Filtered by vendor Broadcom
Subscriptions
Total
516 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2020-12595 | 1 Broadcom | 1 Symantec Messaging Gateway | 2024-08-04 | 4.9 Medium |
An information disclosure flaw allows a malicious, authenticated, privileged web UI user to obtain a password for a remote SCP backup server that they might not otherwise be authorized to access. This affects SMG prior to 10.7.4. | ||||
CVE-2020-12243 | 9 Apple, Broadcom, Canonical and 6 more | 28 Mac Os X, Brocade Fabric Operating System, Ubuntu Linux and 25 more | 2024-08-04 | 7.5 High |
In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash). | ||||
CVE-2020-11658 | 1 Broadcom | 1 Ca Api Developer Portal | 2024-08-04 | 9.8 Critical |
CA API Developer Portal 4.3.1 and earlier handles shared secret keys in an insecure manner, which allows attackers to bypass authorization. | ||||
CVE-2020-11659 | 1 Broadcom | 1 Ca Api Developer Portal | 2024-08-04 | 4.3 Medium |
CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to perform a restricted user administration action. | ||||
CVE-2020-11662 | 1 Broadcom | 1 Ca Api Developer Portal | 2024-08-04 | 7.5 High |
CA API Developer Portal 4.3.1 and earlier handles requests insecurely, which allows remote attackers to exploit a Cross-Origin Resource Sharing flaw and access sensitive information. | ||||
CVE-2020-11660 | 1 Broadcom | 1 Ca Api Developer Portal | 2024-08-04 | 6.5 Medium |
CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view restricted sensitive information. | ||||
CVE-2020-11666 | 1 Broadcom | 1 Ca Api Developer Portal | 2024-08-04 | 8.8 High |
CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows malicious users to elevate privileges. | ||||
CVE-2020-11664 | 1 Broadcom | 1 Ca Api Developer Portal | 2024-08-04 | 6.1 Medium |
CA API Developer Portal 4.3.1 and earlier handles homeRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks. | ||||
CVE-2020-11665 | 1 Broadcom | 1 Ca Api Developer Portal | 2024-08-04 | 6.1 Medium |
CA API Developer Portal 4.3.1 and earlier handles loginRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks. | ||||
CVE-2020-11663 | 1 Broadcom | 1 Ca Api Developer Portal | 2024-08-04 | 6.1 Medium |
CA API Developer Portal 4.3.1 and earlier handles 404 requests in an insecure manner, which allows attackers to perform open redirect attacks. | ||||
CVE-2020-11661 | 1 Broadcom | 1 Ca Api Developer Portal | 2024-08-04 | 8.1 High |
CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view and edit user data. | ||||
CVE-2020-8648 | 7 Broadcom, Canonical, Debian and 4 more | 14 Brocade Fabric Operating System Firmware, Ubuntu Linux, Debian Linux and 11 more | 2024-08-04 | 7.1 High |
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c. | ||||
CVE-2020-8012 | 1 Broadcom | 1 Unified Infrastructure Management | 2024-08-04 | 9.8 Critical |
CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains a buffer overflow vulnerability in the robot (controller) component. A remote attacker can execute arbitrary code. | ||||
CVE-2020-8011 | 1 Broadcom | 1 Unified Infrastructure Management | 2024-08-04 | 7.5 High |
CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains a null pointer dereference vulnerability in the robot (controller) component. A remote attacker can crash the Controller service. | ||||
CVE-2020-8010 | 1 Broadcom | 1 Unified Infrastructure Management | 2024-08-04 | 9.8 Critical |
CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains an improper ACL handling vulnerability in the robot (controller) component. A remote attacker can execute commands, read from, or write to the target system. | ||||
CVE-2020-1927 | 9 Apache, Broadcom, Canonical and 6 more | 17 Http Server, Brocade Fabric Operating System, Ubuntu Linux and 14 more | 2024-08-04 | 6.1 Medium |
In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL. | ||||
CVE-2021-46825 | 1 Broadcom | 2 Advanced Secure Gateway, Proxysg | 2024-08-04 | 9.1 Critical |
Symantec Advanced Secure Gateway (ASG) and ProxySG are susceptible to an HTTP desync vulnerability. When a remote unauthenticated attacker and other web clients communicate through the proxy with the same web server, the attacker can send crafted HTTP requests and cause the proxy to forward web server responses to unintended clients. Severity/CVSSv3: High / 8.1 AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N | ||||
CVE-2021-45387 | 1 Broadcom | 1 Tcpreplay | 2024-08-04 | 5.5 Medium |
tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv4() at tree.c. | ||||
CVE-2021-45386 | 1 Broadcom | 1 Tcpreplay | 2024-08-04 | 5.5 Medium |
tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv6() at tree.c | ||||
CVE-2021-44050 | 2 Broadcom, Microsoft | 4 Ca Network Flow Analysis, Windows Server 2012, Windows Server 2016 and 1 more | 2024-08-04 | 6.5 Medium |
CA Network Flow Analysis (NFA) 21.2.1 and earlier contain a SQL injection vulnerability in the NFA web application, due to insufficient input validation, that could potentially allow an authenticated user to access sensitive data. |