Lucene search
K
BroadcomMost viewed

879 matches found

Broadcom
Broadcom
added 2017/08/25 12:0 a.m.8 views

BSA-2017-397

Security Advisory ID : BSA-2017-397 Component : Java Revision : 2.0: Interim Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit:...

6.8CVSS7.7AI score0.02598EPSS
Exploits0
Broadcom
Broadcom
added 2017/08/25 12:0 a.m.8 views

BSA-2017-381

Security Advisory ID : BSA-2017-381 Component : OpenVPN Revision : 1.0: Interim OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service by authenticated remote attacker via sending a certificate with an embedded NULL character. Affected Products Brocade is investigatin...

6.5CVSS6.9AI score0.05539EPSS
Exploits0
Broadcom
Broadcom
added 2017/08/25 12:0 a.m.8 views

BSA-2017-363

Security Advisory ID : BSA-2017-363 Component : Apache Revision : 1.0: Interim A maliciously constructed HTTP/2 request could cause modhttp2 to dereference a NULL pointer and crash the server process. Affected Products Brocade is investigating its product lines to determine which products may be...

7.5CVSS6.9AI score0.53939EPSS
Exploits0
Broadcom
Broadcom
added 2017/08/25 12:0 a.m.8 views

BSA-2017-375

Security Advisory ID : BSA-2017-375 Component : NFS Revision : 3.0: Final The NFS2/3 RPC client could send long arguments to the NFS server. These encoded arguments are stored in an array of memory pages, and accessed using pointer variables. Arbitrarily long arguments could make these pointers...

7.8CVSS6.9AI score0.05905EPSS
Exploits0
Broadcom
Broadcom
added 2017/08/25 12:0 a.m.8 views

BSA-2017-407

Security Advisory ID : BSA-2017-407 Component : Java Revision : 2.0: Interim Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable...

9.6CVSS8.4AI score0.02555EPSS
Exploits0
Broadcom
Broadcom
added 2017/08/25 12:0 a.m.8 views

BSA-2017-410

Security Advisory ID : BSA-2017-410 Component : Java Revision : 2.0: Interim Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable...

9.6CVSS8.4AI score0.02555EPSS
Exploits0
Broadcom
Broadcom
added 2017/08/25 12:0 a.m.8 views

BSA-2017-399

Security Advisory ID : BSA-2017-399 Component : Java Revision : 2.0: Interim Vulnerability in the Java SE component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Difficult to exploit vulnerability allows unauthenticated attacke...

7.5CVSS7.8AI score0.03236EPSS
Exploits0
Broadcom
Broadcom
added 2017/08/25 12:0 a.m.8 views

BSA-2017-416

Security Advisory ID : BSA-2017-416 Component : Java Revision : 2.0: Interim Vulnerability in the Java SE component of Oracle Java SE subcomponent: Deployment. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacke...

4.3CVSS6.9AI score0.0222EPSS
Exploits0
Broadcom
Broadcom
added 2017/06/23 12:0 a.m.8 views

BSA-2017-342

Security Advisory ID : BSA-2017-342 Component : Freeradius Revision : 2.0: Interim The TLS session cache inFreeRADIUS2.1.1 through 2.1.7, 3.0.x before 3.0.14, 3.1.x before 2017-02-04, and 4.0.x before 2017-02-04 fails to reliably prevent resumption of an unauthenticated session, which allows remo...

9.8CVSS7.3AI score0.03914EPSS
Exploits0
Broadcom
Broadcom
added 2017/05/17 12:0 a.m.8 views

BSA-2017-272

Security Advisory ID : BSA-2017-272 Component : OpenSSH Revision : 2.0: Final Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS11 modules by leveraging control over a forwarded agent-socket. Affected...

7.5CVSS9.2AI score0.37431EPSS
Exploits4
Broadcom
Broadcom
added 2017/05/17 12:0 a.m.8 views

BSA-2017-293

Security Advisory ID : BSA-2017-293 Component : NTP Revision : 1.0: Interim The Windows installer for NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via vectors related to an argument with multiple null bytes. Affected Products Brocade is investigating i...

5.5CVSS8.7AI score0.00408EPSS
Exploits0
Broadcom
Broadcom
added 2017/05/17 12:0 a.m.8 views

BSA-2017-305

Security Advisory ID : BSA-2017-305 Component : Apache Tomcat Revision : 1.0: Interim The handling of an HTTP/2 GOAWAY frame for a connection did not close streams associated with that connection that were currently waiting for a WINDOWUPDATE before allowing the application to write more data...

7.5CVSS8.6AI score0.08275EPSS
Exploits0
Broadcom
Broadcom
added 2017/05/17 12:0 a.m.8 views

BSA-2017-289

Security Advisory ID : BSA-2017-289 Component : NTP Revision : 1.0: Interim A vulnerability found in the NTP server allows an authenticated remote attacker to crash the daemon by sending an invalid setting viathe :configdirective. Theunpeeroption expects a number or an address as an argument. In...

6.5CVSS9.1AI score0.05239EPSS
Exploits0
Broadcom
Broadcom
added 2017/05/17 12:0 a.m.8 views

BSA-2017-285

Security Advisory ID : BSA-2017-285 Component : Linux Kernel Revision : 1.0: Interim A race condition flaw was found in the NHLDC Linux kernel driver when accessingnhdlc.tbuflist that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on thettydevice could us...

7CVSS6.5AI score0.01021EPSS
Exploits2
Broadcom
Broadcom
added 2017/05/17 12:0 a.m.8 views

BSA-2017-291

Security Advisory ID : BSA-2017-291 Component : NTP Revision : 1.0: Interim NTP before 4.2.8p10 and 4.3.x before 4.3.94, when using PPSAPI, allows local users to gain privileges via a DLL in the PPSAPIDLLS environment variable. Affected Products Brocade is investigating its product lines to...

7CVSS8.7AI score0.00478EPSS
Exploits0
Broadcom
Broadcom
added 2017/05/17 12:0 a.m.8 views

BSA-2017-292

Security Advisory ID : BSA-2017-292 Component : NTP Revision : 1.0: Interim Stack-based buffer overflow in the Windows installer for NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via an application path on the command line. Affected Products Brocade is...

7.8CVSS9AI score0.00446EPSS
Exploits0
Broadcom
Broadcom
added 2017/05/02 12:0 a.m.8 views

BSA-2017-268

Security Advisory ID : BSA-2017-268 Component : Linux Kernel Revision : 1.0: Interim Use-after-free vulnerability in mm/percpu.cin the Linux kernel through 4.6 allows local users to cause a denial of service BUG or possibly have unspecified other impact via crafted use of themmapandbpfsystem call...

7.8CVSS6.8AI score0.00493EPSS
Exploits1
Broadcom
Broadcom
added 2017/05/02 12:0 a.m.8 views

BSA-2017-266

Security Advisory ID : BSA-2017-266 Component : FOS Revision : 1.0: Interim Apache Tomcat through 7.0.x allows remote attackers to cause a denial of service daemon outage via partial HTTP requests, as demonstrated bySlowloris. Affected Products Brocade is investigating its product lines to...

5CVSS6.7AI score0.09588EPSS
Exploits2
Broadcom
Broadcom
added 2017/04/28 12:0 a.m.8 views

BSA-2017-246

Security Advisory ID : BSA-2017-246 Component : FOS Revision : 2.0: Final Thehashbufferfunction inschnorr.cinOpenSSHthrough 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of servic...

7.5CVSS7.3AI score0.04587EPSS
Exploits1
Broadcom
Broadcom
added 2017/04/28 12:0 a.m.8 views

BSA-2017-241

Security Advisory ID : BSA-2017-241 Component : SNMP Revision : 1.0: Interim SNMP service in Atmel 802.11b VNET-B Access Point 1.3 and earlier, as used inNetgearME102 and Linksys WAP11, accepts arbitrary community strings with requested MIB modifications, which allows remote attackers to obtain...

7.5CVSS7.2AI score0.01571EPSS
Exploits0
Broadcom
Broadcom
added 2017/04/28 12:0 a.m.8 views

BSA-2017-235

Security Advisory ID : BSA-2017-235 Component : Oracle Web Services Revision : 1.0: Interim Unspecified vulnerability in the Oracle Web Services component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, 12.1.3.0.0, and 12.2.1.0.0 allows remote attackers to affect confidentiality, integrity, a...

10CVSS9AI score0.05431EPSS
Exploits0
Broadcom
Broadcom
added 2017/02/07 12:0 a.m.8 views

BSA-2017-115

Security Advisory ID : BSA-2017-115 Component : Apache HTTPD Revision : 2.0: Final The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTPPROXY environment variable, which might allow...

8.1CVSS8.6AI score0.55724EPSS
Exploits0
Broadcom
Broadcom
added 2017/01/10 12:0 a.m.8 views

BSA-2017-501

Security Advisory ID : BSA-2017-501 Component : Apache HTTPD Revision : 2.0: Final In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to modauthdigest can cause the server to crash, and each instance continues to crash even for subsequently valid requests...

7.5CVSS7.7AI score0.20952EPSS
Exploits0
Broadcom
Broadcom
added 2016/04/11 12:0 a.m.8 views

BSA-2016-1052

Security Advisory ID : BSA-2016-1052 Component : TCP Sequence Number Revision : 4.0: Final A vulnerability was discovered in the Transmission Control Protocol TCP specification RFC 873. TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a...

5CVSS6.7AI score0.80855EPSS
Exploits3
Broadcom
Broadcom
added 2016/02/10 12:0 a.m.8 views

BSA-2016-002

Summary Security Advisory ID : BSA-2016-002 Component : Web Server Expect Header XSS Revision : 3.0 N/A...

4.3CVSS6.4AI score0.01786EPSS
Exploits0
Broadcom
Broadcom
added 2025/02/27 12:0 a.m.7 views

c-ares Vulnerable to Memory Corruption via Out-of-Bounds Read in ‘ares__read_line’ function

c-ares is vulnerable to memory corruption due to improper parsing of local configuration files. This could allow a local attacker with access to such files to cause a denial-of-service DoS, or potentially leverage to obtain sensitive information from memory...

5.5CVSS6.5AI score0.00349EPSS
Exploits0
Broadcom
Broadcom
added 2025/02/13 12:0 a.m.7 views

Docker implementation in Brocade SANnav is missing Audit Rules. (CVE-2024-2240)

Docker daemon in Brocade SANnav before SANnav 2.3.1b runs without auditing. The vulnerability could allow a remote authenticated attacker to execute various attacks. Details. 'dockerd' is the Docker daemon/process that manages containers through the use of different binaries for the daemon and...

8.6CVSS7.1AI score0.00486EPSS
Exploits0
Broadcom
Broadcom
added 2025/02/13 12:0 a.m.7 views

PostgreSQL Vulnerable to Privilege Escalation via Improper Checks in 'pg_stats_ext' and 'pg_stats_ext_exprs' Functions

PostgreSQL is vulnerable to privilege escalation. An attacker could exploit this to access views without correct privileges, potentially gaining access to sensitive data that they shouldn't have access to...

4.3CVSS6.9AI score0.00722EPSS
Exploits0
Broadcom
Broadcom
added 2025/02/13 12:0 a.m.7 views

Oracle Critical Patch Update Advisory -- July 2024

CVE-ID Component Base Score CVE-2024-21131 Hotspot 3.7 CVE-2024-21138 Hotspot 3.7 CVE-2024-21140 Hotspot 4.8 CVE-2024-21145 2D 4.8 CVE-2024-21147 Hotspot 7.4 CVE-2024-27983 Oracle GrallVM for JDK 8.2 More details can be found at https://www.oracle.com/security-alerts/cpujul2024.html...

8.2CVSS6.9AI score0.87211EPSS
Exploits1
Broadcom
Broadcom
added 2024/04/30 12:0 a.m.7 views

Security updates provided in Brocade Fabric OS v9.2.1, v9.2.0b, v9.1.1d, v8.2.3e

Dear Brocade Customer: This Advisory aims to inform you of Brocade Fabric OS Security updates in Brocade Fabric OS OS v9.2.1, v9.2.0b, v9.1.1d, v8.2.3e. Please review the recently posted security advisories listed here: Newly created Brocade CVEs...

9.8CVSS6.9AI score0.75116EPSS
Exploits0
Broadcom
Broadcom
added 2023/10/07 12:0 a.m.7 views

Vulnerabilities in Supermicro BMC IPMI firmware (CVE-2023-40289, CVE-2023-40284, CVE-2023-40287, CVE-2023-40288, CVE-2023-40290, CVE-2023-40285, CVE-2023-40286)

The Binarly research team has discovered multiple vulnerabilities in the Supermicro IPMI firmware component developed by ATEN. Vulnerabilities can be exploited by unauthenticated, remote attackers and could result in obtaining the root of the BMC system. CVE ID| Severity| Issue Type| Description...

8.3CVSS6.9AI score0.17767EPSS
Exploits1
Broadcom
Broadcom
added 2023/08/08 12:0 a.m.7 views

CVE-2020-1749 - A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec

A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel isn't correctly routing tunneled data over the encrypted link; rather sending the data...

7.5CVSS6.2AI score0.0124EPSS
Exploits0
Broadcom
Broadcom
added 2023/08/01 12:0 a.m.7 views

The _rl_tropen function in util.c in GNU readline before 6.3 patch 3

The rltropen function in util.c in GNU readline before 6.3 patch 3 allows local users to create or overwrite arbitrary files via a symlink attack on a /var/tmp/rltrace.PID file...

3.3CVSS6.7AI score0.00432EPSS
Exploits0
Broadcom
Broadcom
added 2023/07/24 12:0 a.m.7 views

CVE-2023-36664 - Artifex Ghostscript through 10.01.2 mishandles permission validation

Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices with the %pipe% prefix or the | pipe character prefix...

7.8CVSS7AI score0.03236EPSS
Exploits4
Broadcom
Broadcom
added 2023/06/06 12:0 a.m.7 views

CVE-2019-10208 -TYPE in pg_temp executes arbitrary SQL during SECURITY DEFINER execution

A flaw was discovered in postgresql versions 9.4.x before 9.4.24, 9.5.x before 9.5.19, 9.6.x before 9.6.15, 10.x before 10.10 and 11.x before 11.5 where arbitrary SQL statements can be executed given a suitable SECURITY DEFINER function. An attacker, with EXECUTE permission on the function, can...

8.8CVSS7.7AI score0.0217EPSS
Exploits0
Broadcom
Broadcom
added 2022/11/29 12:0 a.m.7 views

CVE-2022-2601 & CVE-2022-3775: Multiple GRUB2 vulnerabilities

Security Advisory ID : BSA-2022-2139 Component : GRUB2 Revision : 1.0 Brocade PSIRT has become aware of two grub vulnerabilities. CVE-2022-2601 grub2: A buffer overflow in grubfontconstructglyph can lead to out-of-bound write and possible secure boot by-pass A buffer overflow was found in...

8.6CVSS8.5AI score0.00872EPSS
Exploits0
Broadcom
Broadcom
added 2022/09/13 12:0 a.m.7 views

CVE-2021-3712: ASN1_STRING structure contains a buffer holding the string data

Security Advisory ID : BSA-2022-1587 Component : OpenSSL Revision : 1.0 ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesent...

7.4CVSS6.9AI score0.50445EPSS
Exploits0
Broadcom
Broadcom
added 2022/09/13 12:0 a.m.7 views

CVE-2018-6485: An integer overflow in the implementation of the posix_memalign

Security Advisory ID : BSA-2022-623 Component : GNU C Library Revision : 1.0 An integer overflow in the implementation of the posixmemalign in memalign functions in the GNU C Library aka glibc or libc6 2.26 and earlier could cause these functions to return a pointer to a heap area that is too...

9.8CVSS6.1AI score0.04689EPSS
Exploits0
Broadcom
Broadcom
added 2022/09/13 12:0 a.m.7 views

CVE-2022-0155: Exposure of Private Personal Information to an Unauthorized Actor

Security Advisory ID : BSA-2022-1676 Component : Follow-Redirects Revision : 2.0 follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor. Notes: Brocade Fabric OS does not use cookies; however, Brocade Fabric OS versions after v9.0.0 and before v9.1.1 d...

8CVSS6.9AI score0.02426EPSS
Exploits2
Broadcom
Broadcom
added 2022/06/22 12:0 a.m.7 views

BSA-2022-1835

Security Advisory ID : BSA-2022-1835 Component : Oracle Java Revision : 1.0 Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Java SE: 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition:...

7.5CVSS6AI score0.04008EPSS
Exploits0
Broadcom
Broadcom
added 2022/04/28 12:0 a.m.7 views

BSA-2022-1832

Security Advisory ID : BSA-2022-1832 Component : NGINX Revision : 1.0 Brocade PSIRT has become aware of thesecurity vulnerabilities in the NGINX LDAP reference implementation publicly shared on09 April 2022. More information is available at "Addressing Security Weaknesses in the NGINX LDAP...

6.7AI score
Exploits0
Broadcom
Broadcom
added 2022/02/16 12:0 a.m.7 views

BSA-2021-1722

Security Advisory ID : BSA-2021-1722 Component : hard-coded credentials Revision : 1.0 Brocade Fabric OS before Brocade Fabric OS v8.2.1c, v8.1.2h, and all versions of Brocade Fabric OS v8.0.x and v7.x contain documented hard-coded credentials, which could allow attackers to gain access to the...

9.8CVSS7.2AI score0.01347EPSS
Exploits2
Broadcom
Broadcom
added 2020/09/25 12:0 a.m.7 views

BSA-2020-1276

Security Advisory ID : BSA-2020-1276 Component : bzip2recover Revision : 2.0 Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service crash via a crafted bzip2 file, related to block ends set to before the start of the block. Affected Produc...

6.5CVSS6.8AI score0.15831EPSS
Exploits0
Broadcom
Broadcom
added 2020/07/29 12:0 a.m.7 views

BSA-2020-1053

Security Advisory ID : BSA-2020-1053 Component : GRUB2 Revision : 1.0: Initial Security Researchers from Eclypsium disclosed “BootHole.” 1, 2.“BootHole” vulnerability in the GRUB2 bootloader opens up Windows and Linux devices using Secure Boot to attack. All operating systems using GRUB2 with...

8.2CVSS8.3AI score0.01588EPSS
Exploits1
Broadcom
Broadcom
added 2020/07/06 12:0 a.m.7 views

BSA-2020-1043

Security Advisory ID : BSA-2020-1043 Component : Apache Tomcat Revision : 1.0: Final When using a VirtualDirContext with Apache Tomcat 7.0.0 to 7.0.80 it was possible to bypass security constraints and/or view the source code of JSPs for resources served by the VirtualDirContext using a specially...

7.5CVSS7.1AI score0.708EPSS
Exploits4
Broadcom
Broadcom
added 2020/02/03 12:0 a.m.7 views

BSA-2020-910

Security Advisory ID : BSA-2020-910 Component : Linux Kernel Revision : 1.0: Final In the Linux kernel through 5.4.6, there are information leaks ofuninitialized memory to a USB device in thedrivers/net/can/usb/kvaserusb/kvaserusbleaf.c driver, aka CID-da2311a6385c. Impact: Successful exploitatio...

4.6CVSS6.2AI score0.00493EPSS
Exploits0
Broadcom
Broadcom
added 2020/02/03 12:0 a.m.7 views

BSA-2020-915

Security Advisory ID : BSA-2020-915 Component : Linux Kernel Revision : 1.0: Final mwifiextmcmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c in the Linux kernel before 5.1.6 has some error-handling cases that did not free allocated hostcmd memory, aka CID-003b686ace82. This will cause a...

5.5CVSS6.5AI score0.00394EPSS
Exploits0
Broadcom
Broadcom
added 2019/02/07 12:0 a.m.7 views

BSA-2019-755

Security Advisory ID : BSA-2019-755 Component : Apache Revision : 1.0: Final Apache 2.4 vulnerabilities in Brocade Fibre Channel Products from Broadcom Multiple Brocade Fibre Channel technology products from Broadcom incorporate Apache httpd 2.4 librairies. Apache released in January 2019, a list...

7.5CVSS9.2AI score0.59942EPSS
Exploits0
Broadcom
Broadcom
added 2018/10/29 12:0 a.m.7 views

BSA-2018-736

Security Advisory ID : BSA-2018-736 Component : Fabric OS WebGui Revision : 1.0: Initial The Web management interface of Brocade Fabric OS doesn’t send cookies with secure flag.This could allow attackers to intercept or manipulate a victim user's session ID. Affected Products Brocade Fabric OS...

7.5CVSS6.8AI score0.01206EPSS
Exploits0
Broadcom
Broadcom
added 2018/10/29 12:0 a.m.7 views

BSA-2018-728

Security Advisory ID : BSA-2018-728 Component : Fabric OS CLI : secryptocfg export command Revision : 1.0: Initial A vulnerability in the secryptocfg export command of Brocade Fabric OS could allow a local attacker to bypass the export file access restrictions and initiate a file copy from the...

5.5CVSS6.8AI score0.00342EPSS
Exploits0
Total number of security vulnerabilities879