Filtered by vendor Broadcom
Subscribe
Total
509 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-3489 | 1 Broadcom | 1 Fabric Operating System | 2023-11-24 | N/A | 7.5 HIGH |
| The firmwaredownload command on Brocade Fabric OS v9.2.0 could log the FTP/SFTP/SCP server password in clear text in the SupportSave file when performing a downgrade from Fabric OS v9.2.0 to any earlier version of Fabric OS. | |||||
| CVE-2023-37790 | 1 Broadcom | 1 Clarity | 2023-11-16 | N/A | 5.4 MEDIUM |
| Jaspersoft Clarity PPM version 14.3.0.298 was discovered to contain an arbitrary file upload vulnerability via the Profile Picture Upload function. | |||||
| CVE-2023-31428 | 1 Broadcom | 1 Brocade Fabric Operating System | 2023-11-16 | N/A | 5.5 MEDIUM |
| Brocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a vulnerability in the command line that could allow a local user to dump files under user's home directory using grep. | |||||
| CVE-2019-25013 | 5 Broadcom, Debian, Fedoraproject and 2 more | 10 Fabric Operating System, Debian Linux, Fedora and 7 more | 2023-11-09 | 7.1 HIGH | 5.9 MEDIUM |
| The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read. | |||||
| CVE-2023-27789 | 1 Broadcom | 1 Tcpreplay | 2023-11-07 | N/A | 7.5 HIGH |
| An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the cidr2cidr function at the cidr.c:178 endpoint. | |||||
| CVE-2023-27788 | 1 Broadcom | 1 Tcpreplay | 2023-11-07 | N/A | 7.5 HIGH |
| An issue found in TCPrewrite v.4.4.3 allows a remote attacker to cause a denial of service via the ports2PORT function at the portmap.c:69 endpoint. | |||||
| CVE-2023-27787 | 1 Broadcom | 1 Tcpreplay | 2023-11-07 | N/A | 7.5 HIGH |
| An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the parse_list function at the list.c:81 endpoint. | |||||
| CVE-2023-27786 | 1 Broadcom | 1 Tcpreplay | 2023-11-07 | N/A | 7.5 HIGH |
| An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the macinstring function. | |||||
| CVE-2023-27785 | 1 Broadcom | 1 Tcpreplay | 2023-11-07 | N/A | 7.5 HIGH |
| An issue found in TCPreplay TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the parse endpoints function. | |||||
| CVE-2023-27784 | 1 Broadcom | 1 Tcpreplay | 2023-11-07 | N/A | 7.5 HIGH |
| An issue found in TCPReplay v.4.4.3 allows a remote attacker to cause a denial of service via the read_hexstring function at the utils.c:309 endpoint. | |||||
| CVE-2023-27783 | 1 Broadcom | 1 Tcpreplay | 2023-11-07 | N/A | 7.5 HIGH |
| An issue found in TCPreplay tcprewrite v.4.4.3 allows a remote attacker to cause a denial of service via the tcpedit_dlt_cleanup function at plugins/dlt_plugins.c. | |||||
| CVE-2022-37049 | 2 Broadcom, Fedoraproject | 2 Tcpreplay, Fedora | 2023-11-07 | N/A | 7.8 HIGH |
| The component tcpprep in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in parse_mpls at common/get.c:150. NOTE: this is different from CVE-2022-27942. | |||||
| CVE-2022-37048 | 2 Broadcom, Fedoraproject | 2 Tcpreplay, Fedora | 2023-11-07 | N/A | 7.8 HIGH |
| The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_l2len_protocol at common/get.c:344. NOTE: this is different from CVE-2022-27941. | |||||
| CVE-2022-37047 | 2 Broadcom, Fedoraproject | 2 Tcpreplay, Fedora | 2023-11-07 | N/A | 7.8 HIGH |
| The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_ipv6_next at common/get.c:713. NOTE: this is different from CVE-2022-27940. | |||||
| CVE-2022-33187 | 1 Broadcom | 1 Brocade Sannav | 2023-11-07 | N/A | 4.9 MEDIUM |
| Brocade SANnav before v2.2.1 logs usernames and encoded passwords in debug-enabled logs. The vulnerability could allow an attacker with admin privilege to read sensitive information. | |||||
| CVE-2022-2068 | 6 Broadcom, Debian, Fedoraproject and 3 more | 43 Sannav, Debian Linux, Fedora and 40 more | 2023-11-07 | 10.0 HIGH | 9.8 CRITICAL |
| In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze). | |||||
| CVE-2022-28487 | 2 Broadcom, Fedoraproject | 2 Tcpreplay, Fedora | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| Tcpreplay version 4.4.1 contains a memory leakage flaw in fix_ipv6_checksums() function. The highest threat from this vulnerability is to data confidentiality. | |||||
| CVE-2022-27942 | 2 Broadcom, Fedoraproject | 2 Tcpreplay, Fedora | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| tcpprep in Tcpreplay 4.4.1 has a heap-based buffer over-read in parse_mpls in common/get.c. | |||||
| CVE-2022-27941 | 2 Broadcom, Fedoraproject | 2 Tcpreplay, Fedora | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_l2len_protocol in common/get.c. | |||||
| CVE-2022-27940 | 2 Broadcom, Fedoraproject | 2 Tcpreplay, Fedora | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_ipv6_next in common/get.c. | |||||