Filtered by vendor Broadcom
Subscriptions
Total
516 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2018-13825 | 2 Broadcom, Ca | 2 Project Portfolio Management, Project Portfolio Management | 2024-11-21 | N/A |
Insufficient input validation in the gridExcelExport functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to execute reflected cross-site scripting attacks. | ||||
CVE-2018-13824 | 2 Broadcom, Ca | 2 Project Portfolio Management, Project Portfolio Management | 2024-11-21 | N/A |
Insufficient input sanitization of two parameters in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to execute SQL injection attacks. | ||||
CVE-2018-13823 | 2 Broadcom, Ca | 2 Project Portfolio Management, Project Portfolio Management | 2024-11-21 | N/A |
An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to access sensitive information. | ||||
CVE-2018-13822 | 1 Broadcom | 1 Project Portfolio Management | 2024-11-21 | 7.5 High |
Unprotected storage of credentials in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows attackers to access sensitive information. | ||||
CVE-2018-13112 | 1 Broadcom | 1 Tcpreplay | 2024-11-21 | N/A |
get_l2len in common/get.c in Tcpreplay 4.3.0 beta1 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packets, as demonstrated by tcpprep. | ||||
CVE-2017-9417 | 1 Broadcom | 4 Bcm4354 Wi-fi Chipset, Bcm4358 Wi-fi Chipset, Bcm4359 Wi-fi Chipset and 1 more | 2024-11-21 | N/A |
Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute arbitrary code via unspecified vectors, aka the "Broadpwn" issue. | ||||
CVE-2017-6957 | 1 Broadcom | 2 Bcm4339 Soc, Bcm4339 Soc Firmware | 2024-11-21 | N/A |
Stack-based buffer overflow in the firmware in Broadcom Wi-Fi HardMAC SoC chips, when the firmware supports CCKM Fast and Secure Roaming and the feature is enabled in RAM, allows remote attackers to execute arbitrary code via a crafted reassociation response frame with a Cisco IE (156). | ||||
CVE-2017-6956 | 1 Broadcom | 2 Hardmac Wi-fi Soc, Hardmac Wi-fi Soc Firmware | 2024-11-21 | N/A |
On the Broadcom Wi-Fi HardMAC SoC with fbt firmware, a stack buffer overflow occurs when handling an 802.11r (FT) authentication response, leading to remote code execution via a crafted access point that sends a long R0KH-ID field in a Fast BSS Transition Information Element (FT-IE). | ||||
CVE-2017-6429 | 1 Broadcom | 1 Tcpreplay | 2024-11-21 | 7.8 High |
Buffer overflow in the tcpcapinfo utility in Tcpreplay before 4.2.0 Beta 1 allows remote attackers to have unspecified impact via a pcap file with an over-size packet. | ||||
CVE-2017-6227 | 2 Broadcom, Brocade | 2 Fabric Operating System, Fabric Os | 2024-11-21 | N/A |
A vulnerability in the IPv6 stack on Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) versions before 7.4.2b, 8.1.2 and 8.2.0 could allow an attacker to cause a denial of service (CPU consumption and device hang) condition by sending crafted Router Advertisement (RA) messages to a targeted system. | ||||
CVE-2017-6225 | 2 Broadcom, Brocade | 2 Fabric Operating System, Fabric Os | 2024-11-21 | N/A |
Cross-site scripting (XSS) vulnerability in the web-based management interface of Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) versions before 7.4.2b, 8.1.2 and 8.2.0 could allow remote attackers to execute arbitrary code or access sensitive browser-based information. | ||||
CVE-2017-18268 | 1 Broadcom | 1 Symantec Intelligencecenter | 2024-11-21 | 5.9 Medium |
Symantec IntelligenceCenter 3.3 is vulnerable to the Return of the Bleichenbacher Oracle Threat (ROBOT) attack. A remote attacker, who has captured a pre-recorded SSL session inspected by SSLV, can establish large numbers of crafted SSL connections to the target and obtain the session keys required to decrypt the pre-recorded SSL session. | ||||
CVE-2017-15533 | 1 Broadcom | 1 Ssl Visibility Appliance | 2024-11-21 | N/A |
Symantec SSL Visibility (SSLV) 3.8.4FC, 3.10 prior to 3.10.4.1, 3.11, and 3.12 prior to 3.12.2.1 are vulnerable to the Return of the Bleichenbacher Oracle Threat (ROBOT) attack. All affected SSLV versions act as weak oracles according the oracle classification used in the ROBOT research paper. A remote attacker, who has captured a pre-recorded SSL session inspected by SSLV, can establish multiple millions of crafted SSL connections to the target and obtain the session keys required to decrypt the pre-recorded SSL session. | ||||
CVE-2017-14266 | 1 Broadcom | 1 Tcpreplay | 2024-11-21 | 7.8 High |
tcprewrite in Tcpreplay 3.4.4 has a Heap-Based Buffer Overflow vulnerability triggered by a crafted PCAP file, a related issue to CVE-2016-6160. | ||||
CVE-2017-13678 | 1 Broadcom | 2 Advanced Secure Gateway, Symantec Proxysg | 2024-11-21 | N/A |
Stored XSS vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles. A malicious appliance administrator can inject arbitrary JavaScript code in the management console web client application. | ||||
CVE-2017-13677 | 1 Broadcom | 2 Advanced Secure Gateway, Symantec Proxysg | 2024-11-21 | N/A |
Denial-of-service (DoS) vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles. A remote attacker can use crafted HTTP/HTTPS requests to cause denial-of-service through management console application crashes. | ||||
CVE-2017-11122 | 2 Apple, Broadcom | 4 Iphone Os, Tvos, Bcm4355c0 and 1 more | 2024-11-21 | N/A |
On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56, an attacker can trigger an information leak due to insufficient length validation, related to ICMPv6 router advertisement offloading. | ||||
CVE-2017-11121 | 2 Apple, Broadcom | 4 Iphone Os, Tvos, Bcm4355c0 and 1 more | 2024-11-21 | N/A |
On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, properly crafted malicious over-the-air Fast Transition frames can potentially trigger internal Wi-Fi firmware heap and/or stack overflows, leading to denial of service or other effects, aka B-V2017061205. | ||||
CVE-2017-11120 | 2 Apple, Broadcom | 4 Iphone Os, Tvos, Bcm4355c0 and 1 more | 2024-11-21 | N/A |
On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, an attacker can craft a malformed RRM neighbor report frame to trigger an internal buffer overflow in the Wi-Fi firmware, aka B-V2017061204. | ||||
CVE-2016-9795 | 6 Broadcom, Ca, Hp and 3 more | 10 Ca Workload Automation Ae, Client Automation, Systemedge and 7 more | 2024-11-21 | 7.8 High |
The casrvc program in CA Common Services, as used in CA Client Automation 12.8, 12.9, and 14.0; CA SystemEDGE 5.8.2 and 5.9; CA Systems Performance for Infrastructure Managers 12.8 and 12.9; CA Universal Job Management Agent 11.2; CA Virtual Assurance for Infrastructure Managers 12.8 and 12.9; CA Workload Automation AE 11, 11.3, 11.3.5, and 11.3.6 on AIX, HP-UX, Linux, and Solaris allows local users to modify arbitrary files and consequently gain root privileges via vectors related to insufficient validation. |