11 matches found
CVE-2020-1927
CVE-2020-1927 affects Apache HTTP Server 2.4.0–2.4.41, where mod_rewrite redirects intended to be self-referential could be fooled by encoded newlines and redirect to an unexpected URL within the request. Multiple connected advisories confirm the issue and indicate that fixes were released in Apa...
CVE-2020-12243
CVE-2020-12243 affects OpenLDAP’s slapd in filter.c, where LDAP search filters with nested boolean expressions can cause a denial-of-service (daemon crash). Public advisories note fixes by upgrading OpenLDAP to newer releases (e.g., 2.4.50+; related entries reference 2.4.58 in a CloudLinux adviso...
CVE-2021-23133
CVE-2021-23133 is a race condition in the Linux kernel SCTP sockets (net/sctp/socket.c) prior to 5.12-rc8. If sctp_destroy_sock executes without sock_net(sk)->sctp.addr_wq_lock, an element is removed from the auto_asconf_splist list without proper locking, enabling a local attacker with networ...
CVE-2020-35507
CVE-2020-35507 (binutils) concerns a NULL pointer dereference in bfd_pef_parse_function_stubs in bfd/pef.c when processing crafted files with objdump, affecting versions prior to 2.34. This is a Binutils issue that can impact availability. The Astra Linux security bulletin mirrors this flaw and c...
CVE-2023-31928
CVE-2023-31928 describes a reflected XSS in Brocade Webtools PortSetting.html of Brocade Fabric OS prior to v9.2.0. An unauthenticated remote attacker could execute arbitrary JavaScript in a target user’s Webtools session. Affected: Fabric OS with Webtools before 9.2.0. Impact: cross-site scripti...
CVE-2023-31927
CVE-2023-31927 describes an information disclosure in the web interface of Brocade Fabric OS. A remote, unauthenticated attacker could obtain technical details about the web interface on affected devices. Affected versions are Brocade Fabric OS prior to v9.2.0 and prior to v9.1.1c. Remediation av...
CVE-2023-31428
CVE-2023-31428 details (Brocade Fabric OS) : A command-line vulnerability affects Brocade Fabric OS prior to 9.1.1c and 9.2.0, enabling a local attacker to dump files from the user’s home directory via grep. The vulnerability, described across multiple sources (NVD/NCSC/Red Hat Red Hat CVE entry)...
CVE-2023-31430
CVE-2023-31430 describes a buffer overflow in the Brocade Fabric OS CLI command “secpolicydelete.” An authenticated privileged user can trigger a crash of the Fabric OS switch, resulting in a denial of service. The issue affects Brocade Fabric OS before versions 9.1.1c and 9.2.0. The available co...
CVE-2023-31431
CVE-2023-31431 describes a buffer overflow in the Brocade Fabric OS (FOS) diagstatus command. The issue could allow an authenticated user to crash the Brocade Fabric OS switch, resulting in a denial of service. Affected products are Brocade Fabric OS versions prior to v9.2.0 and prior to v9.1.1c....
CVE-2023-31926
CVE-2023-31926 affects Brocade Fabric OS: arbitrary file overwrite via the less command in affected OS versions. The vulnerability arises in system file handling and can overwrite critical files when using less on vulnerable releases. Affected products/versions include Brocade Fabric OS prior to ...
CVE-2023-31432
CVE-2023-31432 enables local privilege escalation in Brocade Fabric OS by abusing commands such as portcfgupload, configupload, license, and myid. The affected product is Brocade Fabric OS (FOS) prior to versions 9.1.1c and 9.2.0, where a non-privileged user could obtain root privileges through m...