Broadcom Brocade Fabric Operating System Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Broadcom Brocade Fabric Operating System Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVE-2023-27534 — CVSS 8.8 (high): A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as…
CVE-2021-4197 — CVSS 7.8 (high): An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users…
CVE-2019-19060 — CVSS 7.5 (high): A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to…
CVE-2019-19061 — CVSS 7.5 (high): A memory leak in the adis_update_scan_mode_burst() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows…
CVE-2021-36160 — CVSS 7.5 (high): A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects…
CVE-2021-34798 — CVSS 7.5 (high): Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier.
CVE-2021-27219 — CVSS 7.5 (high): An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. The function g_bytes_new has an integer overflow on 64-bit…
CVE-2019-19044 — CVSS 7.5 (high): Two memory leaks in the v3d_submit_cl_ioctl() function in drivers/gpu/drm/v3d/v3d_gem.c in the Linux kernel before 5.3.11 allow attackers…
CVE-2021-27218 — CVSS 7.5 (high): An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If g_byte_array_new_take() was called with a buffer of 4GB or…
CVE-2019-19052 — CVSS 7.5 (high): A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel before 5.3.11 allows attackers to cause a…
CVE-2019-19053 — CVSS 7.5 (high): A memory leak in the rpmsg_eptdev_write_iter() function in drivers/rpmsg/rpmsg_char.c in the Linux kernel through 5.3.11 allows attackers…
CVE-2020-8648 — CVSS 7.1 (high): There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.
CVE-2020-15436 — CVSS 6.7 (medium): Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of…
CVE-2021-20197 — CVSS 6.3 (medium): There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip…
CVE-2021-31879 — CVSS 6.1 (medium): GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007.
CVE-2020-35494 — CVSS 6.1 (medium): There's a flaw in binutils /opcodes/tic4x-dis.c. An attacker who is able to submit a crafted input file to be processed by binutils could…
CVE-2023-27537 — CVSS 5.9 (medium): A double free vulnerability exists in libcurl <8.0.0 when sharing HSTS data between separate "handles". This sharing was introduced without…
CVE-2023-27538 — CVSS 5.5 (medium): An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite…
CVE-2020-35495 — CVSS 5.5 (medium): There's a flaw in binutils /bfd/pef.c. An attacker who is able to submit a crafted input file to be processed by the objdump program could…
CVE-2020-35493 — CVSS 5.5 (medium): A flaw exists in binutils in bfd/pef.c. An attacker who is able to submit a crafted PEF file to be parsed by objdump could cause a heap…
CVE-2020-35496 — CVSS 5.5 (medium): There's a flaw in bfd_pef_scan_start_address() of bfd/pef.c in binutils which could allow an attacker who is able to submit a crafted file…
CVE-2021-28153 — CVSS 5.3 (medium): An issue was discovered in GNOME GLib before 2.66.8. When g_file_replace() is used with G_FILE_CREATE_REPLACE_DESTINATION to replace a path…
CVE-2019-19054 — CVSS 4.7 (medium): A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows…
CVE-2019-19063 — CVSS 4.6 (medium): Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow…
CVE-2019-19057 — CVSS 3.3 (low): Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through…