Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Broadcom Subscribe
Filtered by product Release Automation
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-15691 1 Broadcom 1 Release Automation 2023-12-10 7.5 HIGH 9.8 CRITICAL
Insecure deserialization of a specially crafted serialized object, in CA Release Automation 6.5 and earlier, allows attackers to potentially execute arbitrary code.
CVE-2015-8698 1 Broadcom 1 Release Automation 2023-12-10 3.6 LOW 7.1 HIGH
CA Release Automation (formerly LISA Release Automation) 5.0.2 before 5.0.2-227, 5.5.1 before 5.5.1-1616, 5.5.2 before 5.5.2-434, and 6.1.0 before 6.1.0-1026 allows remote attackers to read arbitrary files or cause a denial of service via a request containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
CVE-2015-8699 1 Broadcom 1 Release Automation 2023-12-10 4.3 MEDIUM 6.1 MEDIUM
Multiple cross-site scripting (XSS) vulnerabilities in CA Release Automation (formerly LISA Release Automation) 5.0.2 before 5.0.2-227, 5.5.1 before 5.5.1-1616, 5.5.2 before 5.5.2-434, and 6.1.0 before 6.1.0-1026 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2014-8247 1 Broadcom 1 Release Automation 2023-12-10 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in CA Release Automation (formerly iTKO LISA Release Automation) before 4.7.1 b448 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2014-8248 1 Broadcom 1 Release Automation 2023-12-10 6.5 MEDIUM N/A
SQL injection vulnerability in CA Release Automation (formerly iTKO LISA Release Automation) before 4.7.1 b448 allows remote authenticated users to execute arbitrary SQL commands via a crafted query.
CVE-2014-8246 1 Broadcom 1 Release Automation 2023-12-10 6.8 MEDIUM N/A
Cross-site request forgery (CSRF) vulnerability in CA Release Automation (formerly iTKO LISA Release Automation) before 4.7.1 b448 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.