CVE-2025-37110 – HPE Telco Network Function Virtual Orchestrator Information Disclosure

July 31, 2025

CVE ID : CVE-2025-37110

Published : July 31, 2025, 8:15 p.m. | 4 hours, 11 minutes ago

Description : A vulnerability was discovered in the storage policy for certain sets of sensitive credential information in the HPE Telco Network Function Virtual Orchestrator. Successful Exploitation could lead to unauthorized parties gaining access to sensitive system information.

Severity: 6.0 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-45769 – PHP JWT Weak Encryption Vulnerability

Next Article CVE-2025-37108 – “HPE Telco Service Activator Cross-Site Scripting Vulnerability”

Highlights

CVE-2025-6756 – “Ultra Addons for Contact Form 7 Stored Cross-Site Scripting Vulnerability”

July 1, 2025

CVE ID : CVE-2025-6756

Published : July 1, 2025, 10:15 a.m. | 18 minutes ago

Description : The Ultra Addons for Contact Form 7 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s UACF7_CUSTOM_FIELDS shortcode in all versions up to, and including, 3.5.21 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Severity: 6.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CodeSOD: Functionally, a Date

Creating Elastic And Bounce Effects With Expressive Animator

Microsoft shares Insiders preview of Visual Studio 2026

From Data To Decisions: UX Strategies For Real-Time Dashboards

DistroWatch Weekly, Issue 1139

Building personal apps with open source and AI

What Can We Actually Do With corner-shape?

Craft, Clarity, and Care: The Story and Work of Mengchu Yao

Can I use React Server Components (RSCs) today?

Can I use React Server Components (RSCs) today?

Perficient Named among Notable Providers in Forrester’s Q3 2025 Commerce Services Landscape

Sarah McDowell Helps Clients Build a Strong AI Foundation Through Salesforce

I Ran Local LLMs on My Android Phone

I Ran Local LLMs on My Android Phone

DistroWatch Weekly, Issue 1139

sudo vs sudo-rs: What You Need to Know About the Rust Takeover of Classic Sudo Command

CVE-2025-37110 – HPE Telco Network Function Virtual Orchestrator Information Disclosure

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

I swore off smartwatches until the Apple Watch Series 10 lured me back – for 3 reasons

Helldivers 2’s new Illuminate Galactic Emergency update has arrived with new enemy types, weapon customization, and a terrifying fleet headed right for Super Earth

Xbox Game Pass gets Gears of War: Reloaded, Dragon Age: The Veilguard, and more — here’s what is coming through the rest of August

Ghibli AI Image Generator

CVE-2025-6756 – “Ultra Addons for Contact Form 7 Stored Cross-Site Scripting Vulnerability”

IP Lookup – find info about an IP address.

CVE-2025-52163 – Agorum Core Agorum Software GmbH SSRF

Sysprof – profile an application or entire system

CVE-2025-37110 – HPE Telco Network Function Virtual Orchestrator Information Disclosure

Related Posts