Filtered by vendor Broadcom
Subscriptions
Total
609 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-3976 | 1 Broadcom | 1 Etrust Antivirus Webscan | 2025-04-03 | N/A |
| Unspecified vulnerability in CA eTrust Antivirus WebScan before 1.1.0.1048 allows remote attackers to install arbitrary files. | ||||
| CVE-2001-0959 | 2 Broadcom, Ca | 3 Arcserve Backup, Arcserve Backup 2000, Arcserve Backup 2000 | 2025-04-03 | N/A |
| Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 creates a hidden share named ARCSERVE$, which allows remote attackers to obtain sensitive information and overwrite critical files. | ||||
| CVE-2006-3223 | 1 Broadcom | 3 Etrust Antivirus, Etrust Pestpatrol, Integrated Threat Management | 2025-04-03 | N/A |
| Format string vulnerability in CA Integrated Threat Management (ITM), eTrust Antivirus (eAV), and eTrust PestPatrol (ePP) r8 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a scan job with format strings in the description field. | ||||
| CVE-2004-1149 | 1 Broadcom | 1 Etrust Ez Antivirus | 2025-04-03 | N/A |
| Computer Associates eTrust EZ Antivirus 7.0.0 to 7.0.4, including 7.0.1.4, installs its files with insecure permissions (ACLs), which allows local users to gain privileges by replacing critical programs with malicious ones, as demonstrated using VetMsg.exe. | ||||
| CVE-2004-1812 | 1 Broadcom | 1 Unicenter Tng | 2025-04-03 | N/A |
| Multiple stack-based buffer overflows in Agent Common Services (1) cam.exe and (2) awservices.exe in Unicenter TNG 2.4 allow remote attackers to execute arbitrary code. | ||||
| CVE-2005-3372 | 1 Broadcom | 1 Etrust Antivirus | 2025-04-03 | N/A |
| Multiple interpretation error in eTrust CA 7.0.1.4 with the 11.9.1 engine allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug." | ||||
| CVE-2004-0267 | 1 Broadcom | 1 Inoculateit | 2025-04-03 | N/A |
| The (1) inoregupdate, (2) uniftest, or (3) unimove scripts in eTrust InoculateIT for Linux 6.0 allow local users to overwrite arbitrary files via a symlink attack on files in /tmp. | ||||
| CVE-2005-0968 | 1 Broadcom | 1 Etrust Intrusion Detection | 2025-04-03 | N/A |
| Computer Associates (CA) eTrust Intrusion Detection 3.0 allows remote attackers to cause a denial of service via large size values that are not properly validated before calling the CPImportKey function in the Crypto API. | ||||
| CVE-2000-1244 | 1 Broadcom | 1 Inoculateit Agent For Exchange | 2025-04-03 | N/A |
| Computer Associates InoculateIT Agent for Exchange Server does not recognize an e-mail virus attachment if the SMTP header is missing the "From" field, which allows remote attackers to bypass virus protection. | ||||
| CVE-2023-23951 | 1 Broadcom | 2 Symantec Identity Governance And Administration, Symantec Identity Manager | 2025-04-02 | 6.1 Medium |
| Ability to enumerate the Oracle LDAP attributes for the current user by modifying the query used by the application | ||||
| CVE-2023-23950 | 1 Broadcom | 2 Symantec Identity Governance And Administration, Symantec Identity Manager | 2025-04-02 | 6.1 Medium |
| User’s supplied input (usually a CRLF sequence) can be used to split a returning response into two responses. | ||||
| CVE-2023-23949 | 1 Broadcom | 2 Symantec Identity Governance And Administration, Symantec Identity Manager | 2025-04-02 | 8.1 High |
| An authenticated user can supply malicious HTML and JavaScript code that will be executed in the client browser. | ||||
| CVE-2019-11287 | 5 Broadcom, Debian, Fedoraproject and 2 more | 5 Rabbitmq Server, Debian Linux, Fedora and 2 more | 2025-04-02 | 7.5 High |
| Pivotal RabbitMQ, versions 3.7.x prior to 3.7.21 and 3.8.x prior to 3.8.1, and RabbitMQ for Pivotal Platform, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain a web management plugin that is vulnerable to a denial of service attack. The "X-Reason" HTTP Header can be leveraged to insert a malicious Erlang format string that will expand and consume the heap, resulting in the server crashing. | ||||
| CVE-2021-22117 | 2 Broadcom, Microsoft | 2 Rabbitmq Server, Windows | 2025-04-02 | 7.8 High |
| RabbitMQ installers on Windows prior to version 3.8.16 do not harden plugin directory permissions, potentially allowing attackers with sufficient local filesystem permissions to add arbitrary plugins. | ||||
| CVE-2020-5419 | 2 Broadcom, Pivotal Software | 2 Rabbitmq Server, Rabbitmq | 2025-04-02 | 6.7 Medium |
| RabbitMQ versions 3.8.x prior to 3.8.7 are prone to a Windows-specific binary planting security vulnerability that allows for arbitrary code execution. An attacker with write privileges to the RabbitMQ installation directory and local access on Windows could carry out a local binary hijacking (planting) attack and execute arbitrary code. | ||||
| CVE-2019-11291 | 3 Broadcom, Redhat, Vmware | 3 Rabbitmq Server, Openstack, Rabbitmq | 2025-04-02 | 4.8 Medium |
| Pivotal RabbitMQ, 3.7 versions prior to v3.7.20 and 3.8 version prior to v3.8.1, and RabbitMQ for PCF, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain two endpoints, federation and shovel, which do not properly sanitize user input. A remote authenticated malicious user with administrative access could craft a cross site scripting attack via the vhost or node name fields that could grant access to virtual hosts and policy management information. | ||||
| CVE-2024-37079 | 2 Broadcom, Vmware | 4 Vmware Cloud Foundation, Vmware Vcenter Server, Cloud Foundation and 1 more | 2025-03-14 | 9.8 Critical |
| vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution. | ||||
| CVE-2023-27785 | 1 Broadcom | 1 Tcpreplay | 2025-02-26 | 7.5 High |
| An issue found in TCPreplay TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the parse endpoints function. | ||||
| CVE-2023-27784 | 1 Broadcom | 1 Tcpreplay | 2025-02-26 | 7.5 High |
| An issue found in TCPReplay v.4.4.3 allows a remote attacker to cause a denial of service via the read_hexstring function at the utils.c:309 endpoint. | ||||
| CVE-2023-27783 | 1 Broadcom | 1 Tcpreplay | 2025-02-26 | 7.5 High |
| An issue found in TCPreplay tcprewrite v.4.4.3 allows a remote attacker to cause a denial of service via the tcpedit_dlt_cleanup function at plugins/dlt_plugins.c. | ||||