A buffer overflow vulnerability exists in Symantec Data Loss Prevention version 14.0.2 and before. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a crafted document to achieve code execution.
Max CVSS
9.6
EPSS Score
0.21%
Published
2024-01-26
Updated
2024-01-31
A buffer overflow vulnerability exists in Symantec Server Management Suite version 7.9 and before. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as SYSTEM.
Max CVSS
10.0
EPSS Score
0.21%
Published
2024-01-26
Updated
2024-01-31
A buffer overflow vulnerability exists in Symantec Messaging Gateway versions 10.5 and before. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as root.
Max CVSS
10.0
EPSS Score
0.21%
Published
2024-01-26
Updated
2024-01-31
A buffer overflow vulnerability exists in Symantec Messaging Gateway versions 9.5 and before. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as root.
Max CVSS
10.0
EPSS Score
0.21%
Published
2024-01-26
Updated
2024-01-31
A buffer overflow vulnerability exists in Symantec Deployment Solution version 7.9 when parsing UpdateComputer tokens. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as SYSTEM.
Max CVSS
10.0
EPSS Score
0.18%
Published
2024-01-26
Updated
2024-01-31
Jaspersoft Clarity PPM version 14.3.0.298 was discovered to contain an arbitrary file upload vulnerability via the Profile Picture Upload function.
Max CVSS
5.4
EPSS Score
0.06%
Published
2023-11-09
Updated
2023-11-16
A reflected cross-site scripting (XSS) vulnerability exists in Brocade Webtools PortSetting.html of Brocade Fabric OS version before Brocade Fabric OS v9.2.0 that could allow a remote unauthenticated attacker to execute arbitrary JavaScript code in a target user’s session with the Brocade Webtools application.
Max CVSS
6.3
EPSS Score
0.06%
Published
2023-08-02
Updated
2024-02-16
An information disclosure in the web interface of Brocade Fabric OS versions before Brocade Fabric OS v9.2.0 and v9.1.1c, could allow a remote unauthenticated attacker to get technical details about the web interface.
Max CVSS
5.3
EPSS Score
0.07%
Published
2023-08-02
Updated
2023-09-08
System files could be overwritten using the less command in Brocade Fabric OS before Brocade Fabric OS v9.1.1c and v9.2.0.
Max CVSS
7.1
EPSS Score
0.04%
Published
2023-08-02
Updated
2024-02-16
Brocade SANnav before v2.3.0 and v2.2.2a stores SNMPv3 Authentication passwords in plaintext. A privileged user could retrieve these credentials with knowledge and access to these log files. SNMP credentials could be seen in SANnav SupportSave if the capture is performed after an SNMP configuration failure causes an SNMP communication log dump.
Max CVSS
6.5
EPSS Score
0.05%
Published
2023-08-31
Updated
2023-09-05
Through manipulation of passwords or other variables, using commands such as portcfgupload, configupload, license, myid, a non-privileged user could obtain root privileges in Brocade Fabric OS versions before Brocade Fabric OS v9.1.1c and v9.2.0.
Max CVSS
7.8
EPSS Score
0.04%
Published
2023-08-02
Updated
2024-02-16
A buffer overflow vulnerability in “diagstatus” command in Brocade Fabric OS before Brocade Fabric v9.2.0 and v9.1.1c could allow an authenticated user to crash the Brocade Fabric OS switch leading to a denial of service.
Max CVSS
5.5
EPSS Score
0.04%
Published
2023-08-02
Updated
2023-12-21
A buffer overflow vulnerability in “secpolicydelete” command in Brocade Fabric OS before Brocade Fabric OS v9.1.1c and v9.2.0 could allow an authenticated privileged user to crash the Brocade Fabric OS switch leading to a denial of service.
Max CVSS
5.5
EPSS Score
0.04%
Published
2023-08-02
Updated
2023-12-21
Brocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a vulnerability when using various commands such as “chassisdistribute”, “reboot”, “rasman”, errmoduleshow, errfilterset, hassiscfgperrthreshold, supportshowcfgdisable and supportshowcfgenable commands that can cause the content of shell interpreted variables to be printed in the terminal.
Max CVSS
5.5
EPSS Score
0.04%
Published
2023-08-01
Updated
2023-11-02
Brocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a vulnerability in the command line that could allow a local user to dump files under user's home directory using grep.
Max CVSS
5.5
EPSS Score
0.04%
Published
2023-08-02
Updated
2023-11-16
Brocade Fabric OS versions before Brocade Fabric OS v9.1.1c, and v9.2.0 Could allow an authenticated, local user with knowledge of full path names inside Brocade Fabric OS to execute any command regardless of assigned privilege. Starting with Fabric OS v9.1.0, “root” account access is disabled.
Max CVSS
7.8
EPSS Score
0.04%
Published
2023-08-01
Updated
2024-02-16
The Brocade Fabric OS Commands “configupload” and “configdownload” before Brocade Fabric OS v9.1.1c, v8.2.3d, v9.2.0 print scp, sftp, ftp servers passwords in supportsave. This could allow a remote authenticated attacker to access sensitive information.
Max CVSS
6.8
EPSS Score
0.07%
Published
2023-08-01
Updated
2024-02-15
A vulnerability in the fosexec command of Brocade Fabric OS after Brocade Fabric OS v9.1.0 and, before Brocade Fabric OS v9.1.1 could allow a local authenticated user to perform privilege escalation to root by breaking the rbash shell. Starting with Fabric OS v9.1.0, “root” account access is disabled.
Max CVSS
7.8
EPSS Score
0.04%
Published
2023-08-01
Updated
2023-11-02
Brocade SANnav Web interface before Brocade SANnav v2.3.0 and v2.2.2a allows remote unauthenticated users to bypass web authentication and authorization.
Max CVSS
9.8
EPSS Score
0.19%
Published
2023-08-31
Updated
2024-03-21
Possible information exposure through log file vulnerability where sensitive fields are recorded in the configuration log without masking on Brocade SANnav before v2.3.0 and 2.2.2a. Notes: To access the logs, the local attacker must have access to an already collected Brocade SANnav "supportsave" outputs.
Max CVSS
5.7
EPSS Score
0.04%
Published
2023-08-31
Updated
2024-03-21
An issue was discovered in Broadcom) LSI PCI-SV92EX Soft Modem Kernel Driver through 2.2.100.1 (aka AGRSM64.sys). There is Local Privilege Escalation to SYSTEM via a Stack Overflow in RTLCopyMemory (IOCTL 0x1b2150). An attacker can exploit this to elevate privileges from a medium-integrity process to SYSTEM. This can also be used to bypass kernel-level protections such as AV or PPL, because exploit code runs with high-integrity privileges and can be used in coordinated BYOVD (bring your own vulnerable driver) ransomware campaigns.
Max CVSS
7.8
EPSS Score
0.04%
Published
2023-10-10
Updated
2023-10-18
An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the cidr2cidr function at the cidr.c:178 endpoint.
Max CVSS
7.5
EPSS Score
0.20%
Published
2023-03-16
Updated
2023-05-15
An issue found in TCPrewrite v.4.4.3 allows a remote attacker to cause a denial of service via the ports2PORT function at the portmap.c:69 endpoint.
Max CVSS
7.5
EPSS Score
0.22%
Published
2023-03-16
Updated
2023-05-15
An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the parse_list function at the list.c:81 endpoint.
Max CVSS
7.5
EPSS Score
0.21%
Published
2023-03-16
Updated
2023-05-15
An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the macinstring function.
Max CVSS
7.5
EPSS Score
0.19%
Published
2023-03-16
Updated
2023-05-15
500 vulnerabilities found
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!