879 matches found
BSA-2018-729
Security Advisory ID : BSA-2018-729 Component : Fabric OS CLI Revision : 1.0: Initial A vulnerability in the secryptocfg command of Brocade Fabric OS command line interface CLIcould allow a local attacker toescape the restricted shell and, gain root access. Affected Products Brocade Fabric OS...
BSA-2018-730
Security Advisory ID : BSA-2018-730 Component : Fabric OS CLI Revision : 1.0: Initial Multiple Vulnerabilities in Brocade Fabric OS command line interface CLIcould allow a local attacker toescape the restricted shell and, gain root access. Commands Affected firmwaredownload command -CVE-2018-6436...
BSA-2018-700
Security Advisory ID : BSA-2018-700 Component : Apache Struts 2 Revision : 1.0: Final Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when using results with no namespace and in same time, its upper actions have no or wildcard namespace. Same...
BSA-2017-474
Security Advisory ID : BSA-2017-474 Component : Infineon RSA Library Revision : 2.0: Final The Infineon RSA library version 1.02.013 in Infineon Trusted Platform Module TPM firmware mishandles RSA key generation, which makes it easier for attackers to defeat various cryptographic protection...
BSA-2017-436
Security Advisory ID : BSA-2017-436 Component : Perl Revision : 2.0: Interim Heap-based buffer overflow in the regular expression compiler in PERL before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service crash via a crafted regular expression with the...
BSA-2017-429
Security Advisory ID : BSA-2017-429 Component : Struts REST Revision : 2.0: Interim A flaw was found in the Struts REST plugin when using an outdatedXStreamlibrary. An attacker could perform a denial of service attack using a malicious request with specially crafted XML payload. Affected Products...
BSA-2017-372
Security Advisory ID : BSA-2017-372 Component : RedHat Jboss EAP Revision : 2.0: Interim Red Hat JBoss Enterprise Application Platform EAP 7, when operating as a reverse-proxy with default buffer sizes, allows remote attackers to cause a denial of service CPU and disk consumption via a long URL...
BSA-2017-424
Security Advisory ID : BSA-2017-424 Component : Kernel Revision : 3.0: Interim The sanitycheckrawsuper function in fs/f2fs/super.c in the Linux kernel before 4.11.1 does not validate the segment count, which allows local users to gain privileges via unspecified vectors kernel: Missing sanity chec...
BSA-2017-365
Security Advisory ID : BSA-2017-365 Component : Apache Revision : 1.0: Interim In Apachehttpd2.2.x before 2.2.33 and 2.4.x before 2.4.26,modmimecan read one byte past the end of a buffer when sending a malicious Content-Type response header. Affected Products Brocade is investigating its product...
BSA-2017-319
Security Advisory ID : BSA-2017-319 Component : SSH Revision : 1.0: Interim The SSH protocols 1 and 2 aka SSH-2 as implemented inOpenSSHand other packages have various weaknesses which can allow a remote attacker to obtain the following information via sniffing: 1 password lengths or ranges of...
BSA-2017-280
Security Advisory ID : BSA-2017-280 Component : JBOSS Revision : 1.0: Interim The Web Console in Red Hat Enterprise Application Platform EAP before 6.4.4 andWildFlyformerlyJBossApplication Server allows remote attackers to cause a denial of service memory consumption via a large request header...
BSA-2017-283
Security Advisory ID : BSA-2017-283 Component : Apache Brooklyn 0.9.0 and all prior versions Revision : 1.0: Interim Apache Brooklyn’s REST server is vulnerable to cross-site scripting where one authenticated user can cause scripts to run in the browser of another user authorized to access the...
BSA-2017-240
Security Advisory ID : BSA-2017-240 Component : SNMP Revision : 1.0: Interim The Simple Network Management Protocol SNMP is a commonly used network service. Its primary function is to provide network administrators with information about all kinds of network connected devices. SNMP can be used to...
less Vulnerable to Arbitrary Code Execution via OS Command Execution via newline Character in Filename
less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation typically requires use with attacker-controlled file names, such as the files extracted from an untrusted archive. Exploitation also requires the...
AZUL Zulu Java Multiple Vulnerabilities - July 2024
CVE-ID Component Base Score CVE-2024-21131 Hotspot 3.7 CVE-2024-21138 Hotspot 3.7 CVE-2024-21140 Hotspot 4.8 CVE-2024-21145 2D 4.8 CVE-2024-21147 Hotspot 7.4 CVE-2024-21144 Concurrency 3.7 CVE-2024-27983 Oracle GrallVM for JDK 8.2 More details can be found at...
ISC BIND 9 Vulnerable to Denial-of-Service (DoS) via Memory Leaks in EdDSA DNSSEC Verification (CVE-2022-38178)
BIND 9 is vulnerable to a denial-of-service DoS issue due to the presence of a memory leak flaw in the DNSSEC verification code for the EdDSA algorithm that can occur when there is a signature length mismatch. An attacker could spoof the target resolver with responses that have malformed EdDSA...
Brocade Fabric OS before 9.2.2 does not enforce strict host key checking
A vulnerability in Brocade Fabric OS versions before 9.2.2 could allow man-in-the-middle attackers to conduct remote Service Session Hijacking that may arise from the attacker's ability to forge an SSH key while the Brocade Fabric OS Switch is performing various remote operations initiated by a...
Command or parameter injection via unique embedded switch SNMP commands (CVE-2024-5461)
Implementation of the Simple Network Management Protocol SNMP operating on the Brocade 6547 FC5022 embedded switch blade, makes internal script calls to system.sh from within the SNMP binary. An authenticated attacker could perform command or parameter injection on SNMP operations that are only...
HTTPS configuration between Brocade SANnav Management Portal and Brocade SAN switches (no CVE)
A security researcher reported a lack of encryption in Brocade SANnav for management protocol HTTP. The researcher states: By default, the appliance can be installed with these options: To configure HTTP or HTTPS connections between SANnav Management Portal and SAN switches, select one of the...
Azul Zulu Java Multiple Vulnerabilities (2023-07-18)
Azul Zulu installed versions prior to 7 7.63.0.14 / 8 8.71.0.14 / 11 11.65.14 / 17 17.43.14 / 20 20.32.12. are affected by multiple vulnerabilities as referenced in the 2023-07-18 advisory. CVE-2023-22006 CVE-2023-22036 CVE-2023-22041 CVE-2023-22043 CVE-2023-22044 CVE-2023-22045 CVE-2023-22049...
Path traversal and code execution via prototype vulnerability in NodeBB (CVE-2023-26045)
NodeBB is Node.js based forum software. Starting in version 2.5.0 and prior to version 2.8.7, due to the use of the object destructuring assignment syntax in the user export code path, combined with a path traversal vulnerability, a specially crafted payload could invoke the user export logic to...
Integer overflow in the keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 (CVE-2015-4042)
Integer overflow in the keycomparemb function in sort.c in sort in GNU Coreutils through 8.23 might allow attackers to cause a denial of service application crash or possibly have unspecified other impact via long strings...
NULL Pointer Exception bug that can be used by a remote attacker
handleipv6IpForwarding in agent/mibgroup/ip-mib/ipscalars.c in Net-SNMP 5.4.3 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service. Products Confirmed Not Affected Brocade Fabri...
Curl is vulnerable to a denial-of-service (DoS) issue
Curl is vulnerable to a denial-of-service DoS issue due to how some HTTPs servers handle cookies that contain 'control-bytes' / 'control codes' byte values below 32. When curl sends cookies that contain these bytes to an HTTPs server, it may return a 400 response which effectively allows a "siste...
A flaw was discovered in the XFS source in the Linux kernel (CVE-2020-12655)
An issue was discovered in xfsagfverify in fs/xfs/libxfs/xfsalloc.c in the Linux kernel through 5.6.10. Attackers may trigger a sync of excessive duration via an XFS v5 image with crafted metadata, aka CID-d0c7feaf8767...
Intel(R) CPU information disclosure (CVE-2022-40982)
Information exposure through microarchitectural state after transient execution in certain vector execution units for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access. Products Confirmed Not Affected No Brocade Fibre Channel...
CVE-2023-0286 -X.400 address type confusion in X.509 GeneralName
There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public structure definition for GENERALNAME incorrectly specified the type of the x400Address field as ASN1TYPE. This field is subsequentl...
RPM before 4.9.1.3 does not properly validate region tags, which allows remote attackers to cause a denial of service
RPM before 4.9.1.3 does not properly validate region tags, which allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via an invalid region tag in a package header to the 1 headerLoad, 2 rpmReadSignature, or 3 headerVerify function...
CVE-2014-9984: nscd in the GNU C Library (aka glibc or libc6) before version 2.20 does not correctly compute the size of an internal buffer
Security Advisory ID : BSA-2022-607 Component : GNU C Library Revision : 1.1 nscd in the GNU C Library aka glibc or libc6 before version 2.20 does not correctly compute the size of an internal buffer when processing netgroup requests, possibly leading to an nscd daemon crash or code execution as...
CVE-2020-29371: An issue was discovered in romfs_dev_read in fs/romfs/storage.c
Security Advisory ID : BSA-2022-1195 Component : Kernel Revision : 1.0 An issue was discovered in romfsdevread in fs/romfs/storage.c in the Linux kernel before 5.8.4. Uninitialized memory leaks to userspace, aka CID-bcf85fcedfdd. Notes: Brocade Fabric OS does not utilize the problematic code...
BSA-2021-1721
Security Advisory ID : BSA-2021-1721 Component : shell Revision : 1.0 A vulnerability in Brocade Fabric OS versions before Brocade Fabric OS v8.0.1b, v7.4.1d could allow an authenticated attacker within the restricted shell environment rbash as either the “user†or “factory†account, to...
BSA-2021-1655
Security Advisory ID : BSA-2021-1655 Component : Apache Log4j StrSubstitutor Revision : 1.0 Apache Log4j2 versions 2.0-alpha1 through 2.16.0, excluding 2.12.3, did not protect from uncontrolled recursion from self-referential lookups. When the logging configuration uses a non-default Pattern Layo...
BSA-2020-1045
Security Advisory ID : BSA-2020-1045 Component : Apache Tomcat Revision : 1.0: Final The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 echoes user provided data without escaping and is, therefore, vulnerable to XSS. SSI is disabled by default. The...
BSA-2020-937
Security Advisory ID : BSA-2020-937 Component : lldpd Revision : 1.0: Final Buffer overflow in the lldpdecode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers to cause a denial of service daemon crash and possibly execute arbitrary code via vectors involving large...
CVE-2019-19317, CVE-2019-19603, CVE-2019-19880 - Multiple vulnerabilities in SQLite 3.30.1. (BSA-2020-895).
Security Advisory ID: BSA-2020-895 Component: SQLite Revision : 2.0: Final Multiplevulnerabilities inSQLite 3.30.1 CVE-2019-19317 lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated column, which allows attackers to cause a denial of service or...
BSA-2020-912
Security Advisory ID : BSA-2020-912 Component : Linux Kernel Revision : 1.0: Final An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the...
BSA-2020-896
Security Advisory ID : BSA-2020-896 Component : spectrum analyzer Revision : 1.0: Final A group of Security Researchers havereleased a vulnerability namedCable Haunt. According to the researchers,Cable Haunt was found in Broadcom Cable modems and affects various manufacturers across the world. Mo...
BSA-2019-866
Security Advisory ID : BSA-2019-866 Component : SANnav Revision : 1.0 Brocade SANnav versions before v2.0 usea hard-coded password, which could allowlocal authenticated attackers to access a back-end database and gain privileges. The vulnerability could be exploited only if the database service i...
BSA-2019-864
Security Advisory ID : BSA-2019-864 Component : SANnav portal Revision : 1.0 A vulnerability, in Brocade SANnav versions before v2.0, could allow remote attackers to brute-force a valid session ID. The vulnerability is due to an insufficiently random session ID for several post-authentication...
BSA-2019-840
Security Advisory ID : BSA-2019-840 Component : VxWorks Revision : 1.0: Initial The Armis research team, Armis Labs, have discovered 11 zero day vulnerabilities in VxWorks®. VxWorks is used by over 2 billion devices including critical industrial, medical and enterprise devices. Dubbed “URGENT/11,...
BSA-2019-777
Security Advisory ID : BSA-2019-777 Component : WPA3 Revision : 1.0: Final Multiple vulnerabilities have been identified in WPA3 protocol design and implementations ofhostapdandwpasupplicant, which can allow a remote attacker to acquire a weak password, conduct a denial of service, or gain comple...
BSA-2019-767
Security Advisory ID : BSA-2019-767 Component : LIBSSH2 Revision : 1.0: Final libssh2 is a client-side C library implementing the SSH2 protocol.It supports regular terminal, SCP and SFTPsessions; port forwarding, X11 forwarding; password, key-based and keyboard-interactive authentication. Libssh2...
BSA-2019-753
Security Advisory ID : BSA-2019-753 Component : Kernel Revision : 1.0: Initial A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound write in fs/jbd2/transaction.c code, a denial of service, and a system crash by unmounting a crafted ext4 filesystem image...
BSA-2018-746
Security Advisory ID : BSA-2018-746 Component : Servlet Revision : 1.0: Initial A Vulnerability in Brocade Network Advisor Version before 14.0.3 could allow a remote unauthenticated attacker to export the current user database which includes the encypted not hashed password of the systems. The...
BSA-2018-841
Security Advisory ID : BSA-2018-841 Component : Hard-coded Credentials Revision : 3.0: Final A vulnerability in Brocade Network Advisor Version Before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocumented...
BSA-2018-739
Security Advisory ID : BSA-2018-739 Component : Texas Instrument Microcontrollers CC2640 and CC2650 Revision : 1.0: Initial Texas Instrument Microcontrollers CC2640 and CC2650 are vulnerable to variable and heap overflow.Both Texas Instrument microcontrollers CC2640 and CC2650 BLE-Stacks contain ...
BSA-2018-734
Security Advisory ID : BSA-2018-734 Component : Secure Shell Revision : 1.0: Initial A vulnerability in Brocade Fabric OS Secure Shell implementation could allow a local attacker to provide arbitrary environment variables,which can be used to bypass the restricted configuration shell. Affected...
BSA-2018-603
Security Advisory ID : BSA-2018-603 Component : WebGUI Revision : 1.0: Final Multiple GPON Home Routers could allow a remote attacker to bypass security restrictions, caused by a flaw in the authentication mechanism. By appending "?images/" to the end of the web address on any of the router's...
BSA-2018-583
Security Advisory ID : BSA-2018-583 Component : Spring-framework Revision : 1.0: Final Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocketendpoints with a simple, in-memory STOMP broker...
BSA-2017-470
Security Advisory ID : BSA-2017-470 Component : Expand Entity References Revision : 1.0: Interim The 1 BasicParserPool, 2 StaticBasicParserPool, 3 XML Decrypter, and 4 SAML Decrypter in Shibboleth OpenSAML-Java before 2.6.1 set the expandEntityReferences property to true, which allows remote...