Filtered by vendor Broadcom
Subscriptions
Total
552 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-40438 | 10 Apache, Broadcom, Debian and 7 more | 25 Http Server, Brocade Fabric Operating System Firmware, Debian Linux and 22 more | 2025-03-21 | 9 Critical |
| A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier. | ||||
| CVE-2024-2859 | 1 Broadcom | 1 Brocade Sannav | 2025-03-19 | 6.8 Medium |
| By default, SANnav OVA is shipped with root user login enabled. While protected by a password, access to root could expose SANnav to a remote attacker should they gain access to the root account. | ||||
| CVE-2024-3596 | 5 Broadcom, Freeradius, Ietf and 2 more | 12 Brocade Sannav, Fabric Operating System, Freeradius and 9 more | 2025-03-18 | 9 Critical |
| RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature. | ||||
| CVE-2024-37079 | 2 Broadcom, Vmware | 4 Vmware Cloud Foundation, Vmware Vcenter Server, Cloud Foundation and 1 more | 2025-03-14 | 9.8 Critical |
| vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution. | ||||
| CVE-2023-27785 | 1 Broadcom | 1 Tcpreplay | 2025-02-26 | 7.5 High |
| An issue found in TCPreplay TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the parse endpoints function. | ||||
| CVE-2023-27784 | 1 Broadcom | 1 Tcpreplay | 2025-02-26 | 7.5 High |
| An issue found in TCPReplay v.4.4.3 allows a remote attacker to cause a denial of service via the read_hexstring function at the utils.c:309 endpoint. | ||||
| CVE-2023-27783 | 1 Broadcom | 1 Tcpreplay | 2025-02-26 | 7.5 High |
| An issue found in TCPreplay tcprewrite v.4.4.3 allows a remote attacker to cause a denial of service via the tcpedit_dlt_cleanup function at plugins/dlt_plugins.c. | ||||
| CVE-2023-27789 | 1 Broadcom | 1 Tcpreplay | 2025-02-26 | 7.5 High |
| An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the cidr2cidr function at the cidr.c:178 endpoint. | ||||
| CVE-2023-27788 | 1 Broadcom | 1 Tcpreplay | 2025-02-26 | 7.5 High |
| An issue found in TCPrewrite v.4.4.3 allows a remote attacker to cause a denial of service via the ports2PORT function at the portmap.c:69 endpoint. | ||||
| CVE-2023-27787 | 1 Broadcom | 1 Tcpreplay | 2025-02-26 | 7.5 High |
| An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the parse_list function at the list.c:81 endpoint. | ||||
| CVE-2023-27786 | 1 Broadcom | 1 Tcpreplay | 2025-02-26 | 7.5 High |
| An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the macinstring function. | ||||
| CVE-2021-27798 | 1 Broadcom | 1 Fabric Operating System | 2025-02-15 | 5.5 Medium |
| A vulnerability in Brocade Fabric OS versions 7.4.1b and 7.3.1d could allow local users to conduct privileged directory transversal. Brocade Fabric OS versions 7.4.1.x and 7.3.x have reached end of life. Brocade Fabric OS Users should upgrade to supported versions as described in the Product End-of-Life published report. | ||||
| CVE-2023-5973 | 1 Broadcom | 1 Fabric Operating System | 2025-02-13 | 4.3 Medium |
| Brocade Web Interface in Brocade Fabric OS v9.x and before v9.2.0 does not properly represent the portName to the user if the portName contains reserved characters. This could allow an authenticated user to alter the UI of the Brocade Switch and change ports display. | ||||
| CVE-2023-4163 | 1 Broadcom | 1 Fabric Operating System | 2025-02-13 | 4.4 Medium |
| In Brocade Fabric OS before v9.2.0a, a local authenticated privileged user can trigger a buffer overflow condition, leading to a kernel panic with large input to buffers in the portcfgfportbuffers command. | ||||
| CVE-2023-3489 | 1 Broadcom | 1 Fabric Operating System | 2025-02-13 | 8.6 High |
| The firmwaredownload command on Brocade Fabric OS v9.2.0 could log the FTP/SFTP/SCP server password in clear text in the SupportSave file when performing a downgrade from Fabric OS v9.2.0 to any earlier version of Fabric OS. | ||||
| CVE-2023-3454 | 1 Broadcom | 1 Fabric Operating System | 2025-02-13 | 8.6 High |
| Remote code execution (RCE) vulnerability in Brocade Fabric OS after v9.0 and before v9.2.0 could allow an attacker to execute arbitrary code and use this to gain root access to the Brocade switch. | ||||
| CVE-2023-31928 | 1 Broadcom | 1 Brocade Fabric Operating System | 2025-02-13 | 6.3 Medium |
| A reflected cross-site scripting (XSS) vulnerability exists in Brocade Webtools PortSetting.html of Brocade Fabric OS version before Brocade Fabric OS v9.2.0 that could allow a remote unauthenticated attacker to execute arbitrary JavaScript code in a target user’s session with the Brocade Webtools application. | ||||
| CVE-2023-31927 | 1 Broadcom | 1 Brocade Fabric Operating System | 2025-02-13 | 5.3 Medium |
| An information disclosure in the web interface of Brocade Fabric OS versions before Brocade Fabric OS v9.2.0 and v9.1.1c, could allow a remote unauthenticated attacker to get technical details about the web interface. | ||||
| CVE-2023-31926 | 1 Broadcom | 1 Brocade Fabric Operating System | 2025-02-13 | 7.1 High |
| System files could be overwritten using the less command in Brocade Fabric OS before Brocade Fabric OS v9.1.1c and v9.2.0. | ||||
| CVE-2023-31432 | 1 Broadcom | 1 Brocade Fabric Operating System | 2025-02-13 | 7.8 High |
| Through manipulation of passwords or other variables, using commands such as portcfgupload, configupload, license, myid, a non-privileged user could obtain root privileges in Brocade Fabric OS versions before Brocade Fabric OS v9.1.1c and v9.2.0. | ||||