Lucene search
K

19 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2016-9050

Malware in sbrugna...

9CVSS8.8AI score0.03051EPSS
Exploits0References5
Broadcom
Broadcom
added 2023/12/19 12:0 a.m.63 views

Privilege escalation vulnerability in Node.js 20 could allow loading arbitrary OpenSSL engines when the experimental permission model is enabled (CVE-2023-30586).

A privilege escalation vulnerability exists in Node.js 20 that allowed loading arbitrary OpenSSL engines when the experimental permission model is enabled, which can bypass and/or disable the permission model. The attack complexity is high. However, the crypto.setEngine API can be used to bypass...

7.5CVSS7.3AI score0.01348EPSS
Exploits0
Broadcom
Broadcom
added 2023/10/03 12:0 a.m.14 views

Heap buffer overflow in libwebp (CVE-2023-4863)

Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Products Confirmed Not Affected No Brocade Fibre Channel products from Broadcom are known to be affected by this...

8.8CVSS7.3AI score0.99735EPSS
Exploits9
Broadcom
Broadcom
added 2023/09/08 12:0 a.m.86 views

CVE-2022-45688 -A stack overflow in the XML.toJSONObject component of hutool-json v5.8.10

A stack overflow in the XML.toJSONObject component of hutool-json v5.8.10 allows attackers to cause a Denial of Service DoS via crafted JSON or XML data. Products Confirmed Not Affected No Brocade Fibre Channel Product from Broadcom Products is known to be affected by this vulnerability...

7.5CVSS8.5AI score0.01181EPSS
Exploits5
Broadcom
Broadcom
added 2023/07/27 12:0 a.m.68 views

CVE-2023-34362 - a SQL injection vulnerability has been found in the MOVEit Transfer web application.

In Progress MOVEit Transfer before 2021.0.6 13.0.6, 2021.1.4 13.1.4, 2022.0.4 14.0.4, 2022.1.5 14.1.5, and 2023.0.1 15.0.1, a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain access to MOVEit Transfer's database...

9.8CVSS9.8AI score0.99934EPSS
Exploits15
Broadcom
Broadcom
added 2023/06/12 12:0 a.m.115 views

Certificate validation is disabled when requesting binaries

Certificate validation in node-sass 2.0.0 to 4.14.1 is disabled when requesting binaries even if the user is not specifying an alternative download path. Products Confirmed Not Affected No Brocade Fibre Channel Products from Broadcom products are known to be affected by this vulnerability...

5.3CVSS6.5AI score0.0082EPSS
Exploits0
Broadcom
Broadcom
added 2023/05/19 12:0 a.m.41 views

CVE-2018-16850 - SQL injection in pg_upgrade and pg_dump, via CREATE TRIGGER ... REFERENCING.

postgresql before versions 11.1, 10.6 is vulnerable to a to SQL injection in pgupgrade and pgdump via CREATE TRIGGER ... REFERENCING. Using a purpose-crafted trigger definition, an attacker can cause arbitrary SQL statements to run, with superuser privileges.More at:...

8CVSS9.6AI score0.0515EPSS
Exploits0
Broadcom
Broadcom
added 2023/05/02 12:0 a.m.52 views

CVE-2022-43551 - HSTS check could be bypassed to trick it to keep using HTTP.

A vulnerability exists in curl 7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. However, the HSTS mechanism could be bypasse...

7.5CVSS7.5AI score0.1654EPSS
Exploits1
Broadcom
Broadcom
added 2021/12/30 12:0 a.m.40 views

BSA-2021-1658

Security Advisory ID : BSA-2021-1658 Component : JDBC Appender in Apache Log4j Revision : 1.0 Apache Log4j2 versions 2.0-beta7 through 2.17.0 excluding security fix releases 2.3.2 and 2.12.4 are vulnerable to a remote code execution RCE attack when a configuration uses a JDBC Appender with a JNDI...

8.5CVSS8.2AI score0.97906EPSS
Exploits9
Broadcom
Broadcom
added 2021/05/10 12:0 a.m.20 views

BSA-2021-1487

Security Advisory ID : BSA-2021-1487 Component : Libarchive Revision : 1.0 libarchive 3.3.2 suffers from an out-of-bounds read within lhareaddatanone in archivereadsupportformatlha.c when extracting a specially crafted lha archive, related to lhacrc16. Affected Products Brocade SANnav versions...

6.5CVSS6.8AI score0.01956EPSS
Exploits0
OSV
OSV
added 2020/03/25 3:12 a.m.7 views

USN-4302-1 linux, linux-aws, linux-aws-hwe, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon, linux-azure vulnerabilities

Paulo Bonzini discovered that the KVM hypervisor implementation in the Linux kernel could improperly let a nested level 2 guest access the resources of a parent level 1 guest in certain situations. An attacker could use this to expose sensitive information. CVE-2020-2732 Gregory Herrero discovere...

6.8CVSS6.7AI score0.02745EPSS
Exploits2References10
OSV
OSV
added 2020/03/25 1:39 a.m.12 views

USN-4301-1 linux-aws-5.0, linux-gcp, linux-gke-5.0, linux-oracle-5.0, linux-azure vulnerabilities

It was discovered that the KVM implementation in the Linux kernel, when paravirtual TLB flushes are enabled in guests, the hypervisor in some situations could miss deferred TLB flushes or otherwise mishandle them. An attacker in a guest VM could use this to expose sensitive information read memor...

7.8CVSS6.6AI score0.03286EPSS
Exploits1References9
OSV
OSV
added 2020/02/18 8:34 p.m.11 views

USN-4286-1 linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities

It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. CVE-2019-14615 It was discovered that a race condition existed in the Softmac USB Prism54 devi...

7.4CVSS6.7AI score0.10114EPSS
Exploits5References13
CNVD
CNVD
added 2018/02/26 12:0 a.m.5 views

Brocade Fibre Channel SAN Product Brocade Fabric OS Cross-Site Scripting Vulnerability

Brocade Fibre Channel SAN products are all switch products of the American company Brocade Brocade, and Brocade Fabric OS FOS is a set of embedded systems running on them. A cross-site scripting vulnerability exists in the Web-based management interface of Brocade FOS versions prior to 7.4.2b,...

6.1CVSS6.9AI score0.01458EPSS
Exploits0References1
CVE
CVE
added 2018/02/08 10:0 p.m.63 views

CVE-2017-6227

CVE-2017-6227 affects Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS). The IPv6 stack vulnerability allows a remote attacker to cause a denial-of-service (CPU consumption and device hang) by sending crafted Router Advertisement messages. Affected FOS versions include pre-7.4.2b...

6.5CVSS6.2AI score0.00552EPSS
Exploits0References1Affected Software2
Broadcom
Broadcom
added 2018/01/17 12:0 a.m.8 views

BSA-2018-526

Security Advisory ID : BSA-2018-526 Component : Fabric OS IPv6 stack Revision : 2.0: Final A vulnerability in the IPv6 stack on Brocade Fibre Channel SAN products running Brocade Fabric OS FOS could allow an unauthenticated, adjacent attacker to cause a denial of service CPU consumption and devic...

6.5CVSS6.7AI score0.00552EPSS
Exploits0
Lenovo
Lenovo
added 2017/06/07 12:0 a.m.18 views

Brocade Fibre Channel SAN Privilege Escalation - Lenovo Support US

No description provided...

8.9AI score
Exploits0
Lenovo
Lenovo
added 2017/06/07 12:0 a.m.62 views

Brocade Fibre Channel SAN Privilege Escalation - us

Lenovo Security Advisory: LEN-14794 Potential Impact: Local privilege escalation Severity: High Scope of Impact: Industry-Wide CVE Identifier: CVE-2016-8202 Summary Description: A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS FOS releases earli...

9CVSS8.9AI score0.03051EPSS
Exploits0
CNVD
CNVD
added 2017/05/10 12:0 a.m.5 views

Brocade Fibre Channel SAN Product Brocade Fabric OS Remote Elevation of Privilege Vulnerability

Brocade Fibre Channel SAN products are all switch products of the American company Brocade Brocade, and Brocade Fabric OS FOS is a set of embedded systems running on them. A remote elevation of privilege vulnerability exists in Brocade Fibre Channel SAN products with Brocade FOS versions prior to...

9CVSS7.5AI score0.03051EPSS
Exploits0References1
Rows per page
Query Builder