43 matches found
HPESBNW05022 rev.1 - HPE Telco Intelligent Assurance, Improper Control of Generation of Code vulnerability
Potential Security Impact: Local: Arbitrary Code Execution SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Telco Intelligent Assurance 4.2.14 - FAS and PDO 4.2.14 CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2025-33042 |...
EUVD-2025-23311
Malicious code in bioql PyPI...
EUVD-2025-21700
Malicious code in bioql PyPI...
EUVD-2025-23308
Malicious code in bioql PyPI...
EUVD-2025-23307
Malicious code in bioql PyPI...
EUVD-2025-23306
Malicious code in bioql PyPI...
EUVD-2025-23302
Malicious code in bioql PyPI...
HPESBNW04823 rev.1 - HPE Telco Unified Correlation and Automation (UCA), Multiple Vulnerabilities
Potential Security Impact: Local: Code Execution, Input Validation; Remote: Code Execution, Input Validation SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Telco Unified Correlation and Automation 4.4.x prior to 4.4.5 CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --...
CVE-2025-37108
Cross-site scripting vulnerability has been identified in HPE Telco Service Activator product...
CVE-2025-37109
Cross-site scripting vulnerability has been identified in HPE Telco Service Activator product...
CVE-2025-37110
A vulnerability was discovered in the storage policy for certain sets of sensitive credential information in the HPE Telco Network Function Virtual Orchestrator. Successful Exploitation could lead to unauthorized parties gaining access to sensitive system information...
CVE-2025-37111
A vulnerability was discovered in the storage policy for certain sets of authentication keys in the HPE Telco Network Function Virtual Orchestrator. Successful Exploitation could lead to unauthorized parties gaining access to sensitive system information...
CVE-2025-37112
A vulnerability was discovered in the storage policy for certain sets of encryption keys in the HPE Telco Network Function Virtual Orchestrator. Successful Exploitation could lead to unauthorized parties gaining access to sensitive system information...
CVE-2025-37108
Cross-site scripting vulnerability has been identified in HPE Telco Service Activator product...
CVE-2025-37109
Cross-site scripting vulnerability has been identified in HPE Telco Service Activator product...
CVE-2025-37112
A vulnerability was discovered in the storage policy for certain sets of encryption keys in the HPE Telco Network Function Virtual Orchestrator. Successful Exploitation could lead to unauthorized parties gaining access to sensitive system information...
CVE-2025-37110
A vulnerability was discovered in the storage policy for certain sets of sensitive credential information in the HPE Telco Network Function Virtual Orchestrator. Successful Exploitation could lead to unauthorized parties gaining access to sensitive system information...
CVE-2025-37111
A vulnerability was discovered in the storage policy for certain sets of authentication keys in the HPE Telco Network Function Virtual Orchestrator. Successful Exploitation could lead to unauthorized parties gaining access to sensitive system information...
CVE-2025-37112 Hard-Coded Encryption Keys found in System
A vulnerability was discovered in the storage policy for certain sets of encryption keys in the HPE Telco Network Function Virtual Orchestrator. Successful Exploitation could lead to unauthorized parties gaining access to sensitive system information...
CVE-2025-37112
The CVE concerns HPE Telco Network Function Virtual Orchestrator. A vulnerability in the storage policy for certain encryption-key sets could allow unauthorized parties to access sensitive system information. The issue is described across multiple sources as affecting the storage policy for encry...