An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5

e2fsprogs is vulnerable to memory corruption due to an out-of-bounds access issue when running the e2fsck utility. An attacker could exploit this vulnerability by supplying a system with a maliciously crafted filesystem image...

Checking excessively long DSA keys or parameters may be very slow

OpenSSL contains an unbounded computation flaw when performing checks on excessively large DSA keys or parameters, which could lead to a denial-of-service DoS attack. The OpenSSL pkey, pkeyparam command line apps, and FIPS providers are affected...

Privileged escalation via crafted use of portcfg command

A command injection vulnerability in Brocade Fabric OS before 9.2.0c, and 9.2.1 through 9.2.1a on IP extension platforms could allow a local authenticated attacker to perform a privileged escalation via crafted use of the portcfg command. This specific exploitation is only possible on IP Extensio...

SQLite Vulnerable to Out-of-Bounds Memory Access via Insufficient Input Validation in 'sessionReadRecord' Function of 'Sessions' Extension

SQLite is vulnerable to an out-of-bounds memory access issue due to a lack of sufficient input validation in the sessionReadRecord function. An attacker could submit a crafted input in order to trigger the flaw which could allow for a 1-byte out-of-bounds read to occur which could lead to...

SFTP/FTP password could be captured in plain text in Supportsave generated from SANnav

Brocade Fabric OS versions before 8.2.3e2, versions 9.0.0 through 9.2.0c, and 9.2.1 through 9.2.1a can capture the SFTP/FTP server password used for a firmware download operation initiated by SANnav or through WebEM in a weblinker core dump that is later captured via supportsave. Description The...

close_altfile in filename.c in less before 606 omits shell_quote calls for LESSCLOSE

GNU is vulnerable to command injection due to missing sanitization of filenames when the LESSCLOSE environment variable is set and invoked. This could allow an attacker to execute malicious commands within the privileges of the utility...

The POLY1305 MAC (message authentication code) implementation contains a bug that might corrupt the internal state of applications running on PowerPC CPU based platforms

OpenSSL contains an issue in the POLY1305 MAC message authentication code implementation that might result in a corrupted internal application state. This flaw is only exploitable on PowerPC CPU based platforms if the CPU provides vector instructions PowerISA 2.07. The impact of the corrupted...

OpenSSL is vulnerable to a denial of service, caused by a flaw in the handling of RSA public keys by the EVP_PKEY_public_check() function

OpenSSL is vulnerable to a denial-of-service DoS issue due to how there is no restriction on RSA public key size, or the subsequent time spent processing such keys. Applications that use the EVPPKEYpubliccheck function to check RSA public keys obtained from potentially untrusted sources can be...

The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass

wpasupplicant is vulnerable to authentication bypass due to its implementation of Protected Extensible Authentication Protocol PEAP. An attacker could exploit this in order to trick a victim into connecting to a malicious clone of an Enterprise WiFi network and subsequently intercept their traffi...

A use-after-free vulnerability exists in the Linux kernel's netfilter: nf_tables component

The Linux kernel is vulnerable to memory corruption due to improper error handling within the netfilter functionality. A local attacker could exploit this vulnerability in order to elevate their privileges. A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be...

Oracle Critical Patch Update Advisory - January 2024 (CVE-2024-20952, CVE-2024-20945, CVE-2024-20926, CVE-2024-20921, CVE-2024-20919, CVE-2024-20918)

Brocade SANnav has provided a Security update for the JAVA vulnerabilities below. CVE-2024-20952 CVE-2024-20945 CVE-2024-20926 CVE-2024-20921 CVE-2024-20919 CVE-2024-20918...

Container vulnerabilities in Brocade SANnav docker containers (CVE-2024-23653 & CVE-2024-21626)

Brocade Security is aware of multiple vulnerabilities affecting Brocade SANnav docker container CVE-2024-23653 & CVE-2024-21626. CVE-2024-23653: Interactive containers API does not validate entitlements check. Description: Buildkit GRPC Security Mode privilege check: Build-time container breakout...

GridGain Security update in Brocade SANnav version 2.3.1a (CVE-2023-32732, CVE-2023-34462, CVE-2023-33953, CVE-2023-40167, CVE-2023-36479, CVE-2023-41900, CVE-2022-2048, CVE-2023-26048, CVE-2023-26049)

Brocade has provided a Security update to the following GridGain related CVEs in Brocade SANnav version 2.3.1a. CVE-2023-32732, CVE-2023-34462, CVE-2023-33953, CVE-2023-40167, CVE-2023-36479, CVE-2023-41900, CVE-2022-2048, CVE-2023-26048, CVE-2023-26049 Products Confirmed Not Affected. Brocade...

Azul Zulu Java Multiple Vulnerabilities (2023-10-17). (CVE-2023-22025, CVE-2023-22067, CVE-2023-22081)

The version of Azul Zulu installed on the remote host is prior to 6 6.59.0.14 / 7 7.65.0.14 / 8 8.73.0.12 / 11 11.67.16 / 17 17.45.16 / 21 21.30.16. It is, therefore, affected by multiple vulnerabilities as referenced in the 2023-10-17 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM...

Apache Tomcat - information disclosure (CVE-2023-42795 )

When recycling various internal objects, including the request and the response, prior to re-use by the next request/response, an error could cause Tomcat to skip some parts of the recycling process leading to information leaking from the current request/response to the next...

By registering a domain for which they control the authoritative nameservers, an attacker could arrange for a compromised container (CVE-2024-29018)

github.com/docker/docker/libnetwork is a package that provides a native Go implementation for connecting containers Affected versions of this package are vulnerable to Improper Control of a Resource Through its Lifetime, allowing DNS requests from internal networks to be forwarded to an external...

PostgreSQL Memory disclosure in aggregate function calls (CVE-2023-5868)

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

Buffer overrun from integer overflow in array modification (CVE-2023-5869)

A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing...

Brocade SANnav Vulnerability Disclosures

Brocade Security Advisories posted on March 3, 2026 CVEs addressed in SANnav 3.0.0 CVE-2025-53905, CVE-2025-53906 Path traversal issues in Vims tar.vim and zip.vim plugins PSIRT Risk: Low https://support.broadcom.com/external/content/SecurityAdvisories/0/37152 CVE-2025-26465 OpenSSH security upda...

Vulnerabilities in the OpenPrinting Common Unix Printing System (CUPS) on Linux systems (CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, CVE-2024-47177)

OpenPrinting CUPS is the most current version of CUPS, a standards-based, open source printing system for Linux® and other Unix®-like operating systems. Several security vulnerabilities have been disclosed in the OpenPrinting Common Unix Printing System CUPS on Linux systems that could permit...

Brocade Fabric OS (10.x and 9.2.x Releases) Vulnerability Disclosures

Brocade Security Advisories posted on March 3, 2026 CVE addressed in FOS 10.0.0 CVE-2025-26465 OpenSSH security update for CVE-2025-26465 PSIRT Risk: Low for FOS https://support.broadcom.com/external/content/SecurityAdvisories/0/37134 CVEs previously addressed in FOS 9.2.2 CVE-2025-228871,...

Blast-RADIUS is a vulnerability that affects the RADIUS protocol (CVE-2024-3596)

A vulnerability in the verification of RADIUS Response from a RADIUS server has been disclosed by a team of researchers from UC San Diego and their partners. An attacker, with access to the network where the RADIUS protocol is being transmitted, can spoof a UDP-based RADIUS Response packet to...

Multiple CVEs identified by vulnerability scanning tools addressed via Brocade ASCG v3.1.0

ASCG v3.1.0 utilizes Rocky Linux version 8.10, addressing a number of potential security vulnerabilities. A complete list of CVEs reported by Rocky Linux as being addressed in this update are provided in the ASCG v3.1.0 Release Notes. In addition, a number of CVEs identified via internal security...

Multiple Vulnerabilities within libexpat (CVE-2018-20843, CVE-2019-15903, CVE-2021-46143, CVE-2022-22825, CVE-2022-23990)

Summary CVE-2018-20843 In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing enough to be usable for denial-of-service attacks. Base CVSS score: 7.5...

SNMP passwords in clear text if password encryption is not configured. (CVE-2024-5462)

If Brocade Fabric OS before Fabric OS 9.2.0 configuration settings are not set to encrypt SNMP passwords, then the SNMP privsecret / authsecret fields can be exposed in plaintext. The plaintext passwords can be exposed in a configupload capture or a supportsave capture if encryption of passwords ...

Command or parameter injection via unique embedded switch SNMP commands (CVE-2024-5461)

Implementation of the Simple Network Management Protocol SNMP operating on the Brocade 6547 FC5022 embedded switch blade, makes internal script calls to system.sh from within the SNMP binary. An authenticated attacker could perform command or parameter injection on SNMP operations that are only...

Multiple Vulnerabilities within libxml2 (CVE-2020-24977, CVE-2021-3517, CVE-2021-3518, CVE-2021-3537, CVE-2023-29469, CVE-2023-28484, CVE-2022-40303, CVE-2022-40304, CVE-2021-3541)

: Brocade Fibre Channels products are affected by multiple Libxml2 vulnerabilities Brocade Fibre Channels products are affected by multiple Libxml2 vulnerabilities CVE-2020-24977 GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at...

Azul Zulu OpenJDK is affected by multiple vulnerabilities.(2024-04-16).

Azul Zulu multiple vulnerabilities as referenced in the 2024-04-16 advisory. Affected CVEs CVE-2023-41993, CVE-2024-21002, CVE-2024-21004, CVE-2024-21003, CVE-2024-21005, CVE-2024-21011, CVE-2024-21012, CVE-2024-21068, CVE-2024-21085, CVE-2024-21094 CVE | Component| Base Score ---|---|---...

CVE-2024-6387: Remote Unauthorized Code Execution Vulnerability in openSSH server (regreSSHion)

OpenSSH contains a remote code execution RCE vulnerability, exploitable by an unauthenticated attacker through a race condition. Successful exploitation can allow for the remote execution of arbitrary code. Note: This flaw has been demonstrated to be exploitable remotely on glibc-based Linux...

Azul Zulu Java Multiple Vulnerabilities (2023-04-18)

CVE-2023-21930 CVSS 3.1 Base Score 7.4 CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N CVE-2023-21937 CVSS 3.1 Base Score 3.7 CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N CVE-2023-21938 CVSS 3.1 Base Score 3.7 CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N...

Oracle Java SE Multiple Vulnerabilities (April 2023 CPU)

CVE-2023-21930 CVSS 3.1 Base Score 7.4 CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N CVE-2023-21937 CVSS 3.1 Base Score 3.7 CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N CVE-2023-21938 CVSS 3.1 Base Score 3.7 CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N...

Multiple CVEs identified by vulnerability scanning tools in Brocade ASCG

Secuirty updates provided with latest patch update: Security Update| CVEID ---|--- General remote services| CVE-2014-8730,CVE-2015-3642 binutils RLSA-2023:6236| CVE-2022-4285 open-vm-tools RLSA-2023:7265| CVE-2023-34058,CVE-2023-34059 container-tools RLSA-2023:7202| CVE-2023-29406 procps-ng...

Fabric OS versions prior to v9.0 have default community strings (CVE-2024-5460)

A vulnerability in the default configuration of the Simple Network Management Protocol SNMP feature of Brocade Fabric OS versions before v9.0.0 could allow an authenticated, remote attacker to read data from an affected device via SNMP. The vulnerability is due to hard-coded, default community...

Spring Framework URL Parsing with Host Validation (CVE-2024-22243)

Applications that useUriComponentsBuilderto parse an externally provided URL e.g. through a query parameterAND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect attack or to a SSRF attack if the URL is used after passing validation checks. More at:...

Oracle Java SE Multiple Vulnerabilities (January 2024)

Oracle Java SE Multiple Vulnerabilities January 2024 CVE-2024-20918 CVSS 3.1 Base Score 7.4 CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N. CVE-2024-20952 CVSS 3.1 Base Score 7.4 CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N. CVE-2024-20919 CVSS 3.1 Base Score 5.9 CVSS...

Deserialization of Untrusted Data affecting org.apache.sshd:sshd-common package (CVE-2022-45047)

Class org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider in Apache MINA SSHD = 2.9.1 uses Java deserialization to load a serialized java.security.PrivateKey. The class is one of several implementations that an implementor using Apache MINA SSHD can choose for loading the host keys ...

The Postgres implementation in Brocade SANnav versions before 2.3.0a is vulnerable to an incorrect local authentication flaw (CVE-2024-2860)

The Postgres implementation in Brocade SANnav versions before 2.3.0a is vulnerable to an incorrect local authentication flaw. An attacker with access to the VM where the Brocade SANnav is installed can gain access to sensitive data inside the Postgres database...

Statement on Jetty vulnerabilities in Brocade SANav

A Security Researcher performing penetration testing raises CVEs in the Jetty version used by Brocade SANnav v2.1.1. Brocade Statement All supported versions of Brocade SANnav do not directly use Jetty. The code is present within some versions of the SANnav product as it is contained within other...

password management API prints sensitive information in log files (CVE-2024-29954)

A vulnerability in a password management API in Brocade Fabric OS versions before v9.2.1, v9.2.0b, v9.1.1d, and v8.2.3e prints sensitive information in log files. This could allow an authenticated user to view the server passwords for protocols such as scp and sftp. Detail. When the...

Encoded session passwords on session storage for Virtual Fabric platforms.(CVE-2024-29953)

A vulnerability in the web interface in Brocade Fabric OS before v9.2.1, v9.2.0b, and v9.1.1d prints encoded session passwords on session storage for Virtual Fabric platforms. This could allow an authenticated user to view other users' session encoded passwords...

Security update provided in Brocade SANnav 2.3.0a and 2.3.1

Dear Brocade Customer: This Advisory aims to inform you of the security updates provided in Brocade SANnav 2.3.0a and 2.3.1. Please review the recently posted security advisories listed here: Newly created Brocade CVEs https://support.broadcom.com/external/content/SecurityAdvisories/0/23236...

Security updates provided in Brocade Fabric OS v9.2.1, v9.2.0b, v9.1.1d, v8.2.3e

Dear Brocade Customer: This Advisory aims to inform you of Brocade Fabric OS Security updates in Brocade Fabric OS OS v9.2.1, v9.2.0b, v9.1.1d, v8.2.3e. Please review the recently posted security advisories listed here: Newly created Brocade CVEs...

Insecure sannav access using undocumented Brocade SANnav user "sannav" (no CVE)

An external researcher made a claim that an undocumented "sannav" user with a default password existed in Brocade SANnav OVA v2.1.1 Brocade Response The "sannav" user is documented in the Brocade® SANnav™ Management Portal Installation and Migration Guide, 2.1.1x...

Protection mechanisms (CVE-2024-4159)

Brocade SANnav before v2.3.0a lacks protection mechanisms on port 2377/TCP and 7946/TCP, which could allow an unauthenticated attacker to sniff the SANnav Docker information...

Brocade SANnav exposes Kafka in the wan interface (CVE-2024-4173)

Brocade SANnav ports used by Kafka are open for the entire wan vs being limited to only the FabricOS switches discovered by the SANnav. Additionally, in Brocade SANnav versions priorto version v2.2.0, the Kafka process is started as a root user using defaultcredentials. The vulnerability could...

HTTPS configuration between Brocade SANnav Management Portal and Brocade SAN switches (no CVE)

A security researcher reported a lack of encryption in Brocade SANnav for management protocol HTTP. The researcher states: By default, the appliance can be installed with these options: To configure HTTP or HTTPS connections between SANnav Management Portal and SAN switches, select one of the...

Syslog traffic sent in clear-text (CVE-2024-4161)

In Brocade SANnav, before Brocade SANnav v2.3.0, syslog traffic was received in clear text. This could allow an unauthenticated, remote attacker to capture sensitive information...

Insecure file permission setting that makes files world-readable (CVE-2024-29962).

Brocade SANnav OVA before v2.3.1 and v2.3.0a have an insecure file permission setting that makes files world-readable. This could allow a local user without the required privileges to access sensitive information or a Java binary...

Identical SSH keys utilized inside the OVA image (CVE-2024-29960)

In Brocade SANnav server before v2.3.1 and v2.3.0a, the SSH keys inside the OVA image are identical in the VM every time SANnav is installed. Any Brocade SAnnav VM based on the official OVA images is vulnerable to MITM over SSH. An attacker can decrypt and compromise the SSH traffic to the SANnav...

SANnav encrypted key in PostgreSQL startup logs (CVE-2024-29955)

A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a could allow a privileged user to print the SANnav encrypted key in PostgreSQL startup logs. This could provide attackers with an additional, less-protected path to acquiring the encryption key...