Latest broadcom brocade fabric operating system firmware Vulnerabilities

CVE-2023-27537
A double free vulnerability exists in libcurl <8.0.0 when sharing HSTS data between separate "handles". This sharing was introduced without considerations for do this sharing across separate threads b...
IBM IBM® Engineering Requirements Management DOORS<=9.7.2.7
IBM IBM® Engineering Requirements Management DOORS Web Access<=9.7.2.7
Haxx Libcurl=7.88.0
Haxx Libcurl=7.88.1
Netapp Active Iq Unified Manager Vmware Vsphere
NetApp Clustered Data ONTAP=9.0
and 20 more
CVE-2023-27538
An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have pre...
redhat/curl<8.0.0
IBM IBM® Engineering Requirements Management DOORS<=9.7.2.7
IBM IBM® Engineering Requirements Management DOORS Web Access<=9.7.2.7
Haxx Libcurl>=7.16.1<8.0.0
Fedoraproject Fedora=36
Debian Debian Linux=10.0
and 22 more
CVE-2023-27534
A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its inten...
redhat/curl<8.0.0
IBM IBM® Engineering Requirements Management DOORS<=9.7.2.7
IBM IBM® Engineering Requirements Management DOORS Web Access<=9.7.2.7
Haxx Curl>=7.18.0<=7.88.1
Fedoraproject Fedora=36
Netapp Active Iq Unified Manager Vmware Vsphere
and 20 more
CVE-2021-36160
A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive).
redhat/httpd<2.4.49
redhat/jbcs-httpd24-httpd<0:2.4.51-28.el8
redhat/jbcs-httpd24-httpd<0:2.4.51-28.el7
redhat/httpd24-httpd<0:2.4.34-23.el7.5
debian/apache2
debian/uwsgi<=2.0.18-1<=2.0.19.1-7.1<=2.0.21-5.1<=2.0.22-4
and 20 more
CVE-2021-34798
Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier.
redhat/jbcs-httpd24-apr<0:1.6.3-107.el8
redhat/jbcs-httpd24-apr-util<0:1.6.1-84.el8
redhat/jbcs-httpd24-curl<0:7.78.0-2.el8
redhat/jbcs-httpd24-httpd<0:2.4.37-78.el8
redhat/jbcs-httpd24-nghttp2<0:1.39.2-39.el8
redhat/jbcs-httpd24-openssl<1:1.1.1g-8.el8
and 38 more
CVE-2021-4197
An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled ...
redhat/kernel-rt<0:4.18.0-372.9.1.rt7.166.el8
redhat/kernel<0:4.18.0-372.9.1.el8
redhat/kernel-rt<0:4.18.0-305.57.1.rt7.129.el8_4
redhat/kernel<0:4.18.0-305.57.1.el8_4
redhat/Linux kernel<5.17
ubuntu/linux<4.15.0-189.200
and 161 more
CVE-2021-31879
GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007.
GNU Wget<=1.21.1
Broadcom Brocade Fabric Operating System Firmware
Netapp Cloud Backup
NetApp ONTAP Select Deploy administration utility
Netapp A250 Firmware
Netapp A250
and 2 more
CVE-2021-28153
GNOME GLib could allow a remote attacker to bypass security restrictions, caused by a flaw when g_file_replace() function is used with G_FILE_CREATE_REPLACE_DESTINATION to replace a path that is a dan...
GNOME GLib<2.66.8
Broadcom Brocade Fabric Operating System Firmware
Debian Debian Linux=9.0
Fedoraproject Fedora=33
redhat/glib<2.67.6
IBM QRadar SIEM<=7.5.0 GA
and 2 more
CVE-2021-27218
An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If g_byte_array_new_take() was called with a buffer of 4GB or more on a 64-bit platform, the length would be truncated mod...
redhat/mingw-glib2<0:2.66.7-2.el8
redhat/glib2<0:2.56.4-10.el8_4.1
IBM QRadar SIEM<=7.5.0 GA
IBM QRadar SIEM<=7.4.3 GA - 7.4.3 FP4
IBM QRadar SIEM<=7.3.3 GA - 7.3.3 FP10
redhat/glib<2.66.7
and 10 more
CVE-2021-27219
An integer wraparound was discovered in glib due to passing a 64 bit sized value to function g_memdup() which accepts a 32 bits number as argument. An attacker may abuse this flaw when an application ...
redhat/glib2<0:2.28.8-11.el6_10
redhat/glib2<0:2.56.1-9.el7_9
redhat/glib2<0:2.42.2-6.el7_2
redhat/glib2<0:2.46.2-5.el7_3
redhat/glib2<0:2.50.3-4.el7_4
redhat/glib2<0:2.56.1-5.el7_6
and 19 more
CVE-2021-20197
There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. When these utilities are run as a privileged user (pres...
GNU Binutils<=2.35
Redhat Enterprise Linux=8.0
Netapp Cloud Backup
NetApp ONTAP Select Deploy administration utility
IBM Cloud Pak for Business Automation
Broadcom Brocade Fabric Operating System Firmware
CVE-2020-35496
GNU Binutils before 2.34 has a NULL pointer dereference in bfd_pef_scan_start_address function in bfd/pef.c due to not checking return value of bfd_malloc. This bug allows attackers to cause a denial ...
redhat/binutils<2.34
GNU Binutils<2.34
Fedoraproject Fedora=32
Netapp Cloud Backup
NetApp ONTAP Select Deploy administration utility
IBM Cloud Pak for Business Automation
and 4 more
CVE-2020-35495
GNU Binutils before 2.34 has a NULL pointer deference vulnerability in function bfd_pef_parse_symbols (file bfd/pef.c) which could allow attackers to cause a denial of service. Reference: <a href="ht...
redhat/binutils<2.34
GNU Binutils<2.34
Fedoraproject Fedora=32
Netapp Cloud Backup
NetApp ONTAP Select Deploy administration utility
IBM Cloud Pak for Business Automation
and 4 more
CVE-2020-35494
GNU Binutils before 2.34 has an uninitialized-heap vulnerability in function tic4x_print_cond (file opcodes/tic4x-dis.c) which could allow attackers to make an information leak. Reference: <a href="h...
redhat/binutils<2.34
GNU Binutils<2.34
Fedoraproject Fedora=32
Netapp Cloud Backup
NetApp ONTAP Select Deploy administration utility
IBM Cloud Pak for Business Automation
and 4 more
CVE-2020-35493
A flaw exists in binutils in bfd/pef.c. An attacker who is able to submit a crafted PEF file to be parsed by objdump could cause a heap buffer overflow -> out-of-bounds read that could lead to an impa...
redhat/binutils<2.34
GNU Binutils<2.34
Fedoraproject Fedora=32
Netapp Cloud Backup
NetApp ONTAP Select Deploy administration utility
IBM Cloud Pak for Business Automation
and 4 more
CVE-2020-15436
A use-after-free flaw was observed in blkdev_get(), in fs/block_dev.c after a call to __blkdev_get() fails, and its refcount gets freed/released. This problem may cause a denial of service problem wit...
redhat/kernel-rt<0:3.10.0-1160.15.2.rt56.1152.el7
redhat/kernel<0:3.10.0-1160.15.2.el7
redhat/kernel-alt<0:4.14.0-115.35.1.el7a
redhat/kernel<0:3.10.0-957.72.1.el7
redhat/kernel<0:3.10.0-1062.51.1.el7
Google Android
and 150 more
CVE-2020-8648
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.
redhat/kernel-rt<0:3.10.0-1160.31.1.rt56.1169.el7
redhat/kernel<0:3.10.0-1160.31.1.el7
redhat/kernel<0:3.10.0-957.80.1.el7
redhat/kernel<0:3.10.0-1062.56.1.el7
redhat/kernel-rt<0:4.18.0-240.rt7.54.el8
redhat/kernel<0:4.18.0-240.el8
and 82 more
CVE-2019-19057
Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory con...
redhat/kernel-rt<0:4.18.0-193.rt13.51.el8
redhat/kernel<0:4.18.0-193.el8
ubuntu/linux<4.15.0-88.88
ubuntu/linux<5.3.0-40.32
ubuntu/linux<5.5~
ubuntu/linux<4.4.0-173.203
and 113 more
CVE-2019-19054
A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by trig...
ubuntu/linux<4.15.0-118.119
ubuntu/linux<5.4.0-48.52
ubuntu/linux<5.5~
ubuntu/linux<4.4.0-190.220
ubuntu/linux-aws<4.15.0-1083.87
ubuntu/linux-aws<5.4.0-1025.25
and 129 more
CVE-2019-19052
A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submi...
ubuntu/linux<4.15.0-74.84
ubuntu/linux<5.0.0-38.41
ubuntu/linux<5.3.0-26.28
ubuntu/linux<5.4~
ubuntu/linux<4.4.0-171.200
ubuntu/linux-aws<4.15.0-1057.59
and 118 more
CVE-2019-19044
Two memory leaks in the v3d_submit_cl_ioctl() function in drivers/gpu/drm/v3d/v3d_gem.c in the Linux kernel before 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggerin...
ubuntu/linux<5.3.0-26.28
ubuntu/linux<5.4~
ubuntu/linux-aws<5.3.0-1009.10
ubuntu/linux-aws<5.4~
ubuntu/linux-aws-5.0<5.4~
ubuntu/linux-aws-hwe<5.4~
and 69 more
CVE-2019-19063
Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka...
redhat/kernel-rt<0:3.10.0-1160.rt56.1131.el7
redhat/kernel<0:3.10.0-1160.el7
redhat/kernel-rt<0:4.18.0-240.rt7.54.el8
redhat/kernel<0:4.18.0-240.el8
ubuntu/linux<4.15.0-88.88
ubuntu/linux<5.3.0-40.32
and 116 more
CVE-2019-19061
A memory leak in the adis_update_scan_mode_burst() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CI...
ubuntu/linux<4.15.0-118.119
ubuntu/linux<5.3.0-24.26
ubuntu/linux<5.4~
ubuntu/linux<4.4.0-207.239
ubuntu/linux-aws<4.15.0-1083.87
ubuntu/linux-aws<5.3.0-1008.9
and 115 more
CVE-2019-19053
A memory leak in the rpmsg_eptdev_write_iter() function in drivers/rpmsg/rpmsg_char.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggerin...
ubuntu/linux<5.3.0-42.34
ubuntu/linux<5.5~
ubuntu/linux-aws<5.3.0-1013.14
ubuntu/linux-aws<5.5~
ubuntu/linux-aws-5.0<5.0.0-1027.30
ubuntu/linux-aws-5.0<5.5~
and 80 more
CVE-2019-19060
A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-ab61...
ubuntu/linux<4.15.0-72.81
ubuntu/linux<5.0.0-38.41
ubuntu/linux<5.3.0-24.26
ubuntu/linux<5.4~
ubuntu/linux<4.4.0-179.209
ubuntu/linux-aws<4.15.0-1056.58
and 116 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203