vulnerability patching

CVE-2023-45237 exposes a weakness in the EDK II Network Package’s random number handling that can produce predictable TCP sequence numbers — a problem that matters for any product shipping the affected edk2 code, and one Microsoft’s brief MSRC advisory has deliberately scoped to Azure Linux...

Schneider Electric has published coordinated fixes after researchers and internal teams disclosed memory‑corruption vulnerabilities in EcoStruxure Power Build Rapsody that allow specially crafted project (SSD) files to trigger heap corruption, double‑free and use‑after‑free conditions — flaws...