Vulnerabilities > Brocade
|2022-12-08||CVE-2022-33186|| OS Command Injection vulnerability in Brocade Fabric Operating System |
A vulnerability in Brocade Fabric OS software v9.1.1, v9.0.1e, v8.2.3c, v7.4.2j, and earlier versions could allow a remote unauthenticated attacker to execute on a Brocade Fabric OS switch commands capable of modifying zoning, disabling the switch, disabling ports, and modifying the switch IP address.
| 9.8 |
|2022-06-02||CVE-2022-27774|| Insufficiently Protected Credentials vulnerability in multiple products |
An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers.
| 5.7 |
|2022-06-02||CVE-2022-27775||An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead.|| 7.5 |
|2022-06-02||CVE-2022-27776|| Insufficiently Protected Credentials vulnerability in multiple products |
A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number.
| 6.5 |
|2022-05-26||CVE-2022-22576|| Improper Authentication vulnerability in multiple products |
An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer.
| 8.1 |
|2022-05-09||CVE-2022-28161|| Information Exposure Through Log Files vulnerability in Brocade Sannav |
An information exposure through log file vulnerability in Brocade SANNav versions before Brocade SANnav 2.2.0 could allow an authenticated, local attacker to view sensitive information such as ssh passwords in filetansfer.log in debug mode.
| 1.9 |
|2021-07-07||CVE-2021-22555|| Out-of-bounds Write vulnerability in multiple products |
A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c.
| 4.6 |
|2020-05-27||CVE-2020-13632|| NULL Pointer Dereference vulnerability in multiple products |
ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query.
| 2.1 |
|2020-05-27||CVE-2020-13631||SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c.|| 2.1 |
|2020-05-27||CVE-2020-13630|| Use After Free vulnerability in multiple products |
ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature.
| 4.4 |