Lucene search
+L
BroadcomBrocade Fabric Operating System Firmware

26 matches found

CVE
CVE
added 2021/09/16 2:40 p.m.4733 views

CVE-2021-40438

CVE-2021-40438 is an SSRF flaw in Apache HTTP Server 2.4.x through older revisions where a crafted request URI path can cause mod_proxy to forward the request to an origin server chosen by the remote user. The issue affects Apache httpd 2.4.48 and earlier; the CVSSv3.1 base score is 9.0 (CRITICAL...

9CVSS9.5AI score0.99999EPSS
In wild
CVE
CVE
added 2021/09/16 2:40 p.m.2033 views

CVE-2021-34798

CVE-2021-34798 is a vulnerability in Apache HTTP Server where malformed requests may cause a NULL pointer dereference in the httpd core. The issue affects Apache HTTP Server 2.4.48 and earlier, and the resulting crash can lead to a Denial of Service. Multiple connected advisories confirm the same...

7.5CVSS8.8AI score0.64509EPSS
CVE
CVE
added 2021/09/16 2:40 p.m.1525 views

CVE-2021-36160

CVE-2021-36160 affects Apache HTTP Server mod_proxy_uwsgi. A crafted request URI-path can cause mod_proxy_uwsgi to read beyond allocated memory, triggering a DoS. The issue is reported for Apache httpd versions 2.4.30–2.4.48. Public sources in connected documents corroborate the impact as an out-...

7.5CVSS8.5AI score0.62887EPSS
In wild
CVE
CVE
added 2022/03/23 7:46 p.m.905 views

CVE-2021-4197

CVE-2021-4197 is a Linux kernel vulnerability in the cgroup process migration permission checks. A local attacker could escalate privileges due to incorrect permission validation for cgroup-associated processes (affecting both cgroup v1 and v2). The issue is described across multiple sources as a...

7.8CVSS7.9AI score0.00541EPSS
CVE
CVE
added 2020/02/06 12:6 a.m.528 views

CVE-2020-8648

CVE-2020-8648 is a use-after-free in the Linux kernel’s n_tty_receive_buf_common function (drivers/tty/n_tty.c), affecting kernel builds up to 5.5.2. It is a local vulnerability; exploitation could crash the kernel (DoS), with CVSS notes indicating local access and high impact on availability. Co...

7.1CVSS7AI score0.00661EPSS
CVE
CVE
added 2021/02/15 4:27 p.m.512 views

CVE-2021-27219

GLib’s g_bytes_new has an integer overflow on 64-bit platforms due to an implicit cast from 64-bit to 32-bit, affecting GNOME GLib up to 2.66.6 and 2.67.x up to 2.67.3. This can lead to memory corruption. Concrete impact is described across multiple advisories (glib2.0) and vendor bulletins; miti...

7.5CVSS7.7AI score0.02993EPSS
CVE
CVE
added 2019/11/18 5:24 a.m.451 views

CVE-2019-19063

Concretely affected software: Linux kernel realtek rtlwifi USB driver (rtl_usb_probe in drivers/net/wireless/realtek/rtlwifi/usb.c). Root cause: two memory leaks in rtl_usb_probe() leading to memory exhaustion. Impact: potential denial of service due to unbounded memory consumption (through 5.3.1...

4.9CVSS6.5AI score0.00897EPSS
CVE
CVE
added 2019/11/18 5:24 a.m.410 views

CVE-2019-19060

CVE-2019-19060 is a memory-leak vulnerability in the Linux kernel (discovered in adis_buffer.c: adis_update_scan_mode()) that can lead to memory exhaustion and DoS. Affected: Linux kernel versions before 5.3.9 (drivers/iio/imu/adis_buffer.c). Exploitation details are not provided in the documents...

7.8CVSS7.5AI score0.03755EPSS
CVE
CVE
added 2021/02/15 4:27 p.m.394 views

CVE-2021-27218

CVE-2021-27218 concerns GNOME GLib. On 64-bit platforms, if g_byte_array_new_take() is called with a buffer of 4GB or more, the length is truncated modulo 2**32, causing unintended length truncation. Affected: GLib before 2.66.7 and 2.67.x before 2.67.4. Impact is described as length miscalculati...

7.5CVSS7.7AI score0.0408EPSS
CVE
CVE
added 2021/03/11 9:4 p.m.369 views

CVE-2021-28153

GLib/GNOME GLib before 2.66.8 is affected by CVE-2021-28153: when g_file_replace() is used with G_FILE_CREATE_REPLACE_DESTINATION to replace a path that is a dangling symlink, it may create the target as an empty file. This behavior could be security-relevant if the symlink is attacker-controlled...

5.3CVSS5.6AI score0.02622EPSS
CVE
CVE
added 2020/11/23 8:8 p.m.358 views

CVE-2020-15436

The CVE-2020-15436 entry is confirmed by connected sources as a Linux kernel local-use-after-free vulnerability in fs/block_dev.c (pre-5.8). It enables a local attacker to gain elevated privileges or cause a denial of service by abusing improper access to a particular error field. The Linux kerne...

7.2CVSS6.9AI score0.00928EPSS
CVE
CVE
added 2019/11/18 5:23 a.m.348 views

CVE-2019-19052

CVE-2019-19052 is a memory-leak vulnerability in the Linux kernel, specifically in drivers/net/can/usb/gs_usb.c within the gs_can_open() function. The issue allows a denial of service through memory consumption when usb_submit_urb() fails, affecting the kernel up to version before 5.3.11. The rea...

7.8CVSS7.5AI score0.05376EPSS
CVE
CVE
added 2023/03/30 12:0 a.m.328 views

CVE-2023-27534

CVE-2023-27534 affects curl’s SFTP path handling in versions before 8.0.0, where tilde (~) processing can be misapplied when prefixing the first path element (e.g., /~2/foo). This can allow bypassing filters or potentially enable arbitrary code access on a targeted server; the issue is tied to th...

8.8CVSS8.8AI score0.02195EPSS
Web
CVE
CVE
added 2019/11/18 5:23 a.m.289 views

CVE-2019-19054

CVE-2019-19054: A memory leak in the Linux kernel cx23888_ir_probe() function (drivers/media/pci/cx23885/cx23888-ir.c) through version 5.3.11 can lead to denial of service via memory consumption when kfifo_alloc() fails. Connected Nessus advisories (UNITY_LINUX_UTSA-2026-004170 and related entrie...

4.7CVSS6.2AI score0.00446EPSS
CVE
CVE
added 2019/11/18 5:23 a.m.263 views

CVE-2019-19057

CVE-2019-19057 affects the Linux kernel mwifiex PCIe wireless driver (drivers/net/wireless/marvell/mwifiex/pcie.c). Two memory leaks in mwifiex_pcie_init_evt_ring() can occur through failures in mwifiex_map_pci_memory(), allowing a local attacker to trigger memory consumption and a denial of serv...

3.3CVSS6.1AI score0.00788EPSS
CVE
CVE
added 2021/03/26 4:47 p.m.221 views

CVE-2021-20197

CVE-2021-20197 is a local race-condition vulnerability in GNU Binutils (affecting ar, objcopy, strip, ranlib) up to version 2.35. An unprivileged user can exploit a symlink-based race window when these tools run as a privileged user to gain ownership of arbitrary files. The provided documents con...

6.3CVSS6.3AI score0.00304EPSS
CVE
CVE
added 2023/03/30 12:0 a.m.220 views

CVE-2023-27538

CVE-2023-27538 affects libcurl/curl (curl/libcurl) and related packages. The issue is an authentication bypass in libcurl prior to v8.0.0 where a previously established SSH connection could be reused despite an SSH option change, due to two SSH settings being omitted from the configuration match,...

7.7CVSS7.1AI score0.01162EPSS
CVE
CVE
added 2019/11/18 5:24 a.m.205 views

CVE-2019-19061

CVE-2019-19061 is tied to a memory leak in the Linux kernel’s ADIS16400 IIO IMU driver: adis_update_scan_mode_burst() in drivers/iio/imu/adis_buffer.c before 5.3.9. The issue can cause denial of service via memory exhaustion. Affected component: Linux kernel (ADIS16400 IIO IMU driver). Root cause...

7.8CVSS6.7AI score0.03255EPSS
CVE
CVE
added 2021/04/29 3:3 a.m.191 views

CVE-2021-31879

CVE-2021-31879 affects GNU Wget by not omitting the Authorization header when redirecting to a different origin. Public details show: upstream GNU Wget up to 1.21.1 is vulnerable; Alpine Linux advisories indicate wget older than 1.21.2-1 are affected and that upgrading resolves the issue; other e...

6.1CVSS7.8AI score0.01104EPSS
CVE
CVE
added 2021/01/04 2:24 p.m.154 views

CVE-2020-35496

CVE-2020-35496 describes a vulnerability in binutils’ bfd_pef_scan_start_address() that could trigger a NULL pointer dereference when processing a crafted file with the BFD/PEF code, impacting affected binutils versions prior to 2.34. The issue arises from a flaw in how the function handles dwarf...

5.5CVSS5.5AI score0.01141EPSS
CVE
CVE
added 2021/01/04 2:22 p.m.153 views

CVE-2020-35493

CVE-2020-35493 is a Binutils vulnerability in bfd/pef.c that can cause a heap-based buffer overflow and an out-of-bounds read, potentially impacting availability. It affects binutils versions prior to 2.34. Remediation: upgrade Binutils to version 2.34 or newer (or apply vendor-specific patches i...

5.5CVSS5.8AI score0.01129EPSS
CVE
CVE
added 2019/11/18 5:23 a.m.142 views

CVE-2019-19053

CVE-2019-19053 affects the Linux kernel (through 5.3.11). A memory leak in the function rpmsg_eptdev_write_iter() (drivers/rpmsg/rpmsg_char.c) can be triggered when copy_from_iter_full() fails, leading to a denial of service via memory consumption. The connected Nessus entries (Unity Linux UTSA a...

7.8CVSS7.5AI score0.03286EPSS
CVE
CVE
added 2023/03/30 12:0 a.m.139 views

CVE-2023-27537

CVE-2023-27537 is a double‑free vulnerability in libcurl

5.9CVSS5.7AI score0.01856EPSS
CVE
CVE
added 2019/11/18 5:23 a.m.131 views

CVE-2019-19044

CVE-2019-19044 affects the Linux kernel prior to 5.3.11, via two memory leaks in v3d_submit_cl_ioctl() in drivers/gpu/drm/v3d/v3d_gem.c. The leaks can cause memory exhaustion and denial of service when kcalloc() or v3d_job_init() fail. The issue is addressed by upgrading to kernel 5.3.11 or apply...

7.8CVSS7AI score0.04146EPSS
CVE
CVE
added 2021/01/04 2:23 p.m.120 views

CVE-2020-35494

CVE-2020-35494 targets GNU Binutils: a flaw in /opcodes/tic4x-dis.c can cause a denial of service via processing crafted input, due to use of uninitialized memory. Affected are binutils versions prior to 2.34. Impact is availability (partial confidentiality/none integrity per description). The co...

6.1CVSS6AI score0.01074EPSS
CVE
CVE
added 2021/01/04 2:23 p.m.117 views

CVE-2020-35495

CVE-2020-35495 is a null pointer dereference in binutils/bfd/pef.c (bfd_pef_parse_symbols) triggered by specially crafted input processed by objdump. It affects Binutils prior to 2.34 and can impact availability via crash. Remediation is upgrading to a newer Binutils version; IBM/Netezza advisori...

5.5CVSS5.5AI score0.01156EPSS