Filtered by vendor Broadcom
Subscriptions
Total
566 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-13678 | 1 Broadcom | 2 Advanced Secure Gateway, Symantec Proxysg | 2024-11-21 | N/A |
| Stored XSS vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles. A malicious appliance administrator can inject arbitrary JavaScript code in the management console web client application. | ||||
| CVE-2017-13677 | 1 Broadcom | 2 Advanced Secure Gateway, Symantec Proxysg | 2024-11-21 | N/A |
| Denial-of-service (DoS) vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles. A remote attacker can use crafted HTTP/HTTPS requests to cause denial-of-service through management console application crashes. | ||||
| CVE-2016-10258 | 1 Broadcom | 2 Advanced Secure Gateway, Symantec Proxysg | 2024-11-21 | N/A |
| Unrestricted file upload vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles. A malicious appliance administrator can upload arbitrary malicious files to the management console and trick another administrator user into downloading and executing malicious code. | ||||
| CVE-2016-10257 | 1 Broadcom | 2 Advanced Secure Gateway, Symantec Proxysg | 2024-11-21 | N/A |
| The Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 (prior to 6.7.2.1), ProxySG 6.5 (prior to 6.5.10.6), ProxySG 6.6, and ProxySG 6.7 (prior to 6.7.2.1) management console is susceptible to a reflected XSS vulnerability. A remote attacker can use a crafted management console URL in a phishing attack to inject arbitrary JavaScript code into the management console web client application. This is a separate vulnerability from CVE-2016-10256. | ||||
| CVE-2016-10256 | 1 Broadcom | 1 Symantec Proxysg | 2024-11-21 | N/A |
| The Symantec ProxySG 6.5 (prior to 6.5.10.6), 6.6, and 6.7 (prior to 6.7.2.1) management console is susceptible to a reflected XSS vulnerability. A remote attacker can use a crafted management console URL in a phishing attack to inject arbitrary JavaScript code into the management console web client application. This is a separate vulnerability from CVE-2016-10257. | ||||
| CVE-2015-4664 | 2 Broadcom, Xceedium | 2 Privileged Access Manager, Xsuite | 2024-11-21 | N/A |
| An improper input validation vulnerability in CA Privileged Access Manager 2.4.4.4 and earlier allows remote attackers to execute arbitrary commands. | ||||