Filtered by vendor Broadcom
Subscriptions
Total
566 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-6590 | 1 Broadcom | 1 Ca Api Developer Portal | 2024-11-21 | 6.1 Medium |
| CA API Developer Portal 4.x, prior to v4.2.5.3 and v4.2.7.1, has an unspecified reflected cross-site scripting vulnerability. | ||||
| CVE-2018-6449 | 1 Broadcom | 1 Fabric Operating System | 2024-11-21 | 6.1 Medium |
| Host Header Injection vulnerability in the http management interface in Brocade Fabric OS versions before v9.0.0 could allow a remote attacker to exploit this vulnerability by injecting arbitrary HTTP headers | ||||
| CVE-2018-6448 | 1 Broadcom | 1 Fabric Operating System | 2024-11-21 | 7.5 High |
| A vulnerability in the management interface in Brocade Fabric OS Versions before Brocade Fabric OS v9.0.0 could allow a remote attacker to perform a denial of service attack on the vulnerable host. | ||||
| CVE-2018-6447 | 1 Broadcom | 1 Fabric Operating System | 2024-11-21 | 5.4 Medium |
| A Reflective XSS Vulnerability in HTTP Management Interface in Brocade Fabric OS versions before Brocade Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, v7.4.2g could allow authenticated attackers with access to the web interface to hijack a user’s session and take over the account. | ||||
| CVE-2018-6446 | 1 Broadcom | 1 Brocade Network Advisor | 2024-11-21 | 9.8 Critical |
| A vulnerability in Brocade Network Advisor Version Before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocumented user credentials and install additional JEE applications. | ||||
| CVE-2018-6442 | 1 Broadcom | 1 Fabric Operating System | 2024-11-21 | N/A |
| A vulnerability in the Brocade Webtools firmware update section of Brocade Fabric OS before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow remote authenticated attackers to execute arbitrary commands. | ||||
| CVE-2018-6441 | 1 Broadcom | 1 Fabric Operating System | 2024-11-21 | N/A |
| A vulnerability in Secure Shell implementation of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to provide arbitrary environment variables, and bypass the restricted configuration shell. | ||||
| CVE-2018-6440 | 1 Broadcom | 1 Fabric Operating System | 2024-11-21 | N/A |
| A vulnerability in the proxy service of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow remote unauthenticated attackers to obtain sensitive information and possibly cause a denial of service attack. | ||||
| CVE-2018-6439 | 1 Broadcom | 1 Fabric Operating System | 2024-11-21 | N/A |
| A Vulnerability in the configdownload command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access. | ||||
| CVE-2018-6438 | 1 Broadcom | 1 Fabric Operating System | 2024-11-21 | N/A |
| A Vulnerability in the supportsave command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access. | ||||
| CVE-2018-6437 | 1 Broadcom | 1 Fabric Operating System | 2024-11-21 | N/A |
| A Vulnerability in the help command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access. | ||||
| CVE-2018-6436 | 1 Broadcom | 1 Fabric Operating System | 2024-11-21 | N/A |
| A Vulnerability in the firmwaredownload command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access. | ||||
| CVE-2018-6435 | 1 Broadcom | 1 Fabric Operating System | 2024-11-21 | N/A |
| A Vulnerability in the secryptocfg command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, and gain root access. | ||||
| CVE-2018-6434 | 1 Broadcom | 1 Fabric Operating System | 2024-11-21 | N/A |
| A vulnerability in the web management interface of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow attackers to intercept or manipulate a user's session ID. | ||||
| CVE-2018-6433 | 1 Broadcom | 1 Fabric Operating System | 2024-11-21 | N/A |
| A vulnerability in the secryptocfg export command of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to bypass the export file access restrictions and initiate a file copy from the source to a remote system. | ||||
| CVE-2018-5241 | 1 Broadcom | 2 Advanced Secure Gateway, Symantec Proxysg | 2024-11-21 | N/A |
| Symantec Advanced Secure Gateway (ASG) 6.6 and 6.7, and ProxySG 6.5, 6.6, and 6.7 are susceptible to a SAML authentication bypass vulnerability. The products can be configured with a SAML authentication realm to authenticate network users in intercepted proxy traffic. When parsing SAML responses, ASG and ProxySG incorrectly handle XML nodes with comments. A remote attacker can modify a valid SAML response without invalidating its cryptographic signature. This may allow the attacker to bypass user authentication security controls in ASG and ProxySG. This vulnerability only affects authentication of network users in intercepted traffic. It does not affect administrator user authentication for the ASG and ProxySG management consoles. | ||||
| CVE-2018-20553 | 1 Broadcom | 1 Tcpreplay | 2024-11-21 | N/A |
| Tcpreplay before 4.3.1 has a heap-based buffer over-read in get_l2len in common/get.c. | ||||
| CVE-2018-20552 | 1 Broadcom | 1 Tcpreplay | 2024-11-21 | N/A |
| Tcpreplay before 4.3.1 has a heap-based buffer over-read in packet2tree in tree.c. | ||||
| CVE-2018-19860 | 2 Broadcom, Cypress | 126 Bcm4335c0, Bcm4335c0 Firmware, Bcm43438a1 and 123 more | 2024-11-21 | N/A |
| Broadcom firmware before summer 2014 on Nexus 5 BCM4335C0 2012-12-11, Raspberry Pi 3 BCM43438A1 2014-06-02, and unspecifed other devices does not properly restrict LMP commnds and executes certain memory contents upon receiving an LMP command, as demonstrated by executing an HCI command. | ||||
| CVE-2018-19635 | 2 Broadcom, Ca | 2 Service Desk Manager, Service Desk Manager | 2024-11-21 | N/A |
| CA Service Desk Manager 14.1 and 17 contain a vulnerability that can allow a malicious actor to escalate privileges in the user interface. | ||||