Filtered by vendor Broadcom
Subscribe
Total
610 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-12772 | 1 Broadcom | 1 Sannav | 2026-02-09 | N/A | 4.9 MEDIUM |
| Brocade SANnav before 2.4.0b logs the Brocade Fabric OS Switch admin password on the SANnav support save logs. When OOM occurs on a Brocade SANnav server, the call stack trace for the Brocade switch is also collected in the heap dump file which contains this switch password in clear text. The vulnerability could allow a remote authenticated attacker with admin privilege able to access the SANnav logs or the supportsave to read the switch admin password. | |||||
| CVE-2025-58381 | 1 Broadcom | 1 Fabric Operating System | 2026-02-06 | N/A | 2.3 LOW |
| A vulnerability in Brocade Fabric OS before 9.2.1c2 could allow an authenticated attacker with admin privileges using the shell commands “source, ping6, sleep, disown, wait to modify the path variables and move upwards in the directory structure or to traverse to different directories. | |||||
| CVE-2025-58380 | 1 Broadcom | 1 Fabric Operating System | 2026-02-06 | N/A | 2.3 LOW |
| A vulnerability in Brocade Fabric OS before 9.2.1 could allow an authenticated attacker with admin privileges using the shell command “grep” to modify the path variables and move upwards in the directory structure or to traverse to different directories. | |||||
| CVE-2026-0383 | 1 Broadcom | 1 Fabric Operating System | 2026-02-06 | N/A | 7.8 HIGH |
| A vulnerability in Brocade Fabric OS could allow an authenticated, local attacker with privileges to access the Bash shell to access insecurely stored file contents including the history command. | |||||
| CVE-2025-58383 | 1 Broadcom | 1 Fabric Operating System | 2026-02-06 | N/A | 7.2 HIGH |
| A vulnerability in Brocade Fabric OS versions before 9.2.1c2 could allow an administrator-level user to execute the bind command, to escalate privileges and bypass security controls allowing the execution of arbitrary commands. | |||||
| CVE-2025-58379 | 1 Broadcom | 1 Fabric Operating System | 2026-02-06 | N/A | 5.5 MEDIUM |
| Brocade Fabric OS before 9.2.1 has a vulnerability that could allow a local authenticated attacker to reveal command line passwords using commands that may expose higher privilege sensitive information by a lower privileged user. | |||||
| CVE-2025-58382 | 1 Broadcom | 1 Fabric Operating System | 2026-02-06 | N/A | 7.2 HIGH |
| A vulnerability in the secure configuration of authentication and management services in Brocade Fabric OS before Fabric OS 9.2.1c2 could allow an authenticated, remote attacker with administrative credentials to execute arbitrary commands as root using “supportsave”, “seccertmgmt”, “configupload” command. | |||||
| CVE-2025-9711 | 1 Broadcom | 1 Fabric Operating System | 2026-02-06 | N/A | 7.8 HIGH |
| A vulnerability in Brocade Fabric OS before 9.2.1c3 could allow elevating the privileges of the local authenticated user to “root” using the export option of seccertmgmt and seccryptocfg commands. | |||||
| CVE-2025-4661 | 1 Broadcom | 1 Fabric Operating System | 2026-02-06 | N/A | 2.3 LOW |
| A path transversal vulnerability in Brocade Fabric OS 9.1.0 through 9.2.2 could allow a local admin user to gain access to files outside the intended directory potentially leading to the disclosure of sensitive information. Note: Admin level privilege is required on the switch in order to exploit | |||||
| CVE-2022-33186 | 2 Broadcom, Brocade | 2 Fabric Operating System, Fabric Operating System | 2026-02-05 | N/A | 9.8 CRITICAL |
| A vulnerability in Brocade Fabric OS software v9.1.1, v9.0.1e, v8.2.3c, v7.4.2j, and earlier versions could allow a remote unauthenticated attacker to execute on a Brocade Fabric OS switch commands capable of modifying zoning, disabling the switch, disabling ports, and modifying the switch IP address. | |||||
| CVE-2025-69267 | 3 Broadcom, Linux, Microsoft | 3 Dx Netops Spectrum, Linux Kernel, Windows | 2026-01-14 | N/A | 6.5 MEDIUM |
| Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Path Traversal.This issue affects DX NetOps Spectrum: 24.3.8 and earlier. | |||||
| CVE-2025-69268 | 3 Broadcom, Linux, Microsoft | 3 Dx Netops Spectrum, Linux Kernel, Windows | 2026-01-14 | N/A | 6.1 MEDIUM |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Reflected XSS.This issue affects DX NetOps Spectrum: 24.3.8 and earlier. | |||||
| CVE-2025-69269 | 3 Broadcom, Linux, Microsoft | 3 Dx Netops Spectrum, Linux Kernel, Windows | 2026-01-14 | N/A | 9.8 CRITICAL |
| Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows OS Command Injection.This issue affects DX NetOps Spectrum: 23.3.6 and earlier. | |||||
| CVE-2025-69270 | 3 Broadcom, Linux, Microsoft | 3 Dx Netops Spectrum, Linux Kernel, Windows | 2026-01-14 | N/A | 9.8 CRITICAL |
| Information Exposure Through Query Strings in GET Request vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Session Hijacking.This issue affects DX NetOps Spectrum: 24.3.8 and earlier. | |||||
| CVE-2025-69271 | 3 Broadcom, Linux, Microsoft | 3 Dx Netops Spectrum, Linux Kernel, Windows | 2026-01-14 | N/A | 7.5 HIGH |
| Insufficiently Protected Credentials vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Sniffing Attacks.This issue affects DX NetOps Spectrum: 24.3.13 and earlier. | |||||
| CVE-2025-69272 | 3 Broadcom, Linux, Microsoft | 3 Dx Netops Spectrum, Linux Kernel, Windows | 2026-01-14 | N/A | 7.5 HIGH |
| Cleartext Transmission of Sensitive Information vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Sniffing Attacks.This issue affects DX NetOps Spectrum: 21.2.1 and earlier. | |||||
| CVE-2025-69273 | 3 Broadcom, Linux, Microsoft | 3 Dx Netops Spectrum, Linux Kernel, Windows | 2026-01-14 | N/A | 7.5 HIGH |
| Improper Authentication vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Authentication Bypass.This issue affects DX NetOps Spectrum: 24.3.10 and earlier. | |||||
| CVE-2025-69274 | 3 Broadcom, Linux, Microsoft | 3 Dx Netops Spectrum, Linux Kernel, Windows | 2026-01-14 | N/A | 8.8 HIGH |
| Authorization Bypass Through User-Controlled Key vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Privilege Escalation.This issue affects DX NetOps Spectrum: 24.3.10 and earlier. | |||||
| CVE-2025-69275 | 3 Broadcom, Linux, Microsoft | 3 Dx Netops Spectrum, Linux Kernel, Windows | 2026-01-14 | N/A | 6.1 MEDIUM |
| Dependency on Vulnerable Third-Party Component vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows DOM-Based XSS.This issue affects DX NetOps Spectrum: 24.3.9 and earlier. | |||||
| CVE-2025-69276 | 3 Broadcom, Linux, Microsoft | 3 Dx Netops Spectrum, Linux Kernel, Windows | 2026-01-14 | N/A | 8.8 HIGH |
| Deserialization of Untrusted Data vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Object Injection.This issue affects DX NetOps Spectrum: 24.3.13 and earlier. | |||||