Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-48928 | 1 Smarsh | 1 Telemessage | 2025-11-05 | N/A | 4.0 MEDIUM |
|
The TeleMessage service through 2025-05-05 is based on a JSP application in which the heap content is roughly equivalent to a "core dump" in which a password previously sent over HTTP would be included in this dump, as exploited in the wild in May 2025.
|
|||||
| CVE-2024-10403 | 1 Broadcom | 1 Fabric Operating System | 2025-02-04 | N/A | 7.5 HIGH |
|
Brocade Fabric OS versions before
8.2.3e2, versions 9.0.0 through 9.2.0c, and 9.2.1 through 9.2.1a can
capture the SFTP/FTP server password used for a firmware download
operation initiated by SANnav or through WebEM in a weblinker core dump
that is later captured via supportsave.
|
|||||