Brocade fabric operating system firmware

This hub aggregates every CVE we track for Brocade fabric operating system firmware, a product in the hardware firmware space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Brocade fabric operating system firmware.

• CVE-2023-5363Incorrect cipher key & IV length processing7.5Oct 24, 2023
• CVE-2023-4806Glibc: potential use-after-free in getaddrinfo()5.9Sep 18, 2023
• CVE-2023-27538An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have ...5.5Mar 30, 2023
• CVE-2023-27534A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its in...8.8Mar 30, 2023
• CVE-2023-27537A double free vulnerability exists in libcurl <8.0.0 when sharing HSTS data between separate "handles". This sharing was introduced without considerations for do this sharing across separate thread...5.9Mar 30, 2023
• CVE-2021-4197An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controll...7.8Mar 23, 2022
• CVE-2021-45485In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider th...7.5Dec 25, 2021
• CVE-2021-40438mod_proxy SSRFKEV9.0Sep 16, 2021
• CVE-2021-36160mod_proxy_uwsgi out of bound read7.5Sep 16, 2021
• CVE-2021-34798NULL pointer dereference in httpd core7.5Sep 16, 2021
• CVE-2021-31879GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007.6.1Apr 29, 2021
• CVE-2021-20197There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. When these utilities are run as a privileged user (p...6.3Mar 26, 2021
• CVE-2020-35508A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers. A loc...4.5Mar 26, 2021
• CVE-2021-28153An issue was discovered in GNOME GLib before 2.66.8. When g_file_replace() is used with G_FILE_CREATE_REPLACE_DESTINATION to replace a path that is a dangling symlink, it incorrectly also creates t...5.3Mar 11, 2021
• CVE-2021-27219An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. The function g_bytes_new has an integer overflow on 64-bit platforms due to an implicit cast from 64 bits to 32 bits. T...7.5Feb 15, 2021