Filtered by vendor Broadcom
Subscriptions
Total
516 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-4334 | 1 Broadcom | 1 Raid Controller Web Interface | 2024-08-02 | 7.5 High |
Broadcom RAID Controller Web server (nginx) is serving private files without any authentication | ||||
CVE-2023-4325 | 1 Broadcom | 1 Raid Controller Web Interface | 2024-08-02 | 9.8 Critical |
Broadcom RAID Controller web interface is vulnerable due to usage of Libcurl with LSA has known vulnerabilities | ||||
CVE-2023-4329 | 1 Broadcom | 1 Raid Controller Web Interface | 2024-08-02 | 9.8 Critical |
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard SESSIONID cookie with SameSite attribute | ||||
CVE-2023-4335 | 2 Broadcom, Linux | 2 Raid Controller Web Interface, Linux Kernel | 2024-08-02 | 7.5 High |
Broadcom RAID Controller Web server (nginx) is serving private server-side files without any authentication on Linux | ||||
CVE-2023-4163 | 1 Broadcom | 1 Fabric Operating System | 2024-08-02 | 4.4 Medium |
In Brocade Fabric OS before v9.2.0a, a local authenticated privileged user can trigger a buffer overflow condition, leading to a kernel panic with large input to buffers in the portcfgfportbuffers command. | ||||
CVE-2023-3489 | 1 Broadcom | 1 Fabric Operating System | 2024-08-02 | 8.6 High |
The firmwaredownload command on Brocade Fabric OS v9.2.0 could log the FTP/SFTP/SCP server password in clear text in the SupportSave file when performing a downgrade from Fabric OS v9.2.0 to any earlier version of Fabric OS. | ||||
CVE-2024-36456 | 1 Broadcom | 1 Symantec Privileged Access Management | 2024-08-02 | N/A |
This vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file. | ||||
CVE-2024-36459 | 1 Broadcom | 1 Symantec Siteminder | 2024-08-02 | N/A |
A CRLF cross-site scripting vulnerability has been identified in certain configurations of the SiteMinder Web Agent for IIS Web Server and SiteMinder Web Agent for Domino Web Server. As a result, an attacker can execute arbitrary Javascript code in a client browser. | ||||
CVE-2024-36455 | 1 Broadcom | 1 Symantec Privileged Access Management | 2024-08-02 | N/A |
An improper input validation allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by sending a specially crafted HTTP request. | ||||
CVE-2024-23617 | 1 Broadcom | 1 Symantec Data Center Security Server | 2024-08-01 | 9.6 Critical |
A buffer overflow vulnerability exists in Symantec Data Loss Prevention version 14.0.2 and before. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a crafted document to achieve code execution. | ||||
CVE-2024-23615 | 1 Broadcom | 1 Symantec Messaging Gateway | 2024-08-01 | 10 Critical |
A buffer overflow vulnerability exists in Symantec Messaging Gateway versions 10.5 and before. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as root. | ||||
CVE-2024-23613 | 1 Broadcom | 1 Symantec Deployment Solutions | 2024-08-01 | 10 Critical |
A buffer overflow vulnerability exists in Symantec Deployment Solution version 7.9 when parsing UpdateComputer tokens. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as SYSTEM. | ||||
CVE-1999-1368 | 1 Broadcom | 1 Inoculateit | 2024-08-01 | N/A |
AV Option for MS Exchange Server option for InoculateIT 4.53, and possibly other versions, only scans the Inbox folder tree of a Microsoft Exchange server, which could allow viruses to escape detection if a user's rules cause the message to be moved to a different mailbox. | ||||
CVE-1999-1322 | 2 Broadcom, Microsoft | 3 Arcserve Backup, Inoculan, Exchange Server | 2024-08-01 | N/A |
The installation of 1ArcServe Backup and Inoculan AV client modules for Exchange create a log file, exchverify.log, which contains usernames and passwords in plaintext. | ||||
CVE-1999-1049 | 1 Broadcom | 1 Arcserve Backup | 2024-08-01 | N/A |
ARCserve NT agents use weak encryption (XOR) for passwords, which allows remote attackers to sniff the authentication request to port 6050 and decrypt the password. | ||||
CVE-1999-0355 | 1 Broadcom | 1 Controlit | 2024-08-01 | N/A |
Local or remote users can force ControlIT 4.5 to reboot or force a user to log out, resulting in a denial of service. |