| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2022-33756 |
331 |
|
|
2022-06-16 |
2022-06-27 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
CA Automic Automation 12.2 and 12.3 contain an entropy weakness vulnerability in the Automic AutomationEngine that could allow a remote attacker to potentially access sensitive data. |
|
2 |
CVE-2022-33755 |
20 |
|
|
2022-06-16 |
2022-06-27 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
CA Automic Automation 12.2 and 12.3 contain an insecure input handling vulnerability in the Automic Agent that could allow a remote attacker to potentially enumerate users. |
|
3 |
CVE-2022-33751 |
668 |
|
|
2022-06-16 |
2022-06-27 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
CA Automic Automation 12.2 and 12.3 contain an insecure memory handling vulnerability in the Automic agent that could allow a remote attacker to potentially access sensitive data. |
|
4 |
CVE-2022-33739 |
91 |
|
|
2022-06-16 |
2022-06-28 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
CA Clarity 15.8 and below and 15.9.0 contain an insecure XML parsing vulnerability that could allow a remote attacker to potentially view the contents of any file on the system. |
|
5 |
CVE-2022-28487 |
401 |
|
|
2022-05-04 |
2022-10-28 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Tcpreplay version 4.4.1 contains a memory leakage flaw in fix_ipv6_checksums() function. The highest threat from this vulnerability is to data confidentiality. |
|
6 |
CVE-2022-28168 |
922 |
|
|
2022-06-27 |
2022-07-07 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In Brocade SANnav before Brocade SANnav v2.2.0.2 and Brocade SANnav2.1.1.8, encoded scp-server passwords are stored using Base64 encoding, which could allow an attacker able to access log files to easily decode the passwords. |
|
7 |
CVE-2022-28166 |
|
|
|
2022-06-27 |
2022-07-07 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In Brocade SANnav version before SANN2.2.0.2 and Brocade SANNav before 2.1.1.8, the implementation of TLS/SSL Server Supports the Use of Static Key Ciphers (ssl-static-key-ciphers) on ports 443 & 18082. |
|
8 |
CVE-2022-27418 |
787 |
|
Overflow |
2022-04-12 |
2022-10-28 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
Tcpreplay v4.4.1 has a heap-based buffer overflow in do_checksum_math at /tcpedit/checksum.c. |
|
9 |
CVE-2022-27416 |
415 |
|
|
2022-04-12 |
2022-10-28 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
Tcpreplay v4.4.1 was discovered to contain a double-free via __interceptor_free. |
|
10 |
CVE-2021-42773 |
|
|
|
2021-11-12 |
2022-07-12 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, could allow a user to retrieve an arbitrary file from a remote host with the GetDumpFile command. In non-secure mode, the user is unauthenticated. |
|
11 |
CVE-2021-36160 |
125 |
|
|
2021-09-16 |
2022-10-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive). |
|
12 |
CVE-2021-34798 |
476 |
|
|
2021-09-16 |
2022-10-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier. |
|
13 |
CVE-2021-31879 |
601 |
|
|
2021-04-29 |
2022-05-13 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007. |
|
14 |
CVE-2021-28248 |
307 |
|
|
2021-03-26 |
2021-03-29 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
** UNSUPPORTED WHEN ASSIGNED ** CA eHealth Performance Manager through 6.3.2.12 is affected by Improper Restriction of Excessive Authentication Attempts. An attacker is able to perform an arbitrary number of /web/frames/ authentication attempts using different passwords, and eventually gain access to a targeted account, NOTE: This vulnerability only affects products that are no longer supported by the maintainer. |
|
15 |
CVE-2021-28153 |
59 |
|
|
2021-03-11 |
2023-02-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
An issue was discovered in GNOME GLib before 2.66.8. When g_file_replace() is used with G_FILE_CREATE_REPLACE_DESTINATION to replace a path that is a dangling symlink, it incorrectly also creates the target of the symlink as an empty file, which could conceivably have security relevance if the symlink is attacker-controlled. (If the path is a symlink to a file that already exists, then the contents of that file correctly remain unchanged.) |
|
16 |
CVE-2021-27793 |
863 |
|
|
2021-08-12 |
2021-08-23 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
ntermittent authorization failure in aaa tacacs+ with Brocade Fabric OS versions before Brocade Fabric OS v9.0.1b and after 9.0.0, also in Brocade Fabric OS before Brocade Fabric OS v8.2.3a and after v8.2.0 could cause a user with a valid account to be unable to log into the switch. |
|
17 |
CVE-2021-27791 |
125 |
|
Bypass |
2021-08-12 |
2022-07-12 |
5.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
None |
|
The function that is used to parse the Authentication header in Brocade Fabric OS Web application service before Brocade Fabric OS v9.0.1a and v8.2.3a fails to properly process a malformed authentication header from the client, resulting in reading memory addresses outside the intended range. An unauthenticated attacker could discover a request, which could bypass the authentication process. |
|
18 |
CVE-2021-27219 |
681 |
|
Overflow Mem. Corr. |
2021-02-15 |
2022-12-07 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. The function g_bytes_new has an integer overflow on 64-bit platforms due to an implicit cast from 64 bits to 32 bits. The overflow could potentially lead to memory corruption. |
|
19 |
CVE-2021-27218 |
681 |
|
|
2021-02-15 |
2022-12-07 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If g_byte_array_new_take() was called with a buffer of 4GB or more on a 64-bit platform, the length would be truncated modulo 2**32, causing unintended length truncation. |
|
20 |
CVE-2021-22876 |
200 |
|
+Info |
2021-04-01 |
2022-04-06 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
curl 7.1.1 to and including 7.75.0 is vulnerable to an "Exposure of Private Personal Information to an Unauthorized Actor" by leaking credentials in the HTTP Referer: header. libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP request header field in outgoing HTTP requests, and therefore risks leaking sensitive data to the server that is the target of the second HTTP request. |
|
21 |
CVE-2020-35494 |
908 |
|
|
2021-01-04 |
2022-09-02 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
None |
Partial |
|
There's a flaw in binutils /opcodes/tic4x-dis.c. An attacker who is able to submit a crafted input file to be processed by binutils could cause usage of uninitialized memory. The highest threat is to application availability with a lower threat to data confidentiality. This flaw affects binutils versions prior to 2.34. |
|
22 |
CVE-2020-24266 |
787 |
|
DoS Overflow |
2020-10-19 |
2022-04-08 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in get_l2len() that can make tcpprep crash and cause a denial of service. |
|
23 |
CVE-2020-24265 |
787 |
|
DoS Overflow |
2020-10-19 |
2022-04-08 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in MemcmpInterceptorCommon() that can make tcpprep crash and cause a denial of service. |
|
24 |
CVE-2020-15387 |
326 |
|
|
2021-06-09 |
2021-08-23 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
The host SSH servers of Brocade Fabric OS before Brocade Fabric OS v7.4.2h, v8.2.1c, v8.2.2, v9.0.0, and Brocade SANnav before v2.1.1 utilize keys of less than 2048 bits, which may be vulnerable to man-in-the-middle attacks and/or insecure SSH communications. |
|
25 |
CVE-2020-15386 |
|
|
|
2021-06-09 |
2022-07-12 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Brocade Fabric OS prior to v9.0.1a and 8.2.3a and after v9.0.0 and 8.2.2d may observe high CPU load during security scanning, which could lead to a slower response to CLI commands and other operations. |
|
26 |
CVE-2020-15385 |
|
|
|
2021-06-09 |
2022-07-12 |
5.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
None |
|
Brocade SANnav before version 2.1.1 allows an authenticated attacker to list directories, and list files without permission. As a result, users without permission can see folders, and hidden files, and can create directories without permission. |
|
27 |
CVE-2020-15384 |
312 |
|
|
2021-06-09 |
2021-06-11 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Brocade SANNav before version 2.1.1 contains an information disclosure vulnerability. Successful exploitation of internal server information in the initial login response header. |
|
28 |
CVE-2020-15383 |
|
|
DoS |
2021-06-09 |
2022-07-12 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Running security scans against the SAN switch can cause config and secnotify processes within the firmware before Brocade Fabric OS v9.0.0, v8.2.2d and v8.2.1e to consume all memory leading to denial of service impacts possibly including a switch panic. |
|
29 |
CVE-2020-15381 |
522 |
|
|
2021-06-09 |
2021-06-15 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Brocade SANnav before version 2.1.1 contains an Improper Authentication vulnerability that allows cleartext transmission of authentication credentials of the jmx server. |
|
30 |
CVE-2020-15380 |
532 |
|
|
2021-06-09 |
2021-06-11 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Brocade SANnav before version 2.1.1 logs account credentials at the ‘trace’ logging level. |
|
31 |
CVE-2020-15379 |
20 |
|
|
2021-06-09 |
2021-06-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Brocade SANnav before v.2.1.0a could allow remote attackers cause a denial-of-service condition due to a lack of proper validation, of the length of user-supplied data as name for custom field name. |
|
32 |
CVE-2020-15378 |
|
|
|
2021-06-09 |
2021-06-11 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The OVA version of Brocade SANnav before version 2.1.1 installation with IPv6 networking exposes the docker container ports to the network, increasing the potential attack surface. |
|
33 |
CVE-2020-12243 |
674 |
|
DoS |
2020-04-28 |
2022-04-29 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash). |
|
34 |
CVE-2020-11665 |
601 |
|
|
2020-04-15 |
2020-04-20 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
CA API Developer Portal 4.3.1 and earlier handles loginRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks. |
|
35 |
CVE-2020-11664 |
601 |
|
|
2020-04-15 |
2020-04-20 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
CA API Developer Portal 4.3.1 and earlier handles homeRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks. |
|
36 |
CVE-2020-11663 |
601 |
|
|
2020-04-15 |
2020-04-20 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
CA API Developer Portal 4.3.1 and earlier handles 404 requests in an insecure manner, which allows attackers to perform open redirect attacks. |
|
37 |
CVE-2020-11662 |
200 |
|
+Info |
2020-04-15 |
2020-04-20 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
CA API Developer Portal 4.3.1 and earlier handles requests insecurely, which allows remote attackers to exploit a Cross-Origin Resource Sharing flaw and access sensitive information. |
|
38 |
CVE-2020-11661 |
269 |
|
|
2020-04-15 |
2021-07-21 |
5.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
None |
|
CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view and edit user data. |
|
39 |
CVE-2020-8011 |
476 |
|
|
2020-02-18 |
2021-12-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains a null pointer dereference vulnerability in the robot (controller) component. A remote attacker can crash the Controller service. |
|
40 |
CVE-2020-1967 |
476 |
|
DoS |
2020-04-21 |
2021-12-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue did not affect OpenSSL versions prior to 1.1.1d. Fixed in OpenSSL 1.1.1g (Affected 1.1.1d-1.1.1f). |
|
41 |
CVE-2020-1927 |
601 |
|
|
2020-04-02 |
2022-07-25 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL. |
|
42 |
CVE-2019-16211 |
522 |
|
|
2020-09-25 |
2020-10-07 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Brocade SANnav versions before v2.1.0, contain a Plaintext Password Storage vulnerability. |
|
43 |
CVE-2019-16209 |
295 |
|
|
2019-11-08 |
2019-11-09 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
A vulnerability, in The ReportsTrustManager class of Brocade SANnav versions before v2.0, could allow an attacker to perform a man-in-the-middle attack against Secure Sockets Layer(SSL)connections. |
|
44 |
CVE-2019-16208 |
327 |
|
|
2019-11-08 |
2019-11-14 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Password-based encryption (PBE) algorithm, of Brocade SANnav versions before v2.0, has a weakness in generating cryptographic keys that may allow an attacker to decrypt passwords used with several services (Radius, TACAS, etc.). |
|
45 |
CVE-2019-16204 |
532 |
|
|
2020-02-05 |
2022-01-01 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Brocade Fabric OS Versions before v7.4.2f, v8.2.2a, v8.1.2j and v8.2.1d could expose external passwords, common secrets or authentication keys used between the switch and an external server. |
|
46 |
CVE-2019-16203 |
532 |
|
|
2020-02-05 |
2022-01-01 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Brocade Fabric OS Versions before v8.2.2a and v8.2.1d could expose the credentials of the remote ESRS server when these credentials are given as a command line option when configuring the ESRS client. |
|
47 |
CVE-2018-19634 |
|
|
|
2019-01-22 |
2021-04-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
CA Service Desk Manager 14.1 and 17 contain a vulnerability that can allow a malicious actor to access survey information. |
|
48 |
CVE-2018-17582 |
125 |
|
DoS |
2018-09-28 |
2022-04-02 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
None |
Partial |
|
Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. The get_next_packet() function in the send_packets.c file uses the memcpy() function unsafely to copy sequences from the source buffer pktdata to the destination (*prev_packet)->pktdata. This will result in a Denial of Service (DoS) and potentially Information Exposure when the application attempts to process a file. |
|
49 |
CVE-2018-17580 |
125 |
|
DoS |
2018-09-28 |
2022-04-02 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
None |
Partial |
|
A heap-based buffer over-read exists in the function fast_edit_packet() in the file send_packets.c of Tcpreplay v4.3.0 beta1. This can lead to Denial of Service (DoS) and potentially Information Exposure when the application attempts to process a crafted pcap file. |
|
50 |
CVE-2018-14597 |
200 |
|
+Info |
2018-10-17 |
2019-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
CA Technologies Identity Governance 12.6, 14.0, 14.1, and 14.2 and CA Identity Suite Virtual Appliance 14.0, 14.1, and 14.2 provide telling error messages that may allow remote attackers to enumerate account names. |
