3.7
CVE-2023-32251 - Kernel: ksmbd brute force delay bypass via asynchronous requests
A vulnerability has been identified in the Linux kernel's ksmbd component (kernel SMB/CIFS server). A security control designed to prevent dictionary attacks, which introduces a 5-second delay during session setup, can be bypassed through the use of asynchronous requests. This bypass negates the inโฆ
5.5
CVE-2025-23289 -
NVIDIA Omniverse Launcher for Windows and Linux contains a vulnerability in the launcher logs, where a user could cause sensitive information to be written to the log files through proxy servers. A successful exploit of this vulnerability might lead to information disclosure.
4.6
CVE-2025-48073 - OpenEXR ScanLineProcess::run_fill NULL Pointer Write In "reduceMemory" Mode
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In version 3.3.2, when reading a deep scanline image with a large sample count in reduceMemory mode, it is possible to crash a target application with a Nโฆ
6.8
CVE-2025-48072 - OpenEXR's Inaccurate Pointer Arithmetic can Cause an Out of Bounds Heap
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Version 3.3.2 is vulnerable to a heap-based buffer overflow during a read operation due to bad pointer math when decompressing DWAA-packed scan-line EXR fโฆ
8.4
CVE-2025-48071 - OpenEXR's Forged Unpacked Size can Lead to Heap-Based Buffer Overflow in Deep Scanline Parsing
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.2 through 3.3.0, there is a heap-based buffer overflow during a write operation when decompressing ZIPS-packed deep scan-line EXR files wiโฆ
6
CVE-2025-37112 - Hard-Coded Encryption Keys found in System
A vulnerability was discovered in the storage policy for certain sets of encryption keys in the HPE Telco Network Function Virtual Orchestrator. Successful Exploitation could lead to unauthorized parties gaining access to sensitive system information.
6
CVE-2025-37111 - Hard-Coded Authentication Keys found in System
A vulnerability was discovered in the storage policy for certain sets of authentication keys in the HPE Telco Network Function Virtual Orchestrator. Successful Exploitation could lead to unauthorized parties gaining access to sensitive system information.
6
CVE-2025-37110 - Sensitive Credential Information stored insecurely in System Database
A vulnerability was discovered in the storage policy for certain sets of sensitive credential information in the HPE Telco Network Function Virtual Orchestrator. Successful Exploitation could lead to unauthorized parties gaining access to sensitive system information.
9.3
CVE-2025-8286 - Gรผralp Systems Gรผralp FMUS series Missing Authentication for Critical Function
Gรผralp FMUS series seismic monitoring devicesย expose an unauthenticated Telnet-based command line interface that could allow an attacker to modify hardware configurations, manipulate data, or factory reset the device.
3.5
CVE-2025-37109 - HPE Telco Service Activator, Protection Mechanism Failure
Cross-site scripting vulnerability has been identified in HPE Telco Service Activator product