Lucene search
K
BroadcomMost viewed

879 matches found

Broadcom
Broadcom
added 2018/10/29 12:0 a.m.10 views

BSA-2018-729

Security Advisory ID : BSA-2018-729 Component : Fabric OS CLI Revision : 1.0: Initial A vulnerability in the secryptocfg command of Brocade Fabric OS command line interface CLIcould allow a local attacker toescape the restricted shell and, gain root access. Affected Products Brocade Fabric OS...

7.8CVSS7AI score0.00356EPSS
Exploits0
Broadcom
Broadcom
added 2018/10/29 12:0 a.m.10 views

BSA-2018-730

Security Advisory ID : BSA-2018-730 Component : Fabric OS CLI Revision : 1.0: Initial Multiple Vulnerabilities in Brocade Fabric OS command line interface CLIcould allow a local attacker toescape the restricted shell and, gain root access. Commands Affected firmwaredownload command -CVE-2018-6436...

7.8CVSS7AI score0.00356EPSS
Exploits0
Broadcom
Broadcom
added 2018/08/23 12:0 a.m.10 views

BSA-2018-700

Security Advisory ID : BSA-2018-700 Component : Apache Struts 2 Revision : 1.0: Final Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when using results with no namespace and in same time, its upper actions have no or wildcard namespace. Same...

9.3CVSS8.8AI score0.99993EPSS
Exploits41
Broadcom
Broadcom
added 2017/11/17 12:0 a.m.10 views

BSA-2017-474

Security Advisory ID : BSA-2017-474 Component : Infineon RSA Library Revision : 2.0: Final The Infineon RSA library version 1.02.013 in Infineon Trusted Platform Module TPM firmware mishandles RSA key generation, which makes it easier for attackers to defeat various cryptographic protection...

5.9CVSS6.7AI score0.09825EPSS
Exploits0
Broadcom
Broadcom
added 2017/09/29 12:0 a.m.10 views

BSA-2017-436

Security Advisory ID : BSA-2017-436 Component : Perl Revision : 2.0: Interim Heap-based buffer overflow in the regular expression compiler in PERL before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service crash via a crafted regular expression with the...

7.5CVSS7.2AI score0.06207EPSS
Exploits0
Broadcom
Broadcom
added 2017/09/08 12:0 a.m.10 views

BSA-2017-429

Security Advisory ID : BSA-2017-429 Component : Struts REST Revision : 2.0: Interim A flaw was found in the Struts REST plugin when using an outdatedXStreamlibrary. An attacker could perform a denial of service attack using a malicious request with specially crafted XML payload. Affected Products...

7.5CVSS6.6AI score0.0902EPSS
Exploits0
Broadcom
Broadcom
added 2017/08/25 12:0 a.m.10 views

BSA-2017-372

Security Advisory ID : BSA-2017-372 Component : RedHat Jboss EAP Revision : 2.0: Interim Red Hat JBoss Enterprise Application Platform EAP 7, when operating as a reverse-proxy with default buffer sizes, allows remote attackers to cause a denial of service CPU and disk consumption via a long URL...

7.1CVSS7AI score0.0248EPSS
Exploits0
Broadcom
Broadcom
added 2017/08/25 12:0 a.m.10 views

BSA-2017-424

Security Advisory ID : BSA-2017-424 Component : Kernel Revision : 3.0: Interim The sanitycheckrawsuper function in fs/f2fs/super.c in the Linux kernel before 4.11.1 does not validate the segment count, which allows local users to gain privileges via unspecified vectors kernel: Missing sanity chec...

7.8CVSS6.9AI score0.00465EPSS
Exploits0
Broadcom
Broadcom
added 2017/08/25 12:0 a.m.10 views

BSA-2017-365

Security Advisory ID : BSA-2017-365 Component : Apache Revision : 1.0: Interim In Apachehttpd2.2.x before 2.2.33 and 2.4.x before 2.4.26,modmimecan read one byte past the end of a buffer when sending a malicious Content-Type response header. Affected Products Brocade is investigating its product...

9.8CVSS9.6AI score0.39341EPSS
Exploits3
Broadcom
Broadcom
added 2017/06/23 12:0 a.m.10 views

BSA-2017-319

Security Advisory ID : BSA-2017-319 Component : SSH Revision : 1.0: Interim The SSH protocols 1 and 2 aka SSH-2 as implemented inOpenSSHand other packages have various weaknesses which can allow a remote attacker to obtain the following information via sniffing: 1 password lengths or ranges of...

7.5CVSS7.1AI score0.07032EPSS
Exploits1
Broadcom
Broadcom
added 2017/05/17 12:0 a.m.10 views

BSA-2017-280

Security Advisory ID : BSA-2017-280 Component : JBOSS Revision : 1.0: Interim The Web Console in Red Hat Enterprise Application Platform EAP before 6.4.4 andWildFlyformerlyJBossApplication Server allows remote attackers to cause a denial of service memory consumption via a large request header...

5CVSS6.8AI score0.02978EPSS
Exploits0
Broadcom
Broadcom
added 2017/05/17 12:0 a.m.10 views

BSA-2017-283

Security Advisory ID : BSA-2017-283 Component : Apache Brooklyn 0.9.0 and all prior versions Revision : 1.0: Interim Apache Brooklyn’s REST server is vulnerable to cross-site scripting where one authenticated user can cause scripts to run in the browser of another user authorized to access the...

5.4CVSS6.1AI score0.01963EPSS
Exploits1
Broadcom
Broadcom
added 2017/04/28 12:0 a.m.10 views

BSA-2017-240

Security Advisory ID : BSA-2017-240 Component : SNMP Revision : 1.0: Interim The Simple Network Management Protocol SNMP is a commonly used network service. Its primary function is to provide network administrators with information about all kinds of network connected devices. SNMP can be used to...

5CVSS6.9AI score0.01764EPSS
Exploits0
Broadcom
Broadcom
added 2025/02/27 12:0 a.m.9 views

less Vulnerable to Arbitrary Code Execution via OS Command Execution via newline Character in Filename

less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation typically requires use with attacker-controlled file names, such as the files extracted from an untrusted archive. Exploitation also requires the...

8.6CVSS7.2AI score0.00628EPSS
Exploits0
Broadcom
Broadcom
added 2025/02/13 12:0 a.m.9 views

AZUL Zulu Java Multiple Vulnerabilities - July 2024

CVE-ID Component Base Score CVE-2024-21131 Hotspot 3.7 CVE-2024-21138 Hotspot 3.7 CVE-2024-21140 Hotspot 4.8 CVE-2024-21145 2D 4.8 CVE-2024-21147 Hotspot 7.4 CVE-2024-21144 Concurrency 3.7 CVE-2024-27983 Oracle GrallVM for JDK 8.2 More details can be found at...

8.2CVSS6.9AI score0.87211EPSS
Exploits1
Broadcom
Broadcom
added 2025/02/13 12:0 a.m.9 views

ISC BIND 9 Vulnerable to Denial-of-Service (DoS) via Memory Leaks in EdDSA DNSSEC Verification (CVE-2022-38178)

BIND 9 is vulnerable to a denial-of-service DoS issue due to the presence of a memory leak flaw in the DNSSEC verification code for the EdDSA algorithm that can occur when there is a signature length mismatch. An attacker could spoof the target resolver with responses that have malformed EdDSA...

7.5CVSS6.9AI score0.02176EPSS
Exploits0
Broadcom
Broadcom
added 2024/11/12 12:0 a.m.9 views

Brocade Fabric OS before 9.2.2 does not enforce strict host key checking

A vulnerability in Brocade Fabric OS versions before 9.2.2 could allow man-in-the-middle attackers to conduct remote Service Session Hijacking that may arise from the attacker's ability to forge an SSH key while the Brocade Fabric OS Switch is performing various remote operations initiated by a...

7.1CVSS6.9AI score0.00243EPSS
Exploits1
Broadcom
Broadcom
added 2024/07/30 12:0 a.m.9 views

Command or parameter injection via unique embedded switch SNMP commands (CVE-2024-5461)

Implementation of the Simple Network Management Protocol SNMP operating on the Brocade 6547 FC5022 embedded switch blade, makes internal script calls to system.sh from within the SNMP binary. An authenticated attacker could perform command or parameter injection on SNMP operations that are only...

8.6CVSS7.5AI score0.00422EPSS
Exploits1
Broadcom
Broadcom
added 2024/04/25 12:0 a.m.9 views

HTTPS configuration between Brocade SANnav Management Portal and Brocade SAN switches (no CVE)

A security researcher reported a lack of encryption in Brocade SANnav for management protocol HTTP. The researcher states: By default, the appliance can be installed with these options: To configure HTTP or HTTPS connections between SANnav Management Portal and SAN switches, select one of the...

7AI score
Exploits0
Broadcom
Broadcom
added 2024/04/16 12:0 a.m.9 views

Azul Zulu Java Multiple Vulnerabilities (2023-07-18)

Azul Zulu installed versions prior to 7 7.63.0.14 / 8 8.71.0.14 / 11 11.65.14 / 17 17.43.14 / 20 20.32.12. are affected by multiple vulnerabilities as referenced in the 2023-07-18 advisory. CVE-2023-22006 CVE-2023-22036 CVE-2023-22041 CVE-2023-22043 CVE-2023-22044 CVE-2023-22045 CVE-2023-22049...

5.9CVSS7.1AI score0.01316EPSS
Exploits0Affected Software1
Broadcom
Broadcom
added 2023/12/18 12:0 a.m.9 views

Path traversal and code execution via prototype vulnerability in NodeBB (CVE-2023-26045)

NodeBB is Node.js based forum software. Starting in version 2.5.0 and prior to version 2.8.7, due to the use of the object destructuring assignment syntax in the user export code path, combined with a path traversal vulnerability, a specially crafted payload could invoke the user export logic to...

10CVSS6.8AI score0.00834EPSS
Exploits0
Broadcom
Broadcom
added 2023/11/07 12:0 a.m.9 views

Integer overflow in the keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 (CVE-2015-4042)

Integer overflow in the keycomparemb function in sort.c in sort in GNU Coreutils through 8.23 might allow attackers to cause a denial of service application crash or possibly have unspecified other impact via long strings...

9.8CVSS7.7AI score0.02323EPSS
Exploits1
Broadcom
Broadcom
added 2023/11/07 12:0 a.m.9 views

NULL Pointer Exception bug that can be used by a remote attacker

handleipv6IpForwarding in agent/mibgroup/ip-mib/ipscalars.c in Net-SNMP 5.4.3 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service. Products Confirmed Not Affected Brocade Fabri...

6.5CVSS7AI score0.5346EPSS
Exploits1
Broadcom
Broadcom
added 2023/11/07 12:0 a.m.9 views

Curl is vulnerable to a denial-of-service (DoS) issue

Curl is vulnerable to a denial-of-service DoS issue due to how some HTTPs servers handle cookies that contain 'control-bytes' / 'control codes' byte values below 32. When curl sends cookies that contain these bytes to an HTTPs server, it may return a 400 response which effectively allows a "siste...

3.7CVSS6.9AI score0.01839EPSS
Exploits1Affected Software1
Broadcom
Broadcom
added 2023/11/07 12:0 a.m.9 views

A flaw was discovered in the XFS source in the Linux kernel (CVE-2020-12655)

An issue was discovered in xfsagfverify in fs/xfs/libxfs/xfsalloc.c in the Linux kernel through 5.6.10. Attackers may trigger a sync of excessive duration via an XFS v5 image with crafted metadata, aka CID-d0c7feaf8767...

5.5CVSS6.6AI score0.00461EPSS
Exploits0
Broadcom
Broadcom
added 2023/10/03 12:0 a.m.9 views

Intel(R) CPU information disclosure (CVE-2022-40982)

Information exposure through microarchitectural state after transient execution in certain vector execution units for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access. Products Confirmed Not Affected No Brocade Fibre Channel...

6.5CVSS5.9AI score0.03882EPSS
Exploits1
Broadcom
Broadcom
added 2023/08/17 12:0 a.m.9 views

CVE-2023-0286 -X.400 address type confusion in X.509 GeneralName

There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public structure definition for GENERALNAME incorrectly specified the type of the x400Address field as ASN1TYPE. This field is subsequentl...

7.4CVSS6.8AI score0.59501EPSS
Exploits0
Broadcom
Broadcom
added 2023/08/01 12:0 a.m.9 views

RPM before 4.9.1.3 does not properly validate region tags, which allows remote attackers to cause a denial of service

RPM before 4.9.1.3 does not properly validate region tags, which allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via an invalid region tag in a package header to the 1 headerLoad, 2 rpmReadSignature, or 3 headerVerify function...

6.8CVSS8AI score0.04779EPSS
Exploits0
Broadcom
Broadcom
added 2022/09/13 12:0 a.m.9 views

CVE-2014-9984: nscd in the GNU C Library (aka glibc or libc6) before version 2.20 does not correctly compute the size of an internal buffer

Security Advisory ID : BSA-2022-607 Component : GNU C Library Revision : 1.1 nscd in the GNU C Library aka glibc or libc6 before version 2.20 does not correctly compute the size of an internal buffer when processing netgroup requests, possibly leading to an nscd daemon crash or code execution as...

9.8CVSS7.9AI score0.0444EPSS
Exploits2
Broadcom
Broadcom
added 2022/09/13 12:0 a.m.9 views

CVE-2020-29371: An issue was discovered in romfs_dev_read in fs/romfs/storage.c

Security Advisory ID : BSA-2022-1195 Component : Kernel Revision : 1.0 An issue was discovered in romfsdevread in fs/romfs/storage.c in the Linux kernel before 5.8.4. Uninitialized memory leaks to userspace, aka CID-bcf85fcedfdd. Notes: Brocade Fabric OS does not utilize the problematic code...

3.3CVSS6.5AI score0.0069EPSS
Exploits1
Broadcom
Broadcom
added 2022/02/16 12:0 a.m.9 views

BSA-2021-1721

Security Advisory ID : BSA-2021-1721 Component : shell Revision : 1.0 A vulnerability in Brocade Fabric OS versions before Brocade Fabric OS v8.0.1b, v7.4.1d could allow an authenticated attacker within the restricted shell environment rbash as either the “user” or “factory” account, to...

6.8CVSS6.6AI score0.00907EPSS
Exploits0
Broadcom
Broadcom
added 2021/12/21 12:0 a.m.9 views

BSA-2021-1655

Security Advisory ID : BSA-2021-1655 Component : Apache Log4j StrSubstitutor Revision : 1.0 Apache Log4j2 versions 2.0-alpha1 through 2.16.0, excluding 2.12.3, did not protect from uncontrolled recursion from self-referential lookups. When the logging configuration uses a non-default Pattern Layo...

5.9CVSS6.6AI score0.99999EPSS
Exploits20
Broadcom
Broadcom
added 2020/07/06 12:0 a.m.9 views

BSA-2020-1045

Security Advisory ID : BSA-2020-1045 Component : Apache Tomcat Revision : 1.0: Final The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 echoes user provided data without escaping and is, therefore, vulnerable to XSS. SSI is disabled by default. The...

6.1CVSS7AI score0.45571EPSS
Exploits3
Broadcom
Broadcom
added 2020/03/16 12:0 a.m.9 views

BSA-2020-937

Security Advisory ID : BSA-2020-937 Component : lldpd Revision : 1.0: Final Buffer overflow in the lldpdecode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers to cause a denial of service daemon crash and possibly execute arbitrary code via vectors involving large...

9.8CVSS8.1AI score0.05493EPSS
Exploits0
Broadcom
Broadcom
added 2020/02/21 12:0 a.m.9 views

CVE-2019-19317, CVE-2019-19603, CVE-2019-19880 - Multiple vulnerabilities in SQLite 3.30.1. (BSA-2020-895).

Security Advisory ID: BSA-2020-895 Component: SQLite Revision : 2.0: Final Multiplevulnerabilities inSQLite 3.30.1 CVE-2019-19317 lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated column, which allows attackers to cause a denial of service or...

9.8CVSS7.3AI score0.0825EPSS
Exploits0
Broadcom
Broadcom
added 2020/02/03 12:0 a.m.9 views

BSA-2020-912

Security Advisory ID : BSA-2020-912 Component : Linux Kernel Revision : 1.0: Final An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the...

7.4CVSS7.3AI score0.10114EPSS
Exploits1
Broadcom
Broadcom
added 2020/01/10 12:0 a.m.9 views

BSA-2020-896

Security Advisory ID : BSA-2020-896 Component : spectrum analyzer Revision : 1.0: Final A group of Security Researchers havereleased a vulnerability namedCable Haunt. According to the researchers,Cable Haunt was found in Broadcom Cable modems and affects various manufacturers across the world. Mo...

9.3CVSS6.8AI score0.22924EPSS
Exploits3
Broadcom
Broadcom
added 2019/10/28 12:0 a.m.9 views

BSA-2019-866

Security Advisory ID : BSA-2019-866 Component : SANnav Revision : 1.0 Brocade SANnav versions before v2.0 usea hard-coded password, which could allowlocal authenticated attackers to access a back-end database and gain privileges. The vulnerability could be exploited only if the database service i...

7.8CVSS7AI score0.00254EPSS
Exploits0
Broadcom
Broadcom
added 2019/10/28 12:0 a.m.9 views

BSA-2019-864

Security Advisory ID : BSA-2019-864 Component : SANnav portal Revision : 1.0 A vulnerability, in Brocade SANnav versions before v2.0, could allow remote attackers to brute-force a valid session ID. The vulnerability is due to an insufficiently random session ID for several post-authentication...

8.8CVSS6.8AI score0.01293EPSS
Exploits0
Broadcom
Broadcom
added 2019/07/30 12:0 a.m.9 views

BSA-2019-840

Security Advisory ID : BSA-2019-840 Component : VxWorks Revision : 1.0: Initial The Armis research team, Armis Labs, have discovered 11 zero day vulnerabilities in VxWorks®. VxWorks is used by over 2 billion devices including critical industrial, medical and enterprise devices. Dubbed “URGENT/11,...

9.8CVSS7.6AI score0.84177EPSS
Exploits7
Broadcom
Broadcom
added 2019/04/15 12:0 a.m.9 views

BSA-2019-777

Security Advisory ID : BSA-2019-777 Component : WPA3 Revision : 1.0: Final Multiple vulnerabilities have been identified in WPA3 protocol design and implementations ofhostapdandwpasupplicant, which can allow a remote attacker to acquire a weak password, conduct a denial of service, or gain comple...

8.1CVSS7.3AI score0.05372EPSS
Exploits0
Broadcom
Broadcom
added 2019/03/21 12:0 a.m.9 views

BSA-2019-767

Security Advisory ID : BSA-2019-767 Component : LIBSSH2 Revision : 1.0: Final libssh2 is a client-side C library implementing the SSH2 protocol.It supports regular terminal, SCP and SFTPsessions; port forwarding, X11 forwarding; password, key-based and keyboard-interactive authentication. Libssh2...

9.3CVSS7.6AI score0.09219EPSS
Exploits0
Broadcom
Broadcom
added 2019/01/28 12:0 a.m.9 views

BSA-2019-753

Security Advisory ID : BSA-2019-753 Component : Kernel Revision : 1.0: Initial A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound write in fs/jbd2/transaction.c code, a denial of service, and a system crash by unmounting a crafted ext4 filesystem image...

5.5CVSS6.2AI score0.00723EPSS
Exploits1
Broadcom
Broadcom
added 2018/12/21 12:0 a.m.9 views

BSA-2018-746

Security Advisory ID : BSA-2018-746 Component : Servlet Revision : 1.0: Initial A Vulnerability in Brocade Network Advisor Version before 14.0.3 could allow a remote unauthenticated attacker to export the current user database which includes the encypted not hashed password of the systems. The...

7.5CVSS7.2AI score0.01671EPSS
Exploits0
Broadcom
Broadcom
added 2018/12/19 12:0 a.m.9 views

BSA-2018-841

Security Advisory ID : BSA-2018-841 Component : Hard-coded Credentials Revision : 3.0: Final A vulnerability in Brocade Network Advisor Version Before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocumented...

9.8CVSS7.3AI score0.0134EPSS
Exploits0
Broadcom
Broadcom
added 2018/11/01 12:0 a.m.9 views

BSA-2018-739

Security Advisory ID : BSA-2018-739 Component : Texas Instrument Microcontrollers CC2640 and CC2650 Revision : 1.0: Initial Texas Instrument Microcontrollers CC2640 and CC2650 are vulnerable to variable and heap overflow.Both Texas Instrument microcontrollers CC2640 and CC2650 BLE-Stacks contain ...

8.8CVSS7.1AI score0.02981EPSS
Exploits0
Broadcom
Broadcom
added 2018/10/29 12:0 a.m.9 views

BSA-2018-734

Security Advisory ID : BSA-2018-734 Component : Secure Shell Revision : 1.0: Initial A vulnerability in Brocade Fabric OS Secure Shell implementation could allow a local attacker to provide arbitrary environment variables,which can be used to bypass the restricted configuration shell. Affected...

7.8CVSS6.7AI score0.00394EPSS
Exploits0
Broadcom
Broadcom
added 2018/05/08 12:0 a.m.9 views

BSA-2018-603

Security Advisory ID : BSA-2018-603 Component : WebGUI Revision : 1.0: Final Multiple GPON Home Routers could allow a remote attacker to bypass security restrictions, caused by a flaw in the authentication mechanism. By appending "?images/" to the end of the web address on any of the router's...

9.8CVSS9.9AI score0.92887EPSS
Exploits7
Broadcom
Broadcom
added 2018/04/09 12:0 a.m.9 views

BSA-2018-583

Security Advisory ID : BSA-2018-583 Component : Spring-framework Revision : 1.0: Final Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocketendpoints with a simple, in-memory STOMP broker...

9.8CVSS9AI score0.77245EPSS
Exploits5
Broadcom
Broadcom
added 2017/11/17 12:0 a.m.9 views

BSA-2017-470

Security Advisory ID : BSA-2017-470 Component : Expand Entity References Revision : 1.0: Interim The 1 BasicParserPool, 2 StaticBasicParserPool, 3 XML Decrypter, and 4 SAML Decrypter in Shibboleth OpenSAML-Java before 2.6.1 set the expandEntityReferences property to true, which allows remote...

5CVSS9.1AI score0.02752EPSS
Exploits0
Total number of security vulnerabilities879