5.5
CVE-2025-23289 -
NVIDIA Omniverse Launcher for Windows and Linux contains a vulnerability in the launcher logs, where a user could cause sensitive information to be written to the log files through proxy servers. A successful exploit of this vulnerability might lead to information disclosure.
4.6
CVE-2025-48073 - OpenEXR ScanLineProcess::run_fill NULL Pointer Write In "reduceMemory" Mode
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In version 3.3.2, when reading a deep scanline image with a large sample count in reduceMemory mode, it is possible to crash a target application with a Nβ¦
6.8
CVE-2025-48072 - OpenEXR's Inaccurate Pointer Arithmetic can Cause an Out of Bounds Heap
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Version 3.3.2 is vulnerable to a heap-based buffer overflow during a read operation due to bad pointer math when decompressing DWAA-packed scan-line EXR fβ¦
8.4
CVE-2025-48071 - OpenEXR's Forged Unpacked Size can Lead to Heap-Based Buffer Overflow in Deep Scanline Parsing
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.2 through 3.3.0, there is a heap-based buffer overflow during a write operation when decompressing ZIPS-packed deep scan-line EXR files wiβ¦
6
CVE-2025-37112 - Hard-Coded Encryption Keys found in System
A vulnerability was discovered in the storage policy for certain sets of encryption keys in the HPE Telco Network Function Virtual Orchestrator. Successful Exploitation could lead to unauthorized parties gaining access to sensitive system information.
6
CVE-2025-37111 - Hard-Coded Authentication Keys found in System
A vulnerability was discovered in the storage policy for certain sets of authentication keys in the HPE Telco Network Function Virtual Orchestrator. Successful Exploitation could lead to unauthorized parties gaining access to sensitive system information.
6
CVE-2025-37110 - Sensitive Credential Information stored insecurely in System Database
A vulnerability was discovered in the storage policy for certain sets of sensitive credential information in the HPE Telco Network Function Virtual Orchestrator. Successful Exploitation could lead to unauthorized parties gaining access to sensitive system information.
9.3
CVE-2025-8286 - GΓΌralp Systems FMUS Series and MIN Series Devices
The affected products expose an unauthenticated Telnet-based command line interface that could allow an attacker to modify hardware configurations, manipulate data, or factory reset the device.
3.5
CVE-2025-37109 - HPE Telco Service Activator, Protection Mechanism Failure
Cross-site scripting vulnerability has been identified in HPE Telco Service Activator product
3.5
CVE-2025-37108 - HPE Telco Service Activator, Protection Mechanism Failure
Cross-site scripting vulnerability has been identified in HPE Telco Service Activator product