Filtered by vendor Broadcom
Subscribe
Total
509 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0996 | 1 Broadcom | 1 Unicenter Remote Control Host | 2021-04-13 | 4.6 MEDIUM | N/A |
| Unknown "System Security Vulnerability" in Computer Associates (CA) Unicenter Remote Control (URC) 6.0 allows attackers to gain privileges via the help interface. | |||||
| CVE-2003-0997 | 1 Broadcom | 1 Unicenter Remote Control Host | 2021-04-13 | 5.0 MEDIUM | N/A |
| Unknown "Denial of Service Attack" vulnerability in Computer Associates (CA) Unicenter Remote Control (URC) 6.0 allows attackers to cause a denial of service (CPU consumption in URC host service). | |||||
| CVE-2006-0307 | 2 Broadcom, Ca | 7 Brightstor Arcserve Backup Laptops Desktops, Brightstor Mobile Backup, Business Protection Suite and 4 more | 2021-04-13 | 5.0 MEDIUM | N/A |
| The DM Primer in the DM Deployment Common Component in Computer Associates (CA) BrightStor Mobile Backup r4.0, BrightStor ARCserve Backup for Laptops & Desktops r11.0, r11.1, r11.1 SP1, Unicenter Remote Control 6.0, 6.0 SP1, CA Desktop Protection Suite r2, CA Server Protection Suite r2, and CA Business Protection Suite r2 allows remote attackers to cause a denial of service (CPU consumption and log file consumption) via unspecified "unrecognized network messages" that are not properly handled. | |||||
| CVE-2005-0640 | 1 Broadcom | 1 Unicenter Asset Management | 2021-04-12 | 4.6 MEDIUM | N/A |
| Computer Associates (CA) Unicenter Asset Management (UAM) 4.0 does not properly initialize the "Change Credentials for Database" window, which allows local users to recover the SQL Admin password via certain methods. | |||||
| CVE-2005-0642 | 1 Broadcom | 1 Unicenter Asset Management | 2021-04-12 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Query Designer for Computer Associates (CA) Unicenter Asset Management (UAM) 4.0 allows remote attackers to execute arbitrary SQL via an imported file. | |||||
| CVE-2005-0641 | 1 Broadcom | 1 Unicenter Asset Management | 2021-04-12 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Reporter for Computer Associates (CA) Unicenter Asset Management (UAM) 4.0 allows remote attackers to inject arbitrary HTML or web script via the (1) name or (2) description in a report template. | |||||
| CVE-2015-2828 | 1 Broadcom | 1 Spectrum | 2021-04-12 | 9.0 HIGH | N/A |
| CA Spectrum 9.2.x and 9.3.x before 9.3 H02 does not properly validate serialized Java objects, which allows remote authenticated users to obtain administrative privileges via crafted object data. | |||||
| CVE-2015-2827 | 1 Broadcom | 1 Spectrum | 2021-04-12 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in CA Spectrum 9.2.x and 9.3.x before 9.3 H02 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2018-15691 | 1 Broadcom | 1 Release Automation | 2021-04-12 | 7.5 HIGH | 9.8 CRITICAL |
| Insecure deserialization of a specially crafted serialized object, in CA Release Automation 6.5 and earlier, allows attackers to potentially execute arbitrary code. | |||||
| CVE-2014-8247 | 1 Broadcom | 1 Release Automation | 2021-04-12 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in CA Release Automation (formerly iTKO LISA Release Automation) before 4.7.1 b448 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2014-8248 | 1 Broadcom | 1 Release Automation | 2021-04-12 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in CA Release Automation (formerly iTKO LISA Release Automation) before 4.7.1 b448 allows remote authenticated users to execute arbitrary SQL commands via a crafted query. | |||||
| CVE-2014-8246 | 1 Broadcom | 1 Release Automation | 2021-04-12 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in CA Release Automation (formerly iTKO LISA Release Automation) before 4.7.1 b448 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | |||||
| CVE-2015-8699 | 1 Broadcom | 1 Release Automation | 2021-04-12 | 4.3 MEDIUM | 6.1 MEDIUM |
| Multiple cross-site scripting (XSS) vulnerabilities in CA Release Automation (formerly LISA Release Automation) 5.0.2 before 5.0.2-227, 5.5.1 before 5.5.1-1616, 5.5.2 before 5.5.2-434, and 6.1.0 before 6.1.0-1026 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2015-8698 | 1 Broadcom | 1 Release Automation | 2021-04-12 | 3.6 LOW | 7.1 HIGH |
| CA Release Automation (formerly LISA Release Automation) 5.0.2 before 5.0.2-227, 5.5.1 before 5.5.1-1616, 5.5.2 before 5.5.2-434, and 6.1.0 before 6.1.0-1026 allows remote attackers to read arbitrary files or cause a denial of service via a request containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | |||||
| CVE-2018-13822 | 1 Broadcom | 1 Project Portfolio Management | 2021-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| Unprotected storage of credentials in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows attackers to access sensitive information. | |||||
| CVE-2018-13823 | 2 Broadcom, Ca | 2 Project Portfolio Management, Project Portfolio Management | 2021-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to access sensitive information. | |||||
| CVE-2018-13826 | 2 Broadcom, Ca | 2 Project Portfolio Management, Project Portfolio Management | 2021-04-12 | 6.4 MEDIUM | 9.1 CRITICAL |
| An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to conduct server side request forgery attacks. | |||||
| CVE-2018-13825 | 2 Broadcom, Ca | 2 Project Portfolio Management, Project Portfolio Management | 2021-04-12 | 4.3 MEDIUM | 6.1 MEDIUM |
| Insufficient input validation in the gridExcelExport functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to execute reflected cross-site scripting attacks. | |||||
| CVE-2018-13824 | 2 Broadcom, Ca | 2 Project Portfolio Management, Project Portfolio Management | 2021-04-12 | 7.5 HIGH | 9.8 CRITICAL |
| Insufficient input sanitization of two parameters in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to execute SQL injection attacks. | |||||
| CVE-2019-7392 | 1 Broadcom | 1 Privileged Access Manager | 2021-04-12 | 6.4 MEDIUM | 9.1 CRITICAL |
| An improper authentication vulnerability in CA Privileged Access Manager 3.x Web-UI jk-manager and jk-status allows a remote attacker to gain sensitive information or alter configuration. | |||||