Vulnerabilities (CVE)

Filtered by vendor Broadcom Subscribe
Total 506 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-31432 1 Broadcom 1 Brocade Fabric Operating System 2024-02-16 N/A 7.8 HIGH
Through manipulation of passwords or other variables, using commands such as portcfgupload, configupload, license, myid, a non-privileged user could obtain root privileges in Brocade Fabric OS versions before Brocade Fabric OS v9.1.1c and v9.2.0.
CVE-2023-31427 1 Broadcom 1 Fabric Operating System 2024-02-16 N/A 7.8 HIGH
Brocade Fabric OS versions before Brocade Fabric OS v9.1.1c, and v9.2.0 Could allow an authenticated, local user with knowledge of full path names inside Brocade Fabric OS to execute any command regardless of assigned privilege. Starting with Fabric OS v9.1.0, “root” account access is disabled.
CVE-2023-31926 1 Broadcom 1 Brocade Fabric Operating System 2024-02-16 N/A 7.1 HIGH
System files could be overwritten using the less command in Brocade Fabric OS before Brocade Fabric OS v9.1.1c and v9.2.0.
CVE-2023-31928 1 Broadcom 1 Brocade Fabric Operating System 2024-02-16 N/A 6.1 MEDIUM
A reflected cross-site scripting (XSS) vulnerability exists in Brocade Webtools PortSetting.html of Brocade Fabric OS version before Brocade Fabric OS v9.2.0 that could allow a remote unauthenticated attacker to execute arbitrary JavaScript code in a target user’s session with the Brocade Webtools application.
CVE-2023-31426 1 Broadcom 1 Fabric Operating System 2024-02-15 N/A 6.5 MEDIUM
The Brocade Fabric OS Commands “configupload” and “configdownload” before Brocade Fabric OS v9.1.1c, v8.2.3d, v9.2.0 print scp, sftp, ftp servers passwords in supportsave. This could allow a remote authenticated attacker to access sensitive information.
CVE-2009-2705 2 Broadcom, Sun 2 Siteminder, J2ee 2024-02-14 4.3 MEDIUM N/A
CA SiteMinder allows remote attackers to bypass cross-site scripting (XSS) protections for J2EE applications via a request containing non-canonical, "overlong Unicode" in place of blacklisted characters.
CVE-2004-0267 1 Broadcom 1 Inoculateit 2024-02-14 2.1 LOW N/A
The (1) inoregupdate, (2) uniftest, or (3) unimove scripts in eTrust InoculateIT for Linux 6.0 allow local users to overwrite arbitrary files via a symlink attack on files in /tmp.
CVE-2006-0306 2 Broadcom, Ca 7 Brightstor Arcserve Backup Laptops Desktops, Brightstor Mobile Backup, Business Protection Suite and 4 more 2024-02-14 5.0 MEDIUM N/A
The DM Primer (dmprimer.exe) in the DM Deployment Common Component in Computer Associates (CA) BrightStor Mobile Backup r4.0, BrightStor ARCserve Backup for Laptops & Desktops r11.0, r11.1, r11.1 SP1, Unicenter Remote Control 6.0, 6.0 SP1, CA Desktop Protection Suite r2, CA Server Protection Suite r2, and CA Business Protection Suite r2 allows remote attackers to cause a denial of service (CPU consumption or application hang) via a large network packet, which causes a WSAEMESGSIZE error code that is not handled, leading to a thread exit.
CVE-2004-2092 1 Broadcom 1 Inoculateit 2024-02-14 4.6 MEDIUM N/A
eTrust InoculateIT for Linux 6.0 uses insecure permissions for multiple files and directories, including the application's registry and tmp directories, which allows local users to delete, modify, or examine sensitive information.
CVE-2004-2397 1 Broadcom 1 Bluecoat Security Gateway 2024-02-13 5.0 MEDIUM 7.5 HIGH
The web-based Management Console in Blue Coat Security Gateway OS 3.0 through 3.1.3.13 and 3.2.1, when importing a private key, stores the key and its passphrase in plaintext in a log file, which allows attackers to steal digital certificates.
CVE-2024-23615 1 Broadcom 1 Symantec Messaging Gateway 2024-01-31 10.0 HIGH 9.8 CRITICAL
A buffer overflow vulnerability exists in Symantec Messaging Gateway versions 10.5 and before. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as root.
CVE-2024-23617 1 Broadcom 1 Symantec Data Center Security Server 2024-01-31 9.3 HIGH 8.8 HIGH
A buffer overflow vulnerability exists in Symantec Data Loss Prevention version 14.0.2 and before. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a crafted document to achieve code execution.
CVE-2024-23616 1 Broadcom 1 Symantec Server Management Suite 2024-01-31 10.0 HIGH 9.8 CRITICAL
A buffer overflow vulnerability exists in Symantec Server Management Suite version 7.9 and before. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as SYSTEM.
CVE-2024-23614 1 Broadcom 1 Symantec Messaging Gateway 2024-01-31 9.4 HIGH 9.8 CRITICAL
A buffer overflow vulnerability exists in Symantec Messaging Gateway versions 9.5 and before. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as root.
CVE-2024-23613 1 Broadcom 1 Symantec Deployment Solutions 2024-01-31 9.3 HIGH 9.8 CRITICAL
A buffer overflow vulnerability exists in Symantec Deployment Solution version 7.9 when parsing UpdateComputer tokens. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as SYSTEM.
CVE-2023-4256 2 Broadcom, Fedoraproject 3 Tcpreplay, Extra Packages For Enterprise Linux, Fedora 2024-01-03 N/A 5.5 MEDIUM
Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. This vulnerability can be exploited by supplying a specifically crafted file to the tcprewrite binary. This flaw enables a local attacker to initiate a Denial of Service (DoS) attack.
CVE-2023-31431 1 Broadcom 1 Brocade Fabric Operating System 2023-12-21 N/A 5.5 MEDIUM
A buffer overflow vulnerability in “diagstatus” command in Brocade Fabric OS before Brocade Fabric v9.2.0 and v9.1.1c could allow an authenticated user to crash the Brocade Fabric OS switch leading to a denial of service.
CVE-2023-31430 1 Broadcom 1 Brocade Fabric Operating System 2023-12-21 N/A 5.5 MEDIUM
A buffer overflow vulnerability in “secpolicydelete” command in Brocade Fabric OS before Brocade Fabric OS v9.1.1c and v9.2.0 could allow an authenticated privileged user to crash the Brocade Fabric OS switch leading to a denial of service.
CVE-2006-6908 2 Broadcom, Microsoft 3 Widcomm Bluetooth, Windows Embedded Compact, Windows Mobile 2023-12-15 10.0 HIGH N/A
Buffer overflow in the Bluetooth Stack COM Server in the Widcomm Bluetooth stack, as packaged as Widcomm Stack 3.x and earlier on Windows, Widcomm BTStackServer 1.4.2.10 and 1.3.2.7 on Windows, Widcomm Bluetooth Communication Software 1.4.1.03 on Windows, and the Bluetooth implementation in Windows Mobile or Windows CE on the HP IPAQ 2215 and 5450, allows remote attackers to cause a denial of service (service crash) and possibly execute arbitrary code via unspecified vectors.
CVE-2021-27795 1 Broadcom 13 Brocade 300, Brocade 610, Brocade 6505 and 10 more 2023-12-11 N/A 8.1 HIGH
Brocade Fabric OS (FOS) hardware platforms running any version of Brocade Fabric OS software, which supports the license string format; contain cryptographic issues that could allow for the installation of forged or fraudulent license keys. This would allow attackers or a malicious party to forge a counterfeit license key that the Brocade Fabric OS platform would authenticate and activate as if it were a legitimate license key.