Vulnerabilities (CVE)

Filtered by vendor Broadcom Subscribe
Total 379 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-28162 1 Broadcom 1 Sannav 2022-05-17 2.1 LOW 3.3 LOW
Brocade SANnav before version SANnav 2.2.0 logs the REST API Authentication token in plain text.
CVE-2022-28165 1 Broadcom 1 Sannav 2022-05-17 6.5 MEDIUM 8.8 HIGH
A vulnerability in the role-based access control (RBAC) functionality of the Brocade SANNav before 2.2.0 could allow an authenticated, remote attacker to access resources that they should not be able to access and perform actions that they should not be able to perform. The vulnerability exists because restrictions are not performed on Server side to ensure the user has required permission before processing requests.
CVE-2021-31879 3 Broadcom, Gnu, Netapp 8 Brocade Fabric Operating System Firmware, Wget, 500f and 5 more 2022-05-13 5.8 MEDIUM 6.1 MEDIUM
GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007.
CVE-2022-28164 1 Broadcom 1 Sannav 2022-05-13 4.0 MEDIUM 6.5 MEDIUM
Brocade SANnav before SANnav 2.2.0 application uses the Blowfish symmetric encryption algorithm for the storage of passwords. This could allow an authenticated attacker to decrypt stored account passwords.
CVE-2022-28163 1 Broadcom 1 Sannav 2022-05-13 7.5 HIGH 9.8 CRITICAL
In Brocade SANnav before Brocade SANnav 2.2.0, multiple endpoints associated with Zone management are susceptible to SQL injection, allowing an attacker to run arbitrary SQL commands.
CVE-2021-36160 6 Apache, Broadcom, Debian and 3 more 13 Http Server, Brocade Fabric Operating System Firmware, Debian Linux and 10 more 2022-05-13 5.0 MEDIUM 7.5 HIGH
A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive).
CVE-2021-34798 7 Apache, Broadcom, Debian and 4 more 14 Http Server, Brocade Fabric Operating System Firmware, Debian Linux and 11 more 2022-05-13 5.0 MEDIUM 7.5 HIGH
Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier.
CVE-2022-28487 1 Broadcom 1 Tcpreplay 2022-05-12 5.0 MEDIUM 7.5 HIGH
Tcpreplay version 4.4.1 contains a memory leakage flaw in fix_ipv6_checksums() function. The highest threat from this vulnerability is to data confidentiality.
CVE-2021-27790 1 Broadcom 1 Fabric Operating System 2022-05-03 7.2 HIGH 7.8 HIGH
The command ipfilter in Brocade Fabric OS before Brocade Fabric OS v.9.0.1a, v8.2.3, and v8.2.0_CBN4, and v7.4.2h uses unsafe string function to process user input. Authenticated attackers can abuse this vulnerability to exploit stack-based buffer overflows, allowing execution of arbitrary code as the root user account.
CVE-2020-8010 1 Broadcom 1 Unified Infrastructure Management 2022-04-29 10.0 HIGH 9.8 CRITICAL
CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains an improper ACL handling vulnerability in the robot (controller) component. A remote attacker can execute commands, read from, or write to the target system.
CVE-2020-8012 1 Broadcom 1 Unified Infrastructure Management 2022-04-29 7.5 HIGH 9.8 CRITICAL
CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains a buffer overflow vulnerability in the robot (controller) component. A remote attacker can execute arbitrary code.
CVE-2020-12243 8 Apple, Broadcom, Canonical and 5 more 26 Mac Os X, Brocade Fabric Operating System, Ubuntu Linux and 23 more 2022-04-29 5.0 MEDIUM 7.5 HIGH
In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash).
CVE-2020-1927 8 Apache, Broadcom, Canonical and 5 more 14 Http Server, Brocade Fabric Operating System, Ubuntu Linux and 11 more 2022-04-26 5.8 MEDIUM 6.1 MEDIUM
In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.
CVE-2022-27416 1 Broadcom 1 Tcpreplay 2022-04-20 5.1 MEDIUM 7.8 HIGH
Tcpreplay v4.4.1 was discovered to contain a double-free via __interceptor_free.
CVE-2022-27418 1 Broadcom 1 Tcpreplay 2022-04-20 5.1 MEDIUM 7.8 HIGH
Tcpreplay v4.4.1 has a heap-based buffer overflow in do_checksum_math at /tcpedit/checksum.c.
CVE-2022-23305 4 Apache, Broadcom, Netapp and 1 more 4 Log4j, Brocade Sannav, Snapmanager and 1 more 2022-04-20 6.8 MEDIUM 9.8 CRITICAL
By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be included. This allows attackers to manipulate the SQL by entering crafted strings into input fields or headers of an application that are logged allowing unintended SQL queries to be executed. Note this issue only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default. Beginning in version 2.0-beta8, the JDBCAppender was re-introduced with proper support for parameterized SQL queries and further customization over the columns written to in logs. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions.
CVE-2022-23302 4 Apache, Broadcom, Netapp and 1 more 4 Log4j, Brocade Sannav, Snapmanager and 1 more 2022-04-20 6.0 MEDIUM 8.8 HIGH
JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to. The attacker can provide a TopicConnectionFactoryBindingName configuration causing JMSSink to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-4104. Note this issue only affects Log4j 1.x when specifically configured to use JMSSink, which is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions.
CVE-2019-25013 4 Broadcom, Fedoraproject, Gnu and 1 more 9 Fabric Operating System, Fedora, Glibc and 6 more 2022-04-20 7.1 HIGH 5.9 MEDIUM
The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.
CVE-2019-9503 2 Broadcom, Redhat 2 Brcmfmac Driver, Enterprise Linux 2022-04-18 7.9 HIGH 8.3 HIGH
The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a remote source, the is_wlc_event_frame function will cause this frame to be discarded and unprocessed. If the driver receives the firmware event frame from the host, the appropriate handler is called. This frame validation can be bypassed if the bus used is USB (for instance by a wifi dongle). This can allow firmware event frames from a remote source to be processed. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions.
CVE-2019-18683 6 Broadcom, Canonical, Debian and 3 more 23 Fabric Operating System, Ubuntu Linux, Debian Linux and 20 more 2022-04-18 6.9 MEDIUM 7.0 HIGH
An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race conditions during streaming stopping in this driver (part of the V4L2 subsystem). These issues are caused by wrong mutex locking in vivid_stop_generating_vid_cap(), vivid_stop_generating_vid_out(), sdr_cap_stop_streaming(), and the corresponding kthreads. At least one of these race conditions leads to a use-after-free.