Filtered by vendor Broadcom
Subscribe
Total
506 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-4344 | 1 Broadcom | 1 Raid Controller Web Interface | 2023-12-10 | N/A | 9.8 CRITICAL |
Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connection | |||||
CVE-2023-4328 | 2 Broadcom, Linux | 2 Raid Controller Web Interface, Linux Kernel | 2023-12-10 | N/A | 5.5 MEDIUM |
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Windows | |||||
CVE-2023-4335 | 2 Broadcom, Linux | 2 Raid Controller Web Interface, Linux Kernel | 2023-12-10 | N/A | 7.5 HIGH |
Broadcom RAID Controller Web server (nginx) is serving private server-side files without any authentication on Linux | |||||
CVE-2023-4336 | 1 Broadcom | 1 Raid Controller Web Interface | 2023-12-10 | N/A | 9.8 CRITICAL |
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard cookies with Secure attribute | |||||
CVE-2023-23952 | 1 Broadcom | 2 Advanced Secure Gateway, Content Analysis | 2023-12-10 | N/A | 9.8 CRITICAL |
Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to a Command Injection vulnerability. | |||||
CVE-2023-23953 | 1 Broadcom | 2 Advanced Secure Gateway, Content Analysis | 2023-12-10 | N/A | 7.8 HIGH |
Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to an Elevation of Privilege vulnerability. | |||||
CVE-2023-23955 | 1 Broadcom | 2 Advanced Secure Gateway, Content Analysis | 2023-12-10 | N/A | 8.1 HIGH |
Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to a Server-Side Request Forgery vulnerability. | |||||
CVE-2023-23956 | 1 Broadcom | 1 Symantec Siteminder Webagent | 2023-12-10 | N/A | 5.4 MEDIUM |
A user can supply malicious HTML and JavaScript code that will be executed in the client browser | |||||
CVE-2023-23954 | 1 Broadcom | 2 Advanced Secure Gateway, Content Analysis | 2023-12-10 | N/A | 5.4 MEDIUM |
Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to a Stored Cross-Site Scripting vulnerability. | |||||
CVE-2022-37017 | 1 Broadcom | 1 Symantec Endpoint Protection | 2023-12-10 | N/A | 7.5 HIGH |
Symantec Endpoint Protection (Windows) agent, prior to 14.3 RU6/14.3 RU5 Patch 1, may be susceptible to a Security Control Bypass vulnerability, which is a type of issue that can potentially allow a threat actor to circumvent existing security controls. This CVE applies narrowly to the Client User Interface Password protection and Policy Import/Export Password protection, if it has been enabled. | |||||
CVE-2022-25627 | 1 Broadcom | 1 Symantec Identity Governance And Administration | 2023-12-10 | N/A | 6.7 MEDIUM |
An authenticated administrator who has physical access to the environment can carry out Remote Command Execution on Management Console in Symantec Identity Manager 14.4 | |||||
CVE-2023-27789 | 1 Broadcom | 1 Tcpreplay | 2023-12-10 | N/A | 7.5 HIGH |
An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the cidr2cidr function at the cidr.c:178 endpoint. | |||||
CVE-2022-37016 | 1 Broadcom | 1 Symantec Endpoint Protection | 2023-12-10 | N/A | 9.8 CRITICAL |
Symantec Endpoint Protection (Windows) agent may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. | |||||
CVE-2023-23950 | 1 Broadcom | 2 Symantec Identity Governance And Administration, Symantec Identity Manager | 2023-12-10 | N/A | 6.1 MEDIUM |
User’s supplied input (usually a CRLF sequence) can be used to split a returning response into two responses. | |||||
CVE-2022-33187 | 1 Broadcom | 1 Brocade Sannav | 2023-12-10 | N/A | 4.9 MEDIUM |
Brocade SANnav before v2.2.1 logs usernames and encoded passwords in debug-enabled logs. The vulnerability could allow an attacker with admin privilege to read sensitive information. | |||||
CVE-2022-25631 | 1 Broadcom | 1 Symantec Endpoint Protection | 2023-12-10 | N/A | 7.8 HIGH |
Symantec Endpoint Protection, prior to 14.3 RU6 (14.3.9210.6000), may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated | |||||
CVE-2023-27785 | 1 Broadcom | 1 Tcpreplay | 2023-12-10 | N/A | 7.5 HIGH |
An issue found in TCPreplay TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the parse endpoints function. | |||||
CVE-2023-27786 | 1 Broadcom | 1 Tcpreplay | 2023-12-10 | N/A | 7.5 HIGH |
An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the macinstring function. | |||||
CVE-2023-27783 | 1 Broadcom | 1 Tcpreplay | 2023-12-10 | N/A | 7.5 HIGH |
An issue found in TCPreplay tcprewrite v.4.4.3 allows a remote attacker to cause a denial of service via the tcpedit_dlt_cleanup function at plugins/dlt_plugins.c. | |||||
CVE-2023-27788 | 1 Broadcom | 1 Tcpreplay | 2023-12-10 | N/A | 7.5 HIGH |
An issue found in TCPrewrite v.4.4.3 allows a remote attacker to cause a denial of service via the ports2PORT function at the portmap.c:69 endpoint. |