CVE-2024-6119

all versions

Issue summary: Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to rea

7.5HIGH

CVE-2024-2398

all versions

When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses

8.6HIGH

CVE-2023-31927

< 9.1.1c

An information disclosure in the web interface of Brocade Fabric OS versions before Brocade Fabric OS v9.2.0 and v9.1.1c, could al

5.3MEDIUM

CVE-2023-31926

< 9.1.1c

System files could be overwritten using the less command in Brocade Fabric OS before Brocade Fabric OS v9.1.1c and v9.2.0.

7.1HIGH

CVE-2023-31928

< 9.2.0

A reflected cross-site scripting (XSS) vulnerability exists in Brocade Webtools PortSetting.html of Brocade Fabric OS version bef

6.3MEDIUM

CVE-2023-31432

< 9.1.1c

Through manipulation of passwords or other variables, using commands such as portcfgupload, configupload, license, myid, a non-pri

7.8HIGH

CVE-2023-31431

< 9.1.1c

A buffer overflow vulnerability in “diagstatus” command in Brocade Fabric OS before Brocade Fabric v9.2.0 and v9.1.1c could al

5.5MEDIUM

CVE-2023-31430

< 9.1.1c

A buffer overflow vulnerability in “secpolicydelete” command in Brocade Fabric OS before Brocade Fabric OS v9.1.1c and v9.2.0

5.5MEDIUM

CVE-2023-31428

< 9.1.1c

Brocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a vulnerability in the command line that could allow a local u

5.5MEDIUM

CVE-2023-28531

all versions

ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest

9.8CRITICAL

CVE-2022-33186

all versions

A vulnerability in Brocade Fabric OS software v9.1.1, v9.0.1e, v8.2.3c, v7.4.2j, and earlier versions could allow a remote unauthe

9.8CRITICAL

CVE-2022-27776

all versions

A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HT

6.5MEDIUM

CVE-2022-27775

all versions

An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in t

7.5HIGH

CVE-2022-27774

all versions

An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow

5.7MEDIUM

CVE-2022-22576

all versions

An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticate

8.1HIGH

CVE-2021-22555

all versions

A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker t

8.3HIGH

CVE-2021-23133

all versions

A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the

6.7MEDIUM

CVE-2020-35507

all versions

There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutils in versions prior to 2.34 which could allow an attacker wh

5.5MEDIUM

CVE-2020-13632

all versions

ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query.

5.5MEDIUM

CVE-2020-13631

all versions

SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c.

5.5MEDIUM

CVE-2020-13630

all versions

ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature.

7.0HIGH

CVE-2020-12243

all versions

In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of servic

7.5HIGH

CVE-2020-1927

all versions

In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fo

6.1MEDIUM