Filtered by vendor Broadcom
Subscriptions
Total
507 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-20552 | 1 Broadcom | 1 Tcpreplay | 2022-10-03 | N/A |
| Tcpreplay before 4.3.1 has a heap-based buffer over-read in packet2tree in tree.c. | ||||
| CVE-2018-20553 | 1 Broadcom | 1 Tcpreplay | 2022-10-03 | N/A |
| Tcpreplay before 4.3.1 has a heap-based buffer over-read in get_l2len in common/get.c. | ||||
| CVE-2010-0104 | 2 Broadcom, Hp | 16 Broadcom, Compaq 6005 Pro Microtower Pc, Compaq 6005 Small Form Factor Pc and 13 more | 2022-10-03 | N/A |
| Unspecified vulnerability in the Broadcom Integrated NIC Management Firmware 1.x before 1.40.0.0 and 8.x before 8.08 on the HP Small Form Factor and Microtower platforms allows remote attackers to execute arbitrary code via unknown vectors. | ||||
| CVE-2011-4503 | 2 Broadcom, Sitecom | 2 Broadcom Linux, Wl-111 | 2022-10-03 | N/A |
| The UPnP IGD implementation in Broadcom Linux on the Sitecom WL-111 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability. | ||||
| CVE-2022-25625 | 1 Broadcom | 1 Symantec Privileged Access Management | 2022-09-01 | 8.8 High |
| A malicious unauthorized PAM user can access the administration configuration data and change the values. | ||||
| CVE-1999-0355 | 1 Broadcom | 1 Controlit | 2022-08-17 | N/A |
| Local or remote users can force ControlIT 4.5 to reboot or force a user to log out, resulting in a denial of service. | ||||
| CVE-2021-26313 | 6 Amd, Arm, Broadcom and 3 more | 11 Ryzen 5 5600x, Ryzen 7 2700x, Ryzen Threadripper 2990wx and 8 more | 2022-08-01 | 5.5 Medium |
| Potential speculative code store bypass in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution of overwritten instructions, may cause an incorrect speculation and could result in data leakage. | ||||
| CVE-2020-8648 | 6 Broadcom, Canonical, Debian and 3 more | 9 Brocade Fabric Operating System Firmware, Ubuntu Linux, Debian Linux and 6 more | 2022-07-28 | 7.1 High |
| There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c. | ||||
| CVE-2021-42773 | 1 Broadcom | 1 Emulex Hba Manager | 2022-07-12 | 7.5 High |
| Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, could allow a user to retrieve an arbitrary file from a remote host with the GetDumpFile command. In non-secure mode, the user is unauthenticated. | ||||
| CVE-2021-27792 | 1 Broadcom | 1 Fabric Operating System | 2022-07-12 | 7.8 High |
| The request handling functions in web management interface of Brocade Fabric OS versions before v9.0.1a, v8.2.3a, and v7.4.2h do not properly handle malformed user input, resulting in a service crash. An authenticated attacker could use this weakness to cause the FOS HTTP application handler to crash, requiring a reboot. | ||||
| CVE-2021-27791 | 1 Broadcom | 1 Fabric Operating System | 2022-07-12 | 5.4 Medium |
| The function that is used to parse the Authentication header in Brocade Fabric OS Web application service before Brocade Fabric OS v9.0.1a and v8.2.3a fails to properly process a malformed authentication header from the client, resulting in reading memory addresses outside the intended range. An unauthenticated attacker could discover a request, which could bypass the authentication process. | ||||
| CVE-2020-15388 | 1 Broadcom | 1 Fabric Operating System | 2022-07-12 | 6.5 Medium |
| A vulnerability in the Brocade Fabric OS before Brocade Fabric OS v9.0.1a, v8.2.3, v8.2.0_CBN4, and v7.4.2h could allow an authenticated CLI user to abuse the history command to write arbitrary content to files. | ||||
| CVE-2020-15386 | 1 Broadcom | 1 Fabric Operating System | 2022-07-12 | 5.3 Medium |
| Brocade Fabric OS prior to v9.0.1a and 8.2.3a and after v9.0.0 and 8.2.2d may observe high CPU load during security scanning, which could lead to a slower response to CLI commands and other operations. | ||||
| CVE-2020-15383 | 1 Broadcom | 1 Fabric Operating System | 2022-07-12 | 7.5 High |
| Running security scans against the SAN switch can cause config and secnotify processes within the firmware before Brocade Fabric OS v9.0.0, v8.2.2d and v8.2.1e to consume all memory leading to denial of service impacts possibly including a switch panic. | ||||
| CVE-2020-15385 | 1 Broadcom | 1 Sannav | 2022-07-12 | 5.4 Medium |
| Brocade SANnav before version 2.1.1 allows an authenticated attacker to list directories, and list files without permission. As a result, users without permission can see folders, and hidden files, and can create directories without permission. | ||||
| CVE-2022-28168 | 1 Broadcom | 1 Sannav | 2022-07-07 | 7.5 High |
| In Brocade SANnav before Brocade SANnav v2.2.0.2 and Brocade SANnav2.1.1.8, encoded scp-server passwords are stored using Base64 encoding, which could allow an attacker able to access log files to easily decode the passwords. | ||||
| CVE-2022-33739 | 1 Broadcom | 1 Ca Clarity | 2022-06-28 | 7.5 High |
| CA Clarity 15.8 and below and 15.9.0 contain an insecure XML parsing vulnerability that could allow a remote attacker to potentially view the contents of any file on the system. | ||||
| CVE-2022-33750 | 1 Broadcom | 1 Ca Automic Automation | 2022-06-28 | 9.8 Critical |
| CA Automic Automation 12.2 and 12.3 contain an authentication error vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary commands. | ||||
| CVE-2020-11662 | 1 Broadcom | 1 Ca Api Developer Portal | 2022-06-28 | 7.5 High |
| CA API Developer Portal 4.3.1 and earlier handles requests insecurely, which allows remote attackers to exploit a Cross-Origin Resource Sharing flaw and access sensitive information. | ||||
| CVE-2022-33752 | 1 Broadcom | 1 Ca Automic Automation | 2022-06-27 | 9.8 Critical |
| CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary code. | ||||