Filtered by vendor Broadcom
Subscribe
Total
506 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-19635 | 2 Broadcom, Ca | 2 Service Desk Manager, Service Desk Manager | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
CA Service Desk Manager 14.1 and 17 contain a vulnerability that can allow a malicious actor to escalate privileges in the user interface. | |||||
CVE-2018-17580 | 1 Broadcom | 1 Tcpreplay | 2023-12-10 | 5.8 MEDIUM | 7.1 HIGH |
A heap-based buffer over-read exists in the function fast_edit_packet() in the file send_packets.c of Tcpreplay v4.3.0 beta1. This can lead to Denial of Service (DoS) and potentially Information Exposure when the application attempts to process a crafted pcap file. | |||||
CVE-2018-6433 | 1 Broadcom | 1 Fabric Operating System | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
A vulnerability in the secryptocfg export command of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to bypass the export file access restrictions and initiate a file copy from the source to a remote system. | |||||
CVE-2018-20553 | 1 Broadcom | 1 Tcpreplay | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
Tcpreplay before 4.3.1 has a heap-based buffer over-read in get_l2len in common/get.c. | |||||
CVE-2018-18408 | 2 Broadcom, Fedoraproject | 2 Tcpreplay, Fedora | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
A use-after-free was discovered in the tcpbridge binary of Tcpreplay 4.3.0 beta1. The issue gets triggered in the function post_args() at tcpbridge.c, causing a denial of service or possibly unspecified other impact. | |||||
CVE-2018-14597 | 1 Broadcom | 2 Ca Identity Governance, Ca Identity Suite Virtual Appliance | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
CA Technologies Identity Governance 12.6, 14.0, 14.1, and 14.2 and CA Identity Suite Virtual Appliance 14.0, 14.1, and 14.2 provide telling error messages that may allow remote attackers to enumerate account names. | |||||
CVE-2018-6436 | 1 Broadcom | 1 Fabric Operating System | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
A Vulnerability in the firmwaredownload command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access. | |||||
CVE-2018-17582 | 1 Broadcom | 1 Tcpreplay | 2023-12-10 | 5.8 MEDIUM | 7.1 HIGH |
Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. The get_next_packet() function in the send_packets.c file uses the memcpy() function unsafely to copy sequences from the source buffer pktdata to the destination (*prev_packet)->pktdata. This will result in a Denial of Service (DoS) and potentially Information Exposure when the application attempts to process a file. | |||||
CVE-2019-8376 | 2 Broadcom, Fedoraproject | 2 Tcpreplay, Fedora | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_layer4_v6() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. | |||||
CVE-2018-6435 | 1 Broadcom | 1 Fabric Operating System | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
A Vulnerability in the secryptocfg command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, and gain root access. | |||||
CVE-2018-20552 | 1 Broadcom | 1 Tcpreplay | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
Tcpreplay before 4.3.1 has a heap-based buffer over-read in packet2tree in tree.c. | |||||
CVE-2018-6439 | 1 Broadcom | 1 Fabric Operating System | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
A Vulnerability in the configdownload command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access. | |||||
CVE-2018-17974 | 1 Broadcom | 1 Tcpreplay | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
An issue was discovered in Tcpreplay 4.3.0 beta1. A heap-based buffer over-read was triggered in the function dlt_en10mb_encode() of the file plugins/dlt_en10mb/en10mb.c, due to inappropriate values in the function memmove(). The length (pktlen + ctx -> l2len) can be larger than source value (packet + ctx->l2len) because the function fails to ensure the length of a packet is valid. This leads to Denial of Service. | |||||
CVE-2019-8377 | 2 Broadcom, Fedoraproject | 2 Tcpreplay, Fedora | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_ipv6_l4proto() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. | |||||
CVE-2018-6441 | 1 Broadcom | 1 Fabric Operating System | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
A vulnerability in Secure Shell implementation of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to provide arbitrary environment variables, and bypass the restricted configuration shell. | |||||
CVE-2018-9026 | 1 Broadcom | 1 Privileged Access Manager | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
A session fixation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to hijack user sessions with a specially crafted request. | |||||
CVE-2017-13677 | 2 Broadcom, Symantec | 2 Symantec Proxysg, Advanced Secure Gateway | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
Denial-of-service (DoS) vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles. A remote attacker can use crafted HTTP/HTTPS requests to cause denial-of-service through management console application crashes. | |||||
CVE-2017-6227 | 2 Broadcom, Brocade | 2 Fabric Operating System, Fabric Os | 2023-12-10 | 6.1 MEDIUM | 6.5 MEDIUM |
A vulnerability in the IPv6 stack on Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) versions before 7.4.2b, 8.1.2 and 8.2.0 could allow an attacker to cause a denial of service (CPU consumption and device hang) condition by sending crafted Router Advertisement (RA) messages to a targeted system. | |||||
CVE-2017-6225 | 2 Broadcom, Brocade | 2 Fabric Operating System, Fabric Os | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross-site scripting (XSS) vulnerability in the web-based management interface of Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) versions before 7.4.2b, 8.1.2 and 8.2.0 could allow remote attackers to execute arbitrary code or access sensitive browser-based information. | |||||
CVE-2017-18268 | 1 Broadcom | 1 Symantec Intelligencecenter | 2023-12-10 | 4.3 MEDIUM | 5.9 MEDIUM |
Symantec IntelligenceCenter 3.3 is vulnerable to the Return of the Bleichenbacher Oracle Threat (ROBOT) attack. A remote attacker, who has captured a pre-recorded SSL session inspected by SSLV, can establish large numbers of crafted SSL connections to the target and obtain the session keys required to decrypt the pre-recorded SSL session. |