Filtered by vendor Broadcom
Subscribe
Total
509 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-25625 | 1 Broadcom | 1 Symantec Privileged Access Management | 2022-09-01 | N/A | 8.8 HIGH |
| A malicious unauthorized PAM user can access the administration configuration data and change the values. | |||||
| CVE-1999-0355 | 1 Broadcom | 1 Controlit | 2022-08-17 | 5.0 MEDIUM | N/A |
| Local or remote users can force ControlIT 4.5 to reboot or force a user to log out, resulting in a denial of service. | |||||
| CVE-2021-26313 | 6 Amd, Arm, Broadcom and 3 more | 11 Ryzen 5 5600x, Ryzen 7 2700x, Ryzen Threadripper 2990wx and 8 more | 2022-08-01 | 2.1 LOW | 5.5 MEDIUM |
| Potential speculative code store bypass in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution of overwritten instructions, may cause an incorrect speculation and could result in data leakage. | |||||
| CVE-2020-8648 | 6 Broadcom, Canonical, Debian and 3 more | 9 Brocade Fabric Operating System Firmware, Ubuntu Linux, Debian Linux and 6 more | 2022-07-28 | 3.6 LOW | 7.1 HIGH |
| There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c. | |||||
| CVE-2021-27791 | 1 Broadcom | 1 Fabric Operating System | 2022-07-12 | 5.5 MEDIUM | 5.4 MEDIUM |
| The function that is used to parse the Authentication header in Brocade Fabric OS Web application service before Brocade Fabric OS v9.0.1a and v8.2.3a fails to properly process a malformed authentication header from the client, resulting in reading memory addresses outside the intended range. An unauthenticated attacker could discover a request, which could bypass the authentication process. | |||||
| CVE-2021-42773 | 1 Broadcom | 1 Emulex Hba Manager | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, could allow a user to retrieve an arbitrary file from a remote host with the GetDumpFile command. In non-secure mode, the user is unauthenticated. | |||||
| CVE-2021-27792 | 1 Broadcom | 1 Fabric Operating System | 2022-07-12 | 7.2 HIGH | 7.8 HIGH |
| The request handling functions in web management interface of Brocade Fabric OS versions before v9.0.1a, v8.2.3a, and v7.4.2h do not properly handle malformed user input, resulting in a service crash. An authenticated attacker could use this weakness to cause the FOS HTTP application handler to crash, requiring a reboot. | |||||
| CVE-2020-15388 | 1 Broadcom | 1 Fabric Operating System | 2022-07-12 | 4.0 MEDIUM | 6.5 MEDIUM |
| A vulnerability in the Brocade Fabric OS before Brocade Fabric OS v9.0.1a, v8.2.3, v8.2.0_CBN4, and v7.4.2h could allow an authenticated CLI user to abuse the history command to write arbitrary content to files. | |||||
| CVE-2020-15383 | 1 Broadcom | 1 Fabric Operating System | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| Running security scans against the SAN switch can cause config and secnotify processes within the firmware before Brocade Fabric OS v9.0.0, v8.2.2d and v8.2.1e to consume all memory leading to denial of service impacts possibly including a switch panic. | |||||
| CVE-2020-15385 | 1 Broadcom | 1 Sannav | 2022-07-12 | 5.5 MEDIUM | 5.4 MEDIUM |
| Brocade SANnav before version 2.1.1 allows an authenticated attacker to list directories, and list files without permission. As a result, users without permission can see folders, and hidden files, and can create directories without permission. | |||||
| CVE-2020-15386 | 1 Broadcom | 1 Fabric Operating System | 2022-07-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| Brocade Fabric OS prior to v9.0.1a and 8.2.3a and after v9.0.0 and 8.2.2d may observe high CPU load during security scanning, which could lead to a slower response to CLI commands and other operations. | |||||
| CVE-2022-28168 | 1 Broadcom | 1 Sannav | 2022-07-07 | 5.0 MEDIUM | 7.5 HIGH |
| In Brocade SANnav before Brocade SANnav v2.2.0.2 and Brocade SANnav2.1.1.8, encoded scp-server passwords are stored using Base64 encoding, which could allow an attacker able to access log files to easily decode the passwords. | |||||
| CVE-2022-33739 | 1 Broadcom | 1 Ca Clarity | 2022-06-28 | 5.0 MEDIUM | 7.5 HIGH |
| CA Clarity 15.8 and below and 15.9.0 contain an insecure XML parsing vulnerability that could allow a remote attacker to potentially view the contents of any file on the system. | |||||
| CVE-2022-33750 | 1 Broadcom | 1 Ca Automic Automation | 2022-06-28 | 7.5 HIGH | 9.8 CRITICAL |
| CA Automic Automation 12.2 and 12.3 contain an authentication error vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary commands. | |||||
| CVE-2020-11662 | 1 Broadcom | 1 Ca Api Developer Portal | 2022-06-28 | 5.0 MEDIUM | 7.5 HIGH |
| CA API Developer Portal 4.3.1 and earlier handles requests insecurely, which allows remote attackers to exploit a Cross-Origin Resource Sharing flaw and access sensitive information. | |||||
| CVE-2022-33752 | 1 Broadcom | 1 Ca Automic Automation | 2022-06-27 | 7.5 HIGH | 9.8 CRITICAL |
| CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary code. | |||||
| CVE-2022-33756 | 1 Broadcom | 1 Ca Automic Automation | 2022-06-27 | 5.0 MEDIUM | 7.5 HIGH |
| CA Automic Automation 12.2 and 12.3 contain an entropy weakness vulnerability in the Automic AutomationEngine that could allow a remote attacker to potentially access sensitive data. | |||||
| CVE-2022-33754 | 1 Broadcom | 1 Ca Automic Automation | 2022-06-27 | 7.5 HIGH | 9.8 CRITICAL |
| CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary code. | |||||
| CVE-2017-6429 | 1 Broadcom | 1 Tcpreplay | 2022-06-03 | 6.8 MEDIUM | 7.8 HIGH |
| Buffer overflow in the tcpcapinfo utility in Tcpreplay before 4.2.0 Beta 1 allows remote attackers to have unspecified impact via a pcap file with an over-size packet. | |||||
| CVE-2017-14266 | 1 Broadcom | 1 Tcpreplay | 2022-06-01 | 6.8 MEDIUM | 7.8 HIGH |
| tcprewrite in Tcpreplay 3.4.4 has a Heap-Based Buffer Overflow vulnerability triggered by a crafted PCAP file, a related issue to CVE-2016-6160. | |||||