Export limit exceeded: 15215 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (43 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-58382 | 2 Broadcom, Brocade | 2 Fabric Operating System, Fabric Os | 2026-02-26 | 7.2 High |
| A vulnerability in the secure configuration of authentication and management services in Brocade Fabric OS before Fabric OS 9.2.1c2 could allow an authenticated, remote attacker with administrative credentials to execute arbitrary commands as root using “supportsave”, “seccertmgmt”, “configupload” command. | ||||
| CVE-2025-58383 | 2 Broadcom, Brocade | 2 Fabric Operating System, Fabric Os | 2026-02-26 | 7.2 High |
| A vulnerability in Brocade Fabric OS versions before 9.2.1c2 could allow an administrator-level user to execute the bind command, to escalate privileges and bypass security controls allowing the execution of arbitrary commands. | ||||
| CVE-2026-0383 | 2 Broadcom, Brocade | 2 Fabric Operating System, Fabric Os | 2026-02-26 | 7.8 High |
| A vulnerability in Brocade Fabric OS could allow an authenticated, local attacker with privileges to access the Bash shell to access insecurely stored file contents including the history command. | ||||
| CVE-2025-9711 | 2 Broadcom, Brocade | 2 Fabric Operating System, Fabric Os | 2026-02-26 | 7.8 High |
| A vulnerability in Brocade Fabric OS before 9.2.1c3 could allow elevating the privileges of the local authenticated user to “root” using the export option of seccertmgmt and seccryptocfg commands. | ||||
| CVE-2024-7517 | 2 Broadcom, Brocade | 2 Fabric Operating System, Fabric Os | 2026-02-20 | 7.8 High |
| A command injection vulnerability in Brocade Fabric OS before 9.2.0c, and 9.2.1 through 9.2.1a on IP extension platforms could allow a local authenticated attacker to perform a privileged escalation via crafted use of the portcfg command. This specific exploitation is only possible on IP Extension platforms: Brocade 7810, Brocade 7840, Brocade 7850 and on Brocade X6 or X7 directors with an SX-6 Extension blade installed. The attacker must be logged into the switch via SSH or serial console to conduct the attack. | ||||
| CVE-2025-58381 | 2 Broadcom, Brocade | 2 Fabric Operating System, Fabric Os | 2026-02-06 | 2.3 Low |
| A vulnerability in Brocade Fabric OS before 9.2.1c2 could allow an authenticated attacker with admin privileges using the shell commands “source, ping6, sleep, disown, wait to modify the path variables and move upwards in the directory structure or to traverse to different directories. | ||||
| CVE-2025-58380 | 2 Broadcom, Brocade | 2 Fabric Operating System, Fabric Os | 2026-02-06 | 2.3 Low |
| A vulnerability in Brocade Fabric OS before 9.2.1 could allow an authenticated attacker with admin privileges using the shell command “grep” to modify the path variables and move upwards in the directory structure or to traverse to different directories. | ||||
| CVE-2025-58379 | 2 Broadcom, Brocade | 2 Fabric Operating System, Fabric Os | 2026-02-06 | 5.5 Medium |
| Brocade Fabric OS before 9.2.1 has a vulnerability that could allow a local authenticated attacker to reveal command line passwords using commands that may expose higher privilege sensitive information by a lower privileged user. | ||||
| CVE-2025-4661 | 2 Broadcom, Brocade | 2 Fabric Operating System, Fabric Os | 2026-02-06 | 2.3 Low |
| A path transversal vulnerability in Brocade Fabric OS 9.1.0 through 9.2.2 could allow a local admin user to gain access to files outside the intended directory potentially leading to the disclosure of sensitive information. Note: Admin level privilege is required on the switch in order to exploit | ||||
| CVE-2025-12774 | 1 Brocade | 1 Sannav | 2026-02-04 | N/A |
| A vulnerability in the migration script for Brocade SANnav before 3.0 could allow the collection of database sql queries in the SANnav support save file. An attacker with access to Brocade SANnav supportsave file, could open the file and then obtain sensitive information such as details of database tables and encrypted passwords. | ||||
| CVE-2021-22555 | 4 Brocade, Linux, Netapp and 1 more | 43 Fabric Operating System, Linux Kernel, Aff 500f and 40 more | 2025-12-30 | 8.3 High |
| A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space | ||||
| CVE-2024-2240 | 2 Broadcom, Brocade | 2 Brocade Sannav, Sannav | 2025-08-26 | 7.2 High |
| Docker daemon in Brocade SANnav before SANnav 2.3.1b runs without auditing. The vulnerability could allow a remote authenticated attacker to execute various attacks. | ||||
| CVE-2024-10405 | 2 Broadcom, Brocade | 2 Brocade Sannav, Sannav | 2025-08-26 | 5.3 Medium |
| Brocade SANnav before SANnav 2.3.1b enables weak TLS ciphers on ports 443 and 18082. In case of a successful exploit, an attacker can read Brocade SANnav data stream that includes monitored Brocade Fabric OS switches performance data, port status, zoning information, WWNs, IP Addresses, but no customer data, no personal data and no secrets or passwords, as it travels across the network. | ||||
| CVE-2024-4282 | 2 Broadcom, Brocade | 2 Brocade Sannav, Sannav | 2025-08-26 | 9.8 Critical |
| Brocade SANnav OVA before SANnav 2.3.1b enables SHA1 deprecated setting for SSH for port 22. | ||||
| CVE-2022-33186 | 1 Brocade | 1 Fabric Operating System | 2025-04-23 | 9.8 Critical |
| A vulnerability in Brocade Fabric OS software v9.1.1, v9.0.1e, v8.2.3c, v7.4.2j, and earlier versions could allow a remote unauthenticated attacker to execute on a Brocade Fabric OS switch commands capable of modifying zoning, disabling the switch, disabling ports, and modifying the switch IP address. | ||||
| CVE-2016-8207 | 1 Brocade | 1 Network Advisor | 2025-04-20 | N/A |
| A Directory Traversal vulnerability in CliMonitorReportServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to read arbitrary files including files with sensitive user information. | ||||
| CVE-2016-8206 | 1 Brocade | 1 Network Advisor | 2025-04-20 | N/A |
| A Directory Traversal vulnerability in servlet SoftwareImageUpload in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to write to arbitrary files, and consequently delete the files. | ||||
| CVE-2016-8205 | 1 Brocade | 1 Network Advisor | 2025-04-20 | N/A |
| A Directory Traversal vulnerability in DashboardFileReceiveServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to upload a malicious file in a section of the file system where it can be executed. | ||||
| CVE-2016-8209 | 1 Brocade | 19 Netiron Cer 2024c-4x-rt, Netiron Cer 2024f-4x-rt, Netiron Cer 2024f-rt and 16 more | 2025-04-20 | N/A |
| Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module. | ||||
| CVE-2016-8201 | 1 Brocade | 1 Virtual Traffic Manager | 2025-04-20 | N/A |
| A CSRF vulnerability in Brocade Virtual Traffic Manager versions released prior to and including 11.0 could allow an attacker to trick a logged-in user into making administrative changes on the traffic manager cluster. | ||||