Filtered by vendor Broadcom
Subscribe
Total
506 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0267 | 1 Broadcom | 1 Inoculateit | 2024-02-14 | 2.1 LOW | N/A |
The (1) inoregupdate, (2) uniftest, or (3) unimove scripts in eTrust InoculateIT for Linux 6.0 allow local users to overwrite arbitrary files via a symlink attack on files in /tmp. | |||||
CVE-2006-0306 | 2 Broadcom, Ca | 7 Brightstor Arcserve Backup Laptops Desktops, Brightstor Mobile Backup, Business Protection Suite and 4 more | 2024-02-14 | 5.0 MEDIUM | N/A |
The DM Primer (dmprimer.exe) in the DM Deployment Common Component in Computer Associates (CA) BrightStor Mobile Backup r4.0, BrightStor ARCserve Backup for Laptops & Desktops r11.0, r11.1, r11.1 SP1, Unicenter Remote Control 6.0, 6.0 SP1, CA Desktop Protection Suite r2, CA Server Protection Suite r2, and CA Business Protection Suite r2 allows remote attackers to cause a denial of service (CPU consumption or application hang) via a large network packet, which causes a WSAEMESGSIZE error code that is not handled, leading to a thread exit. | |||||
CVE-2004-2092 | 1 Broadcom | 1 Inoculateit | 2024-02-14 | 4.6 MEDIUM | N/A |
eTrust InoculateIT for Linux 6.0 uses insecure permissions for multiple files and directories, including the application's registry and tmp directories, which allows local users to delete, modify, or examine sensitive information. | |||||
CVE-2004-2397 | 1 Broadcom | 1 Bluecoat Security Gateway | 2024-02-13 | 5.0 MEDIUM | 7.5 HIGH |
The web-based Management Console in Blue Coat Security Gateway OS 3.0 through 3.1.3.13 and 3.2.1, when importing a private key, stores the key and its passphrase in plaintext in a log file, which allows attackers to steal digital certificates. | |||||
CVE-2024-23615 | 1 Broadcom | 1 Symantec Messaging Gateway | 2024-01-31 | 10.0 HIGH | 9.8 CRITICAL |
A buffer overflow vulnerability exists in Symantec Messaging Gateway versions 10.5 and before. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as root. | |||||
CVE-2024-23617 | 1 Broadcom | 1 Symantec Data Center Security Server | 2024-01-31 | 9.3 HIGH | 8.8 HIGH |
A buffer overflow vulnerability exists in Symantec Data Loss Prevention version 14.0.2 and before. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a crafted document to achieve code execution. | |||||
CVE-2024-23616 | 1 Broadcom | 1 Symantec Server Management Suite | 2024-01-31 | 10.0 HIGH | 9.8 CRITICAL |
A buffer overflow vulnerability exists in Symantec Server Management Suite version 7.9 and before. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as SYSTEM. | |||||
CVE-2024-23614 | 1 Broadcom | 1 Symantec Messaging Gateway | 2024-01-31 | 9.4 HIGH | 9.8 CRITICAL |
A buffer overflow vulnerability exists in Symantec Messaging Gateway versions 9.5 and before. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as root. | |||||
CVE-2024-23613 | 1 Broadcom | 1 Symantec Deployment Solutions | 2024-01-31 | 9.3 HIGH | 9.8 CRITICAL |
A buffer overflow vulnerability exists in Symantec Deployment Solution version 7.9 when parsing UpdateComputer tokens. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as SYSTEM. | |||||
CVE-2023-31431 | 1 Broadcom | 1 Brocade Fabric Operating System | 2023-12-21 | N/A | 5.5 MEDIUM |
A buffer overflow vulnerability in “diagstatus” command in Brocade Fabric OS before Brocade Fabric v9.2.0 and v9.1.1c could allow an authenticated user to crash the Brocade Fabric OS switch leading to a denial of service. | |||||
CVE-2023-31430 | 1 Broadcom | 1 Brocade Fabric Operating System | 2023-12-21 | N/A | 5.5 MEDIUM |
A buffer overflow vulnerability in “secpolicydelete” command in Brocade Fabric OS before Brocade Fabric OS v9.1.1c and v9.2.0 could allow an authenticated privileged user to crash the Brocade Fabric OS switch leading to a denial of service. | |||||
CVE-2006-6908 | 2 Broadcom, Microsoft | 3 Widcomm Bluetooth, Windows Embedded Compact, Windows Mobile | 2023-12-15 | 10.0 HIGH | N/A |
Buffer overflow in the Bluetooth Stack COM Server in the Widcomm Bluetooth stack, as packaged as Widcomm Stack 3.x and earlier on Windows, Widcomm BTStackServer 1.4.2.10 and 1.3.2.7 on Windows, Widcomm Bluetooth Communication Software 1.4.1.03 on Windows, and the Bluetooth implementation in Windows Mobile or Windows CE on the HP IPAQ 2215 and 5450, allows remote attackers to cause a denial of service (service crash) and possibly execute arbitrary code via unspecified vectors. | |||||
CVE-2021-27795 | 1 Broadcom | 13 Brocade 300, Brocade 610, Brocade 6505 and 10 more | 2023-12-11 | N/A | 8.1 HIGH |
Brocade Fabric OS (FOS) hardware platforms running any version of Brocade Fabric OS software, which supports the license string format; contain cryptographic issues that could allow for the installation of forged or fraudulent license keys. This would allow attackers or a malicious party to forge a counterfeit license key that the Brocade Fabric OS platform would authenticate and activate as if it were a legitimate license key. | |||||
CVE-2023-37790 | 1 Broadcom | 1 Clarity | 2023-12-10 | N/A | 5.4 MEDIUM |
Jaspersoft Clarity PPM version 14.3.0.298 was discovered to contain an arbitrary file upload vulnerability via the Profile Picture Upload function. | |||||
CVE-2023-4324 | 1 Broadcom | 1 Raid Controller Web Interface | 2023-12-10 | N/A | 9.8 CRITICAL |
Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers | |||||
CVE-2023-31428 | 1 Broadcom | 1 Brocade Fabric Operating System | 2023-12-10 | N/A | 5.5 MEDIUM |
Brocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a vulnerability in the command line that could allow a local user to dump files under user's home directory using grep. | |||||
CVE-2023-3489 | 1 Broadcom | 1 Fabric Operating System | 2023-12-10 | N/A | 7.5 HIGH |
The firmwaredownload command on Brocade Fabric OS v9.2.0 could log the FTP/SFTP/SCP server password in clear text in the SupportSave file when performing a downgrade from Fabric OS v9.2.0 to any earlier version of Fabric OS. | |||||
CVE-2023-4334 | 1 Broadcom | 1 Raid Controller Web Interface | 2023-12-10 | N/A | 7.5 HIGH |
Broadcom RAID Controller Web server (nginx) is serving private files without any authentication | |||||
CVE-2023-31429 | 1 Broadcom | 1 Fabric Operating System | 2023-12-10 | N/A | 5.5 MEDIUM |
Brocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a vulnerability when using various commands such as “chassisdistribute”, “reboot”, “rasman”, errmoduleshow, errfilterset, hassiscfgperrthreshold, supportshowcfgdisable and supportshowcfgenable commands that can cause the content of shell interpreted variables to be printed in the terminal. | |||||
CVE-2023-4342 | 1 Broadcom | 1 Raid Controller Web Interface | 2023-12-10 | N/A | 9.8 CRITICAL |
Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP strict-transport-security policy |