Filtered by vendor Broadcom Subscriptions
Total 516 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-12595 1 Broadcom 1 Symantec Messaging Gateway 2024-08-04 4.9 Medium
An information disclosure flaw allows a malicious, authenticated, privileged web UI user to obtain a password for a remote SCP backup server that they might not otherwise be authorized to access. This affects SMG prior to 10.7.4.
CVE-2020-12243 9 Apple, Broadcom, Canonical and 6 more 28 Mac Os X, Brocade Fabric Operating System, Ubuntu Linux and 25 more 2024-08-04 7.5 High
In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash).
CVE-2020-11658 1 Broadcom 1 Ca Api Developer Portal 2024-08-04 9.8 Critical
CA API Developer Portal 4.3.1 and earlier handles shared secret keys in an insecure manner, which allows attackers to bypass authorization.
CVE-2020-11659 1 Broadcom 1 Ca Api Developer Portal 2024-08-04 4.3 Medium
CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to perform a restricted user administration action.
CVE-2020-11662 1 Broadcom 1 Ca Api Developer Portal 2024-08-04 7.5 High
CA API Developer Portal 4.3.1 and earlier handles requests insecurely, which allows remote attackers to exploit a Cross-Origin Resource Sharing flaw and access sensitive information.
CVE-2020-11660 1 Broadcom 1 Ca Api Developer Portal 2024-08-04 6.5 Medium
CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view restricted sensitive information.
CVE-2020-11666 1 Broadcom 1 Ca Api Developer Portal 2024-08-04 8.8 High
CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows malicious users to elevate privileges.
CVE-2020-11664 1 Broadcom 1 Ca Api Developer Portal 2024-08-04 6.1 Medium
CA API Developer Portal 4.3.1 and earlier handles homeRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks.
CVE-2020-11665 1 Broadcom 1 Ca Api Developer Portal 2024-08-04 6.1 Medium
CA API Developer Portal 4.3.1 and earlier handles loginRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks.
CVE-2020-11663 1 Broadcom 1 Ca Api Developer Portal 2024-08-04 6.1 Medium
CA API Developer Portal 4.3.1 and earlier handles 404 requests in an insecure manner, which allows attackers to perform open redirect attacks.
CVE-2020-11661 1 Broadcom 1 Ca Api Developer Portal 2024-08-04 8.1 High
CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view and edit user data.
CVE-2020-8648 7 Broadcom, Canonical, Debian and 4 more 14 Brocade Fabric Operating System Firmware, Ubuntu Linux, Debian Linux and 11 more 2024-08-04 7.1 High
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.
CVE-2020-8012 1 Broadcom 1 Unified Infrastructure Management 2024-08-04 9.8 Critical
CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains a buffer overflow vulnerability in the robot (controller) component. A remote attacker can execute arbitrary code.
CVE-2020-8011 1 Broadcom 1 Unified Infrastructure Management 2024-08-04 7.5 High
CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains a null pointer dereference vulnerability in the robot (controller) component. A remote attacker can crash the Controller service.
CVE-2020-8010 1 Broadcom 1 Unified Infrastructure Management 2024-08-04 9.8 Critical
CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains an improper ACL handling vulnerability in the robot (controller) component. A remote attacker can execute commands, read from, or write to the target system.
CVE-2020-1927 9 Apache, Broadcom, Canonical and 6 more 17 Http Server, Brocade Fabric Operating System, Ubuntu Linux and 14 more 2024-08-04 6.1 Medium
In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.
CVE-2021-46825 1 Broadcom 2 Advanced Secure Gateway, Proxysg 2024-08-04 9.1 Critical
Symantec Advanced Secure Gateway (ASG) and ProxySG are susceptible to an HTTP desync vulnerability. When a remote unauthenticated attacker and other web clients communicate through the proxy with the same web server, the attacker can send crafted HTTP requests and cause the proxy to forward web server responses to unintended clients. Severity/CVSSv3: High / 8.1 AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
CVE-2021-45387 1 Broadcom 1 Tcpreplay 2024-08-04 5.5 Medium
tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv4() at tree.c.
CVE-2021-45386 1 Broadcom 1 Tcpreplay 2024-08-04 5.5 Medium
tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv6() at tree.c
CVE-2021-44050 2 Broadcom, Microsoft 4 Ca Network Flow Analysis, Windows Server 2012, Windows Server 2016 and 1 more 2024-08-04 6.5 Medium
CA Network Flow Analysis (NFA) 21.2.1 and earlier contain a SQL injection vulnerability in the NFA web application, due to insufficient input validation, that could potentially allow an authenticated user to access sensitive data.