CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Broadcom : Security Vulnerabilities (CVSS score between 7 and 7.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2021-42774 120 Overflow 2021-11-12 2021-11-15
7.5
None Remote Low Not required Partial Partial Partial
Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, have a buffer overflow vulnerability in the remote firmware download feature that could allow remote unauthenticated users to perform various attacks. In non-secure mode, the user is unauthenticated.
2 CVE-2021-27792 20 2021-08-12 2021-08-23
7.2
None Local Low Not required Complete Complete Complete
The request handling functions in web management interface of Brocade Fabric OS versions before v9.0.1a, v8.2.3a, and v7.4.2h do not properly handle malformed user input, resulting in a service crash. An authenticated attacker could use this weakness to cause the FOS HTTP application handler to crash, requiring a reboot.
3 CVE-2021-27790 20 Exec Code Overflow 2021-08-12 2021-08-23
7.2
None Local Low Not required Complete Complete Complete
The command ipfilter in Brocade Fabric OS before Brocade Fabric OS v.9.0.1a, v8.2.3, and v8.2.0_CBN4, and v7.4.2h uses unsafe string function to process user input. Authenticated attackers can abuse this vulnerability to exploit stack-based buffer overflows, allowing execution of arbitrary code as the root user account.
4 CVE-2020-29661 416 2020-12-09 2021-11-30
7.2
None Local Low Not required Complete Complete Complete
A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.
5 CVE-2020-15377 918 2021-06-09 2021-06-11
7.5
None Remote Low Not required Partial Partial Partial
Webtools in Brocade SANnav before version 2.1.1 allows unauthenticated users to make requests to arbitrary hosts due to a misconfiguration; this is commonly referred to as Server-Side Request Forgery (SSRF).
6 CVE-2020-15374 2020-09-25 2021-08-23
7.5
None Remote Low Not required Partial Partial Partial
Rest API in Brocade Fabric OS v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c is vulnerable to multiple instances of reflected input.
7 CVE-2020-15373 119 Overflow 2020-09-25 2021-08-23
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflow vulnerabilities in REST API in Brocade Fabric OS versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c could allow remote unauthenticated attackers to perform various attacks.
8 CVE-2020-15371 2020-09-25 2021-08-23
7.5
None Remote Low Not required Partial Partial Partial
Brocade Fabric OS versions before Brocade Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, contains code injection and privilege escalation vulnerability.
9 CVE-2020-12695 276 2020-06-08 2021-04-23
7.8
None Remote Medium Not required Partial None Complete
The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.
10 CVE-2020-11658 639 Bypass 2020-04-15 2020-04-20
7.5
None Remote Low Not required Partial Partial Partial
CA API Developer Portal 4.3.1 and earlier handles shared secret keys in an insecure manner, which allows attackers to bypass authorization.
11 CVE-2020-8012 120 Exec Code Overflow 2020-02-18 2021-09-27
7.5
None Remote Low Not required Partial Partial Partial
CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains a buffer overflow vulnerability in the robot (controller) component. A remote attacker can execute arbitrary code.
12 CVE-2019-25013 125 2021-01-04 2021-07-06
7.1
None Remote Medium Not required None None Complete
The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.
13 CVE-2019-19544 269 2020-01-08 2020-01-12
7.2
None Local Low Not required Complete Complete Complete
CA Automic Dollar Universe 5.3.3 contains a vulnerability, related to the uxdqmsrv binary being setuid root, that allows local attackers to elevate privileges. This vulnerability was reported to CA several years after CA Automic Dollar Universe 5.3.3 reached End of Life (EOL) status on April 1, 2015.
14 CVE-2019-19518 287 Exec Code 2020-01-08 2020-01-17
7.5
None Remote Low Not required Partial Partial Partial
CA Automic Sysload 5.6.0 through 6.1.2 contains a vulnerability, related to a lack of authentication on the File Server port, that potentially allows remote attackers to execute arbitrary commands.
15 CVE-2019-19069 401 DoS 2019-11-18 2021-06-22
7.8
None Remote Low Not required None None Complete
A memory leak in the fastrpc_dma_buf_attach() function in drivers/misc/fastrpc.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering dma_get_sgtable() failures, aka CID-fc739a058d99.
16 CVE-2019-19050 401 DoS 2019-11-18 2021-06-22
7.8
None Remote Low Not required None None Complete
A memory leak in the crypto_reportstat() function in crypto/crypto_user_stat.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_reportstat_alg() failures, aka CID-c03b04dcdba1.
17 CVE-2019-18805 190 DoS Overflow 2019-11-07 2021-06-22
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of service or possibly unspecified other impact, aka CID-19fad20d15a6.
18 CVE-2019-18374 287 Bypass 2019-11-25 2021-08-04
7.5
None Remote Low Not required Partial Partial Partial
Symantec Critical System Protection (CSP), versions 8.0, 8.0 HF1 & 8.0 MP1, may be susceptible to an authentication bypass vulnerability, which is a type of issue that can potentially allow a threat actor to circumvent existing authentication controls.
19 CVE-2019-13658 798 Exec Code 2019-10-02 2021-04-09
7.5
None Remote Low Not required Partial Partial Partial
CA Network Flow Analysis 9.x and 10.0.x have a default credential vulnerability that can allow a remote attacker to execute arbitrary commands and compromise system security.
20 CVE-2019-13656 Exec Code 2019-09-06 2020-10-06
7.5
None Remote Low Not required Partial Partial Partial
An access vulnerability in CA Common Services DIA of CA Technologies Client Automation 14 and Workload Automation AE 11.3.5, 11.3.6 allows a remote attacker to execute arbitrary code.
21 CVE-2019-9503 20 Exec Code Bypass 2020-01-16 2020-01-29
7.9
None Local Network Medium Not required Complete Complete Complete
The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a remote source, the is_wlc_event_frame function will cause this frame to be discarded and unprocessed. If the driver receives the firmware event frame from the host, the appropriate handler is called. This frame validation can be bypassed if the bus used is USB (for instance by a wifi dongle). This can allow firmware event frames from a remote source to be processed. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions.
22 CVE-2019-9500 787 Exec Code Overflow 2020-01-16 2021-11-03
7.9
None Local Network Medium Not required Complete Complete Complete
The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an heap buffer overflow in the brcmf_wowl_nd_results function. This vulnerability can be exploited with compromised chipsets to compromise the host, or when used in combination with CVE-2019-9503, can be used remotely. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions.
23 CVE-2018-19635 2019-01-22 2021-04-09
7.5
None Remote Low Not required Partial Partial Partial
CA Service Desk Manager 14.1 and 17 contain a vulnerability that can allow a malicious actor to escalate privileges in the user interface.
24 CVE-2018-15691 502 Exec Code 2018-08-30 2021-04-12
7.5
None Remote Low Not required Partial Partial Partial
Insecure deserialization of a specially crafted serialized object, in CA Release Automation 6.5 and earlier, allows attackers to potentially execute arbitrary code.
25 CVE-2018-13824 89 Sql 2018-08-30 2021-04-12
7.5
None Remote Low Not required Partial Partial Partial
Insufficient input sanitization of two parameters in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to execute SQL injection attacks.
26 CVE-2018-9029 89 Sql 2018-06-18 2021-04-12
7.5
None Remote Low Not required Partial Partial Partial
An improper input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to conduct SQL injection attacks.
27 CVE-2018-9022 269 Exec Code Bypass 2018-06-18 2021-04-13
7.5
None Remote Low Not required Partial Partial Partial
An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary code or commands by poisoning a configuration file.
28 CVE-2018-9021 269 Exec Code Bypass 2018-06-18 2021-04-13
7.5
None Remote Low Not required Partial Partial Partial
An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary commands with specially crafted requests.
29 CVE-2018-6446 798 2020-06-29 2020-07-07
7.5
None Remote Low Not required Partial Partial Partial
A vulnerability in Brocade Network Advisor Version Before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocumented user credentials and install additional JEE applications.
30 CVE-2018-6441 Bypass 2018-11-08 2021-06-22
7.2
None Local Low Not required Complete Complete Complete
A vulnerability in Secure Shell implementation of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to provide arbitrary environment variables, and bypass the restricted configuration shell.
31 CVE-2018-6439 2018-12-03 2021-06-22
7.2
None Local Low Not required Complete Complete Complete
A Vulnerability in the configdownload command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access.
32 CVE-2018-6438 2018-11-08 2021-06-22
7.2
None Local Low Not required Complete Complete Complete
A Vulnerability in the supportsave command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access.
33 CVE-2018-6437 2018-11-08 2021-06-22
7.2
None Local Low Not required Complete Complete Complete
A Vulnerability in the help command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access.
34 CVE-2018-6436 2018-11-08 2021-06-22
7.2
None Local Low Not required Complete Complete Complete
A Vulnerability in the firmwaredownload command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access.
35 CVE-2018-6435 2018-11-08 2021-06-22
7.2
None Local Low Not required Complete Complete Complete
A Vulnerability in the secryptocfg command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, and gain root access.
36 CVE-2018-5241 Bypass 2018-05-29 2021-07-08
7.5
None Remote Low Not required Partial Partial Partial
Symantec Advanced Secure Gateway (ASG) 6.6 and 6.7, and ProxySG 6.5, 6.6, and 6.7 are susceptible to a SAML authentication bypass vulnerability. The products can be configured with a SAML authentication realm to authenticate network users in intercepted proxy traffic. When parsing SAML responses, ASG and ProxySG incorrectly handle XML nodes with comments. A remote attacker can modify a valid SAML response without invalidating its cryptographic signature. This may allow the attacker to bypass user authentication security controls in ASG and ProxySG. This vulnerability only affects authentication of network users in intercepted traffic. It does not affect administrator user authentication for the ASG and ProxySG management consoles.
37 CVE-2015-8799 22 Dir. Trav. 2016-06-08 2021-09-09
7.1
None Remote High ??? Complete Complete Complete
Directory traversal vulnerability in the Management Server in Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x before 1.0 MP5, Embedded Security: Critical System Protection for Controllers and Devices (SES:CSP) 6.5.0 before MP1, Critical System Protection (SCSP) before 5.2.9 MP6, Data Center Security: Server Advanced Server (DCS:SA) 6.x before 6.5 MP1 and 6.6 before MP1, and Data Center Security: Server Advanced Server and Agents (DCS:SA) through 6.6 MP1 allows remote authenticated users to write update-package data to arbitrary agent locations via unspecified vectors.
38 CVE-2015-8798 22 Exec Code Dir. Trav. 2016-06-08 2021-09-09
7.7
None Local Network Low ??? Complete Complete Complete
Directory traversal vulnerability in the Management Server in Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x before 1.0 MP5, Embedded Security: Critical System Protection for Controllers and Devices (SES:CSP) 6.5.0 before MP1, Critical System Protection (SCSP) before 5.2.9 MP6, Data Center Security: Server Advanced Server (DCS:SA) 6.x before 6.5 MP1 and 6.6 before MP1, and Data Center Security: Server Advanced Server and Agents (DCS:SA) through 6.6 MP1 allows remote authenticated users to execute arbitrary code via unspecified vectors.
39 CVE-2015-4664 20 Exec Code 2018-06-18 2021-04-12
7.5
None Remote Low Not required Partial Partial Partial
An improper input validation vulnerability in CA Privileged Access Manager 2.4.4.4 and earlier allows remote attackers to execute arbitrary commands.
40 CVE-2014-9226 264 Bypass 2015-01-21 2021-08-04
7.2
None Local Low Not required Complete Complete Complete
The management server in Symantec Critical System Protection (SCSP) 5.2.9 through MP6 and Symantec Data Center Security: Server Advanced (SDCS:SA) 6.0.x through 6.0 MP1 allows local users to bypass intended Protection Policies via unspecified vectors.
41 CVE-2012-2619 20 DoS 2012-11-14 2013-02-05
7.8
None Remote Low Not required None None Complete
The Broadcom BCM4325 and BCM4329 Wi-Fi chips, as used in certain Acer, Apple, Asus, Ford, HTC, Kyocera, LG, Malata, Motorola, Nokia, Pantech, Samsung, and Sony products, allow remote attackers to cause a denial of service (out-of-bounds read and Wi-Fi outage) via an RSN 802.11i information element.
42 CVE-2012-0692 264 +Priv 2012-10-02 2021-04-09
7.2
None Local Low Not required Complete Complete Complete
CA License (aka CA Licensing) before 1.90.03 allows local users to modify or create arbitrary files, and consequently gain privileges, via unspecified vectors.
43 CVE-2012-0691 264 +Priv 2012-10-02 2021-04-09
7.2
None Local Low Not required Complete Complete Complete
CA License (aka CA Licensing) before 1.90.03 does not properly restrict system commands, which allows local users to gain privileges via unspecified vectors.
44 CVE-2011-1655 310 Exec Code 2011-04-18 2021-04-12
7.5
None Remote Low Not required Partial Partial Partial
The management.asmx module in the Management Web Service in the Unified Network Control (UNC) Server in CA Total Defense (TD) r12 before SE2 sends a cleartext response to unspecified getDBConfigSettings requests, which makes it easier for remote attackers to obtain database credentials, and subsequently execute arbitrary code, by sniffing the network, related to the UNCWS Web Service.
45 CVE-2011-1654 22 Exec Code Dir. Trav. 2011-04-18 2021-04-12
7.5
None Remote Low Not required Partial Partial Partial
Directory traversal vulnerability in the Heartbeat Web Service in CA.Itm.Server.ManagementWS.dll in the Management Server in CA Total Defense (TD) r12 before SE2 allows remote attackers to execute arbitrary code via directory traversal sequences in the GUID parameter in an upload request to FileUploadHandler.ashx.
46 CVE-2008-2926 20 DoS +Priv 2008-08-12 2021-04-09
7.2
None Local Low Not required Complete Complete Complete
The kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS) r8, as used in CA Internet Security Suite and Personal Firewall, does not properly verify IOCTL requests, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted request.
47 CVE-2008-2242 119 Exec Code Overflow 2008-05-21 2021-04-07
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in xdr functions in the server in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allow remote attackers to execute arbitrary code, as demonstrated by a stack-based buffer overflow via a long parameter to the xdr_rwsstring function.
48 CVE-2008-1984 399 DoS 2008-04-27 2021-04-09
7.8
None Remote Low Not required None None Complete
The eTrust Common Services (Transport) Daemon (eCSqdmn) in CA Secure Content Manager 8.0.28000.511 and earlier allows remote attackers to cause a denial of service (crash or CPU consumption) via a malformed packet to TCP port 1882.
49 CVE-2007-3696 DoS 2007-07-11 2021-04-09
7.8
None Remote Low Not required None None Complete
CA ERwin Data Model Validator (formerly AllFusion Data Model Validator) allows remote attackers to (1) cause a denial of service (application hang) via a malformed .EXP database file and (2) cause a denial of service (aaplication crash) via a crafted .EXP database file, which triggers a NULL dereference.
50 CVE-2007-2523 Overflow +Priv 2007-05-11 2021-04-09
7.2
None Local Low Not required Complete Complete Complete
CA Anti-Virus for the Enterprise r8 and Threat Manager r8 before 20070510 use weak permissions (NULL security descriptor) for the Task Service shared file mapping, which allows local users to modify this mapping and gain privileges by triggering a stack-based buffer overflow in InoCore.dll before 8.0.448.0.
Total number of vulnerabilities : 81   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.