Export CSV

Products

1 vendor
VendorProductsCVEsKEVAvg EPSSWorst Severity
2929164.5%CRITICAL

Related CVEs

29
CVE IDDescriptionSeverityCVSSKEVEPSSPublished
CVE-2025-7397A vulnerability in the ascgshell, of Brocade ASCG before 3.3.0 stores any command executed in the Command Line Interface (CLI) in plain text within the command history. A local authenticated user that can access sensitive information like passwords within the CLI history leading to unauthorized access and potential data breaches.MEDIUM6.80.8%Jul 17, 2025
CVE-2022-33186A vulnerability in Brocade Fabric OS software v9.1.1, v9.0.1e, v8.2.3c, v7.4.2j, and earlier versions could allow a remote unauthenticated attacker to execute on a Brocade Fabric OS switch commands capable of modifying zoning, disabling the switch, disabling ports, and modifying the switch IP address.CRITICAL9.8Dec 8, 2022
CVE-2022-27776A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number.MEDIUM6.5Jun 2, 2022
CVE-2022-27775An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead.HIGH7.5Jun 2, 2022
CVE-2022-27774An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers.MEDIUM5.7Jun 2, 2022
CVE-2022-22576An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocols: SMPTP(S), IMAP(S), POP3(S) and LDAP(S) (openldap only).HIGH8.1May 26, 2022
CVE-2022-28161An information exposure through log file vulnerability in Brocade SANNav versions before Brocade SANnav 2.2.0 could allow an authenticated, local attacker to view sensitive information such as ssh passwords in filetansfer.log in debug mode. To exploit this vulnerability, the attacker would need to have valid user credentials and turn on debug mode.MEDIUM5.5May 9, 2022
CVE-2021-22555A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name spaceHIGH7.8KEVJul 7, 2021
CVE-2020-13632ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query.MEDIUM5.542.9%May 27, 2020
CVE-2020-13631SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c.MEDIUM5.545.2%May 27, 2020
CVE-2020-13630ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature.HIGH7.059.4%May 27, 2020
CVE-2018-6445A Vulnerability in Brocade Network Advisor versions before 14.0.3 could allow a remote unauthenticated attacker to export the current user database which includes the encrypted (not hashed) password of the systems. The attacker could gain access to the Brocade Network Advisor System after extracting/decrypting the passwords.NONE73.9%Jan 22, 2019
CVE-2018-6444A Vulnerability in Brocade Network Advisor versions before 14.1.0 could allow a remote unauthenticated attacker to execute arbitray code. The vulnerability could also be exploited to execute arbitrary OS Commands.NONE86.8%Jan 22, 2019
CVE-2018-6443A vulnerability in Brocade Network Advisor Versions before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocumented user credentials and install additional JEE applications. A remote unauthenticated user who has access to Network Advisor client libraries and able to decrypt the Jboss credentials could gain access to the Jboss web console.NONE93.7%Jan 22, 2019
CVE-2017-6227A vulnerability in the IPv6 stack on Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) versions before 7.4.2b, 8.1.2 and 8.2.0 could allow an attacker to cause a denial of service (CPU consumption and device hang) condition by sending crafted Router Advertisement (RA) messages to a targeted system.NONE42.1%Feb 8, 2018
CVE-2017-6225Cross-site scripting (XSS) vulnerability in the web-based management interface of Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) versions before 7.4.2b, 8.1.2 and 8.2.0 could allow remote attackers to execute arbitrary code or access sensitive browser-based information.NONE70.3%Feb 8, 2018
CVE-2016-8209Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.NONE60.6%May 8, 2017
CVE-2016-8207A Directory Traversal vulnerability in CliMonitorReportServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to read arbitrary files including files with sensitive user information.NONE96.4%Jan 14, 2017
CVE-2016-8206A Directory Traversal vulnerability in servlet SoftwareImageUpload in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to write to arbitrary files, and consequently delete the files.NONE96.2%Jan 14, 2017
CVE-2016-8205A Directory Traversal vulnerability in DashboardFileReceiveServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to upload a malicious file in a section of the file system where it can be executed.NONE95.9%Jan 14, 2017