wdt-1.32.1910230^20230711git3b52ef5-2.fc39
Update Folly stack to the latest 2023.10.16.00 tag
proxygen: Security fix for CVE-2023-44487
How hunting for an aubergine could be all it takes for you to hand your credit card details over to a scammer, and just how good is a podcast entirely built by AI?
All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
Warning: This podcast may contain nuts, adult themes, and rude language.
Multiple vulnerabilities have been discovered in ChromeOS, the most severe of which could allow for arbitrary code execution. ChromeOS is a Linux-based operating system developed and designed by Google. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
It was discovered that OpenSSL incorrectly handled excessively large
Diffie-Hellman parameters. An attacker could possibly use this issue
to cause a denial of service. (CVE-2023-3446)
Bernd Edlinger discovered that OpenSSL incorrectly handled excessively
large Diffie-Hellman parameters. An attacker could possibly use this
issue to cause a denial of service. (CVE-2023-3817)
