Filtered by vendor Broadcom
Subscriptions
Total
516 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-23952 | 1 Broadcom | 2 Advanced Secure Gateway, Content Analysis | 2024-08-02 | 9.8 Critical |
| Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to a Command Injection vulnerability. | ||||
| CVE-2023-23956 | 1 Broadcom | 1 Symantec Siteminder Webagent | 2024-08-02 | 5.4 Medium |
| A user can supply malicious HTML and JavaScript code that will be executed in the client browser | ||||
| CVE-2023-23955 | 1 Broadcom | 2 Advanced Secure Gateway, Content Analysis | 2024-08-02 | 8.1 High |
| Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to a Server-Side Request Forgery vulnerability. | ||||
| CVE-2023-23949 | 1 Broadcom | 2 Symantec Identity Governance And Administration, Symantec Identity Manager | 2024-08-02 | 5.4 Medium |
| An authenticated user can supply malicious HTML and JavaScript code that will be executed in the client browser. | ||||
| CVE-2023-23951 | 1 Broadcom | 2 Symantec Identity Governance And Administration, Symantec Identity Manager | 2024-08-02 | 6.1 Medium |
| Ability to enumerate the Oracle LDAP attributes for the current user by modifying the query used by the application | ||||
| CVE-2023-23954 | 1 Broadcom | 2 Advanced Secure Gateway, Content Analysis | 2024-08-02 | 5.4 Medium |
| Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to a Stored Cross-Site Scripting vulnerability. | ||||
| CVE-2023-23950 | 1 Broadcom | 2 Symantec Identity Governance And Administration, Symantec Identity Manager | 2024-08-02 | 6.1 Medium |
| User’s supplied input (usually a CRLF sequence) can be used to split a returning response into two responses. | ||||
| CVE-2023-4256 | 2 Broadcom, Fedoraproject | 3 Tcpreplay, Extra Packages For Enterprise Linux, Fedora | 2024-08-02 | 5.5 Medium |
| Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. This vulnerability can be exploited by supplying a specifically crafted file to the tcprewrite binary. This flaw enables a local attacker to initiate a Denial of Service (DoS) attack. | ||||
| CVE-2023-4340 | 1 Broadcom | 1 Raid Controller Web Interface | 2024-08-02 | 9.8 Critical |
| Broadcom RAID Controller is vulnerable to Privilege escalation by taking advantage of the Session prints in the log file | ||||
| CVE-2023-4333 | 2 Broadcom, Microsoft | 2 Raid Controller Web Interface, Windows | 2024-08-02 | 5.5 Medium |
| Broadcom RAID Controller web interface doesn’t enforce SSL cipher ordering by server | ||||
| CVE-2023-4345 | 1 Broadcom | 1 Raid Controller Web Interface | 2024-08-02 | 6.5 Medium |
| Broadcom RAID Controller web interface is vulnerable client-side control bypass leads to unauthorized data access for low privileged user | ||||
| CVE-2023-4341 | 1 Broadcom | 1 Raid Controller Web Interface | 2024-08-02 | 9.8 Critical |
| Broadcom RAID Controller is vulnerable to Privilege escalation to root due to creation of insecure folders by Web GUI | ||||
| CVE-2023-4343 | 1 Broadcom | 1 Raid Controller Web Interface | 2024-08-02 | 7.5 High |
| Broadcom RAID Controller web interface is vulnerable due to exposure of sensitive password information in the URL as a URL search parameter | ||||
| CVE-2023-4342 | 1 Broadcom | 1 Raid Controller Web Interface | 2024-08-02 | 9.8 Critical |
| Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP strict-transport-security policy | ||||
| CVE-2023-4337 | 1 Broadcom | 1 Raid Controller Web Interface | 2024-08-02 | 9.8 Critical |
| Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation | ||||
| CVE-2023-4339 | 1 Broadcom | 1 Raid Controller Web Interface | 2024-08-02 | 7.5 High |
| Broadcom RAID Controller web interface is vulnerable to exposure of private keys used for CIM stored with insecure file permissions | ||||
| CVE-2023-4338 | 1 Broadcom | 1 Raid Controller Web Interface | 2024-08-02 | 9.8 Critical |
| Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not provide X-Content-Type-Options Headers | ||||
| CVE-2023-4324 | 1 Broadcom | 1 Raid Controller Web Interface | 2024-08-02 | 9.8 Critical |
| Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers | ||||
| CVE-2023-4323 | 1 Broadcom | 1 Raid Controller Web Interface | 2024-08-02 | 9.8 Critical |
| Broadcom RAID Controller web interface is vulnerable to improper session management of active sessions on Gateway setup | ||||
| CVE-2023-4336 | 1 Broadcom | 1 Raid Controller Web Interface | 2024-08-02 | 9.8 Critical |
| Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard cookies with Secure attribute | ||||