96 matches found
CVE-2025-59874
HCL Hive Telco Observability is affected by a Required directives missing from the CSP issue is detected in keycloak component of the web application. Missing essential directives can leave a site vulnerable...
CVE-2025-59874
HCL Hive Telco Observability is affected by a Required directives missing from the CSP issue is detected in keycloak component of the web application. Missing essential directives can leave a site vulnerable...
CVE-2025-59874 HCL Hive Telco Observability is affected by a Required directives missing from the CSP .
HCL Hive Telco Observability is affected by a Required directives missing from the CSP issue is detected in keycloak component of the web application. Missing essential directives can leave a site vulnerable...
HCL Hive Telco Observability 安全漏洞
HCL Hive Telco Observability is a telecommunications network observability platform developed by the Indian company HCL. There is a security vulnerability in HCL Hive Telco Observability, which stems from the lack of necessary CSP directives in the keycloak component of the web application. This...
HPESBNW05033 rev.1 - HPE Telco Network Function Virtual Orchestrator, Improper Input Validation in the Undertow HTTP Server Core
Potential Security Impact: Local: Input Validation; Remote: Unauthorized Access, Input Validation SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Telco Network Function Virtualization Orchestrator HPE Telco Network Function Virtualization Orchestrator v7.5.0 or below. CVSS...
HPESBNW05022 rev.1 - HPE Telco Intelligent Assurance, Improper Control of Generation of Code vulnerability
Potential Security Impact: Local: Arbitrary Code Execution SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Telco Intelligent Assurance 4.2.14 - FAS and PDO 4.2.14 CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2025-33042 |...
CVE-2022-35503
Improper verification of a user input in Open Source MANO v7-v12 allows an authenticated attacker to execute arbitrary code within the LCM module container via a Virtual Network Function VNF descriptor. An attacker may be able execute code to change the normal execution of the OSM components,...
EUVD-2025-201565
Malicious code in telco PyPI...
Malicious code in telco (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 55c8199592663c3f388cba22988800084bbc3a5696279eb22c53e837c1d8ac40 Running the module starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-12-evil-rce...
MAL-2025-192363 Malicious code in telco (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 55c8199592663c3f388cba22988800084bbc3a5696279eb22c53e837c1d8ac40 Running the module starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-12-evil-rce...
EUVD-2025-23311
Malicious code in bioql PyPI...
EUVD-2025-21700
Malicious code in bioql PyPI...
EUVD-2025-23308
Malicious code in bioql PyPI...
EUVD-2025-23307
Malicious code in bioql PyPI...
EUVD-2025-23306
Malicious code in bioql PyPI...
EUVD-2025-23302
Malicious code in bioql PyPI...
VMSA-2025-0016: VMware vCenter and NSX updates address multiple vulnerabilities (CVE-2025-41250, CVE-2025-41251, CVE-2025-41252)
Advisory ID: | VMSA-2025-0016 ---|--- Advisory Severity: | Important CVSSv3 Range: | 7.5-8.5 Synopsis: | VMware vCenter and NSX updates address multiple vulnerabilities CVE-2025-41250, CVE-2025-41251, CVE-2025-41252 Issue date: | 2025-09-29 Updated on: | 2025-09-29 Initial Advisory CVEs |...
VMSA-2025-0015: VMware Aria Operations and VMware Tools updates address multiple vulnerabilities (CVE-2025-41244,CVE-2025-41245, CVE-2025-41246)
Advisory ID: | VMSA-2025-0015.1 ---|--- Advisory Severity: | Important CVSSv3 Range: | 4.9 -7.8 Synopsis: | VMware Aria Operations and VMware Tools updates address multiple vulnerabilities CVE-2025-41244,CVE-2025-41245, CVE-2025-41246 Issue date: | 2025-09-29 Updated on: | 2025-10-30 CVEs |...
HPESBNW04823 rev.1 - HPE Telco Unified Correlation and Automation (UCA), Multiple Vulnerabilities
Potential Security Impact: Local: Code Execution, Input Validation; Remote: Code Execution, Input Validation SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Telco Unified Correlation and Automation 4.4.x prior to 4.4.5 CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --...
CVE-2025-37108
Cross-site scripting vulnerability has been identified in HPE Telco Service Activator product...