Daily Data Dump Collector logs database password in cleartext when running docker exec commands (CVE-2025-6392)

Brocade SANnav before Brocade SANnav 2.4.0a could log database passwords in clear text in audit logs when the daily data dump collector invokes docker exec commands. These audit logs are the local server VM’s audit logs and are not controlled by SANnav. These logs are only visible to the server...

Schema parsing in the Java SDK of Apache Avro 1.11.3 and previous versions allows bad actors to execute arbitrary code

Schema parsing in the Java SDK of Apache Avro 1.11.3 and previous versions allows bad actors to execute arbitrary code. Users are recommended to upgrade to version 1.11.4 or 1.12.0, which fix this issue...

GNU Glibc Vulnerable to Memory Corruption via Heap Buffer Overflow during 'assert()' Failure (CVE-2025-0395)

GNU Glibc contains a memory corruption vulnerability that overflows the heap buffer by one or several bytes. The corruption occurs when the assert function fails under specific conditions. Heap buffer overflows are known to result in severe damage to the program's confidentiality, integrity, and...

Azul Zulu Java Multiple Vulnerabilities (January 2025)

Azul Zulu Multiple Vulnerabilities January 2025 CVE-2025-0509 CVSS 3.1 Base Score 7.3 CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H Brocade SANnav not affected: VEX Justification: Vulnerablecodenotpresent CVE-2025-21502 CVSS 3.1 Base Score 4.8 CVSS Vector:...

Multiple vulnerabilities detected in PostgreSQL

Multiple PostgreSQL vulnerability updates CVE-2025-1094-PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2024-10979-PostgreSQL PL/Perl environment variable changes execute arbitrary code CVE-2024-10978-PostgreSQL SET ROLE, SET SESSION AUTHORIZATI...

Linux Kernel IPv6 Segment Routing Vulnerable to Out-of-Bounds Read via Crafted Netlink Message in SRv6 Layer

IPv6 Segment Routing SRv6 is vulnerable to an out-of-bounds read when setting HMAC data due to a lack of validation in the SEG6ATTRSECRETLEN attribute. This could allow an attacker to read up to 64 bytes of data past the skb end pointer and into skbsharedinfo, potentially leading to information...

Denial-of-Service (DoS) after Unusual or Exceptional Conditions vulnerability (CVE-2025-4663)

An Improper Check for Unusual or Exceptional Conditions vulnerability in Brocade Fabric OS before 9.2.2.a could allow an authenticated, network-based attacker to cause a Denial-of-Service DoS. The vulnerability is encountered when supportsave is invoked remotely, using ssh command or SANnav inlin...

Linux Kernel SUN RPC Subsystem Vulnerable to Memory Corruption via Use-After-Free (UAF) in 'inet_put_port' Function

The Linux Kernel SUN RPC subsystem is vulnerable to memory corruption due to how a use-after-free UAF can occur in the inetputport function as a result of xsxprtfree being called before all sockets are closed. An attacker could abuse this flaw in order to corrupt kernel memory which could...

Path transversal vulnerability potentially leading to sensitive information disclosure (CVE-2025-4661)

A path transversal vulnerability in Brocade Fabric OS 9.1.0 through 9.2.2 could allow a local admin user to gain access to files outside the intended directory potentially leading to the disclosure of sensitive information. Note: Admin level privilege is required on the switch in order to exploit...

Linux Kernel Vulnerable to Denial-of-Service (DoS) via NULL Pointer Dereference in 'rawv6_push_pending_frames()' Function in 'raw.c' File (CVE-2023-0394)

Linux Kernel contains a vulnerability that can lead to a NULL pointer dereference condition due to insufficient checks. Exploiting this vulnerability could allow an attacker to cause a denial-of-service DoS...

Path traversal vulnerability in functional web frameworks (CVE-2024-38819)

Spring Framework is vulnerable to a path traversal issue due to a lack of sufficient sanitization of path sequences processed by the WebMvc.fn or WebFlux.fn functional web frameworks. A remote attacker could submit crafted HTTP requests to an application that serves static resources through the...

Linux Kernel Vulnerable to Dangling Pointer via Garbage Collector Racing Against Connect() in AF_UNIX Module

The Linux Kernel is vulnerable to a race condition in the AFUNIX garbage collector due to improper handling of socket connections. This could allow an attacker to cause memory corruption...

Branch Predictor Race Conditions (CVE-2024-45332)

Brocade is aware of Branch Privilege Injection: Exploiting Branch Predictor Race Conditions vulnerability CVE-2024-45332. Detail Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution in the indirect branch predictors for some...

AMI Security Advisory AMI-SA-2025003 (CVE-2024-54084,CVE-2024-54085)

Brocade is aware of AMI Security Advisory AMI-SA202503 disclosing CVE-2024-54084, CVE-2024-54085. CVE-2024-54084 APTIOV contains a vulnerability in BIOS where an attacker may cause a Time-of-check Time-of-use TOCTOU Race Condition by local means. Successful exploitation of this vulnerability may...

Ingress-nginx admission controller RCE escalation (CVE-2025-1974)

A security issue was discovered in Kubernetes where under certain conditions, an unauthenticated attacker with access to the pod network can achieve arbitrary code execution in the context of the ingress-nginx controller. This can lead to disclosure of Secrets accessible to the controller. Note...

Code injection exposure in Fabric OS 9.1.0 through 9.1.1d6

Brocade Fabric OS versions starting with 9.1.0 have root access removed, however, a local user with admin privilege can potentially execute arbitrary code with full root privileges on Fabric OS versions 9.1.0 through 9.1.1d6. Description Through a flaw in IP Address validation, a local user,...

Use-after-free in xmlValidatePopElement() using XMLReader API (CVE-2024-25062)

An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free...

Brocade ASCG 3.2.0 web interface does not enforce HSTS, as defined by RFC 6797 for ports 8030 and 8100

Brocade ASCG before 3.2.0 WebGui is not enforcing HSTS, as defined by RFC 6797. HSTS is an optional response header that can be configured on the server to instruct the browser to only communicate via HTTPS. The lack of HSTS allows downgrade attacks, SSL-stripping man-in-the-middle attacks, and...

url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent

Brocade Wget contains an improper input validation vulnerability. An attacker could exploit this via theuserinfosubcomponent of a URI to cause insecure behavior which could potentially cause improper authentication, exposure of sensitive information, or other serious data integrity issues...

c-ares Vulnerable to Memory Corruption via Out-of-Bounds Read in ‘ares__read_line’ function

c-ares is vulnerable to memory corruption due to improper parsing of local configuration files. This could allow a local attacker with access to such files to cause a denial-of-service DoS, or potentially leverage to obtain sensitive information from memory...

Rocky Linux Kernel update in Brocade ASCG 3.2.0 for RLSA-2024:4211, RLSA-2024:5101, RLSA-2024:8856

Brocade ASCG 3.2.0 contains a new Rocky Linux Kernel with security updates for numerous security vulnerabilities. kernel RLSA-2024:4211 CVE-2021-47353, CVE-2024-27410, CVE-2023-52881, CVE-2024-26759, CVE-2023-52626, CVE-2024-35789, CVE-2024-36004, CVE-2023-52813, CVE-2023-52781, CVE-2024-35853,...

less Vulnerable to Arbitrary Code Execution via OS Command Execution via newline Character in Filename

less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation typically requires use with attacker-controlled file names, such as the files extracted from an untrusted archive. Exploitation also requires the...

PostgreSQL JDBC Driver allows attacker to inject SQL if using PreferQueryMode=SIMPLE

pgjdbc, the PostgreSQL JDBC Driver, allows an attacker to inject SQL if using PreferQueryMode=SIMPLE. Note, this is not the default. In the default mode there is no vulnerability. A placeholder for a numeric value must be immediately preceded by a minus. There must be a second placeholder for a...

Apache Commons Vulnerabilities (CVE-2024-25710 and CVE-2024-26308)

CVE-2024-25710 Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Apache Commons Compress. This issue affects Apache Commons Compress from 1.3 through 1.25.0. Users are recommended to upgrade to version 1.26.0 which fixes the issue. CVE-2024-26308 Allocation of Resources Withou...

Weak TLS Ciphers on Brocade SANnav port 443 & 18082. (CVE-2024-10405)

Brocade SANnav before SANnav 2.3.1b enables weak TLS ciphers on ports 443 and 18082. In case of a successful exploit, an attacker can read Brocade SANnav data stream that includes monitored Brocade Fabric OS switches performance data, port status, zoninginformation, WWNs, IP Addresses, but no...

Clear text password seen in switch-asset-collectors-mw in Brocade SANnav supportsave (CVE-2024-10404)

CalInvocationHandler in Brocade SANnav before 2.3.1b logs sensitive information in clear text. The vulnerability could allow an authenticated, local attacker to view Brocade Fabric OS switch sensitive information in clear text. An attacker with administrative privileges could retrieve sensitive...

PostgreSQL Vulnerable to Privilege Escalation via Improper Checks in 'pg_stats_ext' and 'pg_stats_ext_exprs' Functions

PostgreSQL is vulnerable to privilege escalation. An attacker could exploit this to access views without correct privileges, potentially gaining access to sensitive data that they shouldn't have access to...

PostgreSQL Vulnerable to Denial-of-Service (DoS) in 'pg_signal_backend()'

PostgreSQL contains a denial-of-service DoS vulnerability. An attacker with superuser permissions could exploit this issue to cause the database to crash...

Rocky Linux Brocade SANnav OVA updates: kernel (RLSA-2024:8856) expat (RLSA-2024:9502, RLSA-2024-6989) bzip2 (RLSA-2024:8922) krb5 (RLSA-2024:8860) and python3 (RLSA-2024:6975)

Rocky Linux updates for SANnav OVA releases. The listed updates are available for OVA deployments of SANnav. kernel RLSA-2024:8856 CVE-2024-44935, CVE-2024-43854, CVE-2024-35898, CVE-2024-27062, CVE-2024-42244, CVE-2024-27017, CVE-2024-42070, CVE-2024-43880, CVE-2023-52492, CVE-2024-46826,...

Weak TLS Ciphers on Brocade SANnav OVA SSH port 22. (CVE-2024-4282)

Brocade SANnav OVA before SANnav 2.3.1b enables SHA1 deprecated setting for SSH for port 22. Detail The SSH protocol Secure Shell is a method for secure remote login from one computer to another. The target is using deprecated SHA1 cryptographic settings to communicate. IMPACT: vulnerable to...

Docker implementation in Brocade SANnav is missing Audit Rules. (CVE-2024-2240)

Docker daemon in Brocade SANnav before SANnav 2.3.1b runs without auditing. The vulnerability could allow a remote authenticated attacker to execute various attacks. Details. 'dockerd' is the Docker daemon/process that manages containers through the use of different binaries for the daemon and...

snappy-java Vulnerable to Denial-of-Service (DoS) due to Improper Input Validation in File 'SnappyInputStream.java'

In snappy-java the stream chunk processing implementation uses a user controlled value to define the size of an allocated array. A remote attacker may abuse this by creating a crafted input stream that causes an extremely large array to be allocated, or a negative array size to be used. Both case...

BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record

BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible terminal. Alternatively, the attacker could choose to change the terminal's colors...

Brocade SANnav encryption key is logged in the debug logs (CVE-2025-1053)

Under certain error conditions at time of Brocade SANnav installation or upgrade, the encryption key can be written into and obtained from a Brocade SANnav supportsave. An attacker with privileged access to the Brocade SANnav database could use the encryption key to obtain passwords used by Broca...

AZUL Zulu Java Multiple Vulnerabilities - July 2024

CVE-ID Component Base Score CVE-2024-21131 Hotspot 3.7 CVE-2024-21138 Hotspot 3.7 CVE-2024-21140 Hotspot 4.8 CVE-2024-21145 2D 4.8 CVE-2024-21147 Hotspot 7.4 CVE-2024-21144 Concurrency 3.7 CVE-2024-27983 Oracle GrallVM for JDK 8.2 More details can be found at...

ISC BIND 9 Vulnerable to Denial-of-Service (DoS) via Memory Leaks in EdDSA DNSSEC Verification (CVE-2022-38178)

BIND 9 is vulnerable to a denial-of-service DoS issue due to the presence of a memory leak flaw in the DNSSEC verification code for the EdDSA algorithm that can occur when there is a signature length mismatch. An attacker could spoof the target resolver with responses that have malformed EdDSA...

SANnav ROCKY LINUX Upgrade for RLSA-2024:5530, RLSA-2024:5101, RLSA-2024:4583, RLSA-2024:3501, RLSA-2024:3513, RLSA-2024:3619, RLSA-2024:4349, RLSA-2024:4078, RLSA-2024:2758, RLSA-2024:2758

Brocade SANnav OVA versions 2.3.1b and 2.4.0 along with Brocade sannavova8xos122024 SANnav OVA patch from December 2024 utilize an upgraded Rocky Linux Kernel. The upgrade has provided Security updates for numerous security vulnerabilities. Rocky Linux Security Update for python-setuptools...

PostgreSQL Vulnerable to Privileged Execution of Arbitrary SQL due to Late Privilege Drop in 'REFRESH MATERIALIZED VIEW CONCURRENTLY'

An authenticated attacker that has created a materialized view could run arbitrary SQL commands on a PostgreSQL server if a victim runs REFRESH MATERIALIZED VIEW CONCURRENTLY on the attacker's view. If the victim is a superuser this could result in full compromise of the PostgreSQL server...

Multiple CURL vulnerabilities in Brocade SANnav OVA deployments before SANnav 2.3.1b

Multiple CURL vulnerabilities Curl 7.44.0 8.7.0 vulnerabilities CVE-2024-2398, CVE-2024-2466, CVE-2024-2004 & CVE-2024-0853 Curl 7.44.0 8.7.0 HTTP/2 Push Headers Memory-leak CVE-2024-2398 Curl 7.85.0 8.7.0 Input Misinterpretation CVE-2024-2004 Curl 7.85.0 8.7.0 Input Misinterpretation CVE-2024-20...

Oracle Critical Patch Update Advisory -- July 2024

CVE-ID Component Base Score CVE-2024-21131 Hotspot 3.7 CVE-2024-21138 Hotspot 3.7 CVE-2024-21140 Hotspot 4.8 CVE-2024-21145 2D 4.8 CVE-2024-21147 Hotspot 7.4 CVE-2024-27983 Oracle GrallVM for JDK 8.2 More details can be found at https://www.oracle.com/security-alerts/cpujul2024.html...

Stack overflow vulnerability in ash.c:6030 in busybox before 1.35 can be executed from command to arbitrary code execution.

BusyBox is vulnerable to memory corruption due to improper validation of user-supplied input. An attacker could exploit this to corrupt memory by tricking a victim into processing a crafted file to cause a stack-based buffer overflow. Further impacts may include serious confidentiality, integrity...

Security Advisory Ivanti Connect Secure (ICS), Ivanti Policy Secure (IPS), Ivanti Secure Access Client (ISAC) (Multiple CVEs)

Brocade Security Team has become aware of CVEs for Ivanti Connect Secure ICS,Ivanti Policy Secure IPS and Ivanti Secure Access Client ISAC. Vulnerability Details CVE Number| Description| CVSS Score Severity| CVSS Vector| CWE| Impacted Products ---|---|---|---|---|--- CVE-2024-47905| A stack-based...

Linux kernel vulnerabilities CVE-2024-41090 and CVE-2024-41091

Brocade Security has investigated the two CVEs below related to Linux Kernel. CVE-2024-41090 Description In the Linux kernel, the following vulnerability has been resolved: tap: add missing verification for short frame The cited commit missed to check against the validity of the frame length in t...

Brocade ASCG Vulnerability Disclosures

Brocade Security Advisories posted on May 19, 2026 CVE addressed in ASCG 3.4.0a CVE-2024-24785, CVE-2025-61729, CVE-2025-65637 Security updated provided in Brocade ASCG 3.4.0b for container-tools PSIRT Risk: Medium https://support.broadcom.com/external/content/SecurityAdvisories/0/37500...

Brocade Fabric OS (8.2.3x Release) Vulnerability Disclosures

Brocade Security Advisories==================================================Previously disclosed Brocade Security Advisories in 8.2.3x releases CVEs addressed in FOS v8.2.3e1 CVE-2024-5461 Command or parameter injection via unique embedded switch SNMP commands PSIRT Risk:...

Docker Security Advisory: AuthZ Plugin Bypass Regression in Docker Engine (CVE-2024-41110)

Brocade Security Team has become aware that Certain versions of Docker Engine have a security vulnerability that could allow an attacker to bypass authorization plugins AuthZ under specific circumstances. The base likelihood of this being exploited is low. Detail Docker’s default authorization...

Apache Struts: Mixing setters for uploaded files and normal fields can allow bypass file upload checks (CVE-2024-53677)

Brocade Security Team has become aware of a critical Remote Code Execution affecting Apache Struts. Detail An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code...

OS command injection vulnerability in OpenSSH (CVE-2023-51385)

In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or...

OpenJDK Vulnerability Advisory - April 2024

OpenJDK is affected by multiple vulnerabilities. Affected CVEs CVE-2024-21094 CVE-2024-21085 CVE-2024-21011 CVE-2024-21012 CVE-2023-41993 CVE-2024-21003 CVE-2024-21005 CVE-2024-21002 CVE-2024-21004 More information is available at: https://openjdk.org/groups/vulnerability/advisories/2024-04-16...

Brocade Fabric OS before 9.2.2 does not enforce strict host key checking

A vulnerability in Brocade Fabric OS versions before 9.2.2 could allow man-in-the-middle attackers to conduct remote Service Session Hijacking that may arise from the attacker's ability to forge an SSH key while the Brocade Fabric OS Switch is performing various remote operations initiated by a...