Monthly Archive: July 2025

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In version 3.3.2, when reading a deep scanline image with a large sample...

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Version 3.3.2 is vulnerable to a heap-based buffer overflow during a read operation...

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.2 through 3.3.0, there is a heap-based buffer overflow during a...

pyjwt v2.10.1 was discovered to contain weak encryption. Assigner : cve@mitre.org More information : https://gist.github.com/ZupeiNie/6f65e564f2067b876321d3dfdbb76569

NVIDIA Omniverse Launcher for Windows and Linux contains a vulnerability in the launcher logs, where a user could cause sensitive information to be written to the log files through proxy servers. A successful exploit...

Güralp FMUS series seismic monitoring devices expose an unauthenticated Telnet-based command line interface that could allow an attacker to modify hardware configurations, manipulate data, or factory reset the device. Assigner : ics-cert@hq.dhs.gov More information :...

An issue was discovered in Archer Technology RSA Archer 6.11.00204.10014 allowing attackers to execute arbitrary code via crafted system inputs that would be exported into the CSV and be executed after the user opened...

jwt v5.4.3 was discovered to contain weak encryption. Assigner : cve@mitre.org More information : https://gist.github.com/ZupeiNie/cd88c827eef11a1618f8baacccd240fb

php-jwt v6.11.0 was discovered to contain weak encryption. Assigner : cve@mitre.org More information : https://gist.github.com/ZupeiNie/83756316c4c24fe97a50176a92608db3

A vulnerability was discovered in the storage policy for certain sets of encryption keys in the HPE Telco Network Function Virtual Orchestrator. Successful Exploitation could lead to unauthorized parties gaining access to sensitive system...

A vulnerability was discovered in the storage policy for certain sets of authentication keys in the HPE Telco Network Function Virtual Orchestrator. Successful Exploitation could lead to unauthorized parties gaining access to sensitive system...

A vulnerability was discovered in the storage policy for certain sets of sensitive credential information in the HPE Telco Network Function Virtual Orchestrator. Successful Exploitation could lead to unauthorized parties gaining access to sensitive...

Cross-site scripting vulnerability has been identified in HPE Telco Service Activator product Assigner : security-alert@hpe.com More information : https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04887en_us&docLocale=en_US

Cross-site scripting vulnerability has been identified in HPE Telco Service Activator product Assigner : security-alert@hpe.com More information : https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04887en_us&docLocale=en_US