Vulnerabilities > Broadcom > Brocade Fabric Operating System > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-02 | CVE-2023-31927 | Unspecified vulnerability in Broadcom Brocade Fabric Operating System An information disclosure in the web interface of Brocade Fabric OS versions before Brocade Fabric OS v9.2.0 and v9.1.1c, could allow a remote unauthenticated attacker to get technical details about the web interface. | 5.3 |
| 2023-08-02 | CVE-2023-31428 | Unrestricted Upload of File with Dangerous Type vulnerability in Broadcom Brocade Fabric Operating System 9.2.0 Brocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a vulnerability in the command line that could allow a local user to dump files under user's home directory using grep. | 5.5 |
| 2023-08-02 | CVE-2023-31430 | Classic Buffer Overflow vulnerability in Broadcom Brocade Fabric Operating System 9.2.0 A buffer overflow vulnerability in “secpolicydelete” command in Brocade Fabric OS before Brocade Fabric OS v9.1.1c and v9.2.0 could allow an authenticated privileged user to crash the Brocade Fabric OS switch leading to a denial of service. | 5.5 |
| 2023-08-02 | CVE-2023-31431 | Classic Buffer Overflow vulnerability in Broadcom Brocade Fabric Operating System 9.2.0 A buffer overflow vulnerability in “diagstatus” command in Brocade Fabric OS before Brocade Fabric v9.2.0 and v9.1.1c could allow an authenticated user to crash the Brocade Fabric OS switch leading to a denial of service. | 5.5 |
| 2023-08-02 | CVE-2023-31928 | Cross-site Scripting vulnerability in Broadcom Brocade Fabric Operating System 9.1.1C A reflected cross-site scripting (XSS) vulnerability exists in Brocade Webtools PortSetting.html of Brocade Fabric OS version before Brocade Fabric OS v9.2.0 that could allow a remote unauthenticated attacker to execute arbitrary JavaScript code in a target user’s session with the Brocade Webtools application. | 6.1 |
| 2021-01-04 | CVE-2020-35507 | NULL Pointer Dereference vulnerability in multiple products There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutils in versions prior to 2.34 which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. | 5.5 |
| 2020-04-02 | CVE-2020-1927 | Open Redirect vulnerability in multiple products In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL. | 6.1 |