Broadcom

Brocade Fabric Operating System Firmware

26 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2023-27538

Exploit
  • EPSS 0.01%
  • Veröffentlicht 30.03.2023 20:15:07
  • Zuletzt bearbeitet 09.06.2025 15:15:29

An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previous...

5.9

CVE-2023-27537

Exploit
  • EPSS 0.11%
  • Veröffentlicht 30.03.2023 20:15:07
  • Zuletzt bearbeitet 21.11.2024 07:53:07

A double free vulnerability exists in libcurl <8.0.0 when sharing HSTS data between separate "handles". This sharing was introduced without considerations for do this sharing across separate threads but there was no indication of this fact in the doc...

8.8

CVE-2023-27534

Exploit
  • EPSS 0.18%
  • Veröffentlicht 30.03.2023 20:15:07
  • Zuletzt bearbeitet 23.04.2025 17:16:28

A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path re...

7.8

CVE-2021-4197

  • EPSS 0.01%
  • Veröffentlicht 23.03.2022 20:15:10
  • Zuletzt bearbeitet 21.11.2024 06:37:07

An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent proce...

9

CVE-2021-40438

Warnung
  • EPSS 94.43%
  • Veröffentlicht 16.09.2021 15:15:07
  • Zuletzt bearbeitet 16.05.2025 15:27:13

A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.

7.5

CVE-2021-36160

  • EPSS 4.96%
  • Veröffentlicht 16.09.2021 15:15:07
  • Zuletzt bearbeitet 01.05.2025 15:40:05

A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive).

7.5

CVE-2021-34798

  • EPSS 11.69%
  • Veröffentlicht 16.09.2021 15:15:07
  • Zuletzt bearbeitet 21.11.2024 06:11:13

Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier.

6.1

CVE-2021-31879

  • EPSS 0.11%
  • Veröffentlicht 29.04.2021 05:15:08
  • Zuletzt bearbeitet 21.11.2024 06:06:25

GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007.

6.3

CVE-2021-20197

  • EPSS 0.14%
  • Veröffentlicht 26.03.2021 17:15:12
  • Zuletzt bearbeitet 21.11.2024 05:46:06

There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. When these utilities are run as a privileged user (presumably as part of a script updating binaries acros...

5.3

CVE-2021-28153

Exploit
  • EPSS 0.53%
  • Veröffentlicht 11.03.2021 22:15:12
  • Zuletzt bearbeitet 21.11.2024 05:59:11

An issue was discovered in GNOME GLib before 2.66.8. When g_file_replace() is used with G_FILE_CREATE_REPLACE_DESTINATION to replace a path that is a dangling symlink, it incorrectly also creates the target of the symlink as an empty file, which coul...