Vulnerabilities > Broadcom
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-15 | CVE-2024-38493 | Cross-site Scripting vulnerability in Broadcom Symantec Privileged Access Management 4.1.0.0/4.1.0.10 A reflected cross-site scripting (XSS) vulnerability exists in the PAM UI web interface. | 6.1 |
| 2024-07-09 | CVE-2024-3596 | Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in multiple products RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature. | 9.0 |
| 2024-06-26 | CVE-2024-29954 | Information Exposure Through Log Files vulnerability in Broadcom Fabric Operating System A vulnerability in a password management API in Brocade Fabric OS versions before v9.2.1, v9.2.0b, v9.1.1d, and v8.2.3e prints sensitive information in log files. | 5.5 |
| 2024-01-26 | CVE-2024-23613 | Classic Buffer Overflow vulnerability in Broadcom Symantec Deployment Solutions 7.9 A buffer overflow vulnerability exists in Symantec Deployment Solution version 7.9 when parsing UpdateComputer tokens. | 9.8 |
| 2024-01-26 | CVE-2024-23614 | Classic Buffer Overflow vulnerability in Broadcom Symantec Messaging Gateway 9.5 A buffer overflow vulnerability exists in Symantec Messaging Gateway versions 9.5 and before. | 9.8 |
| 2024-01-26 | CVE-2024-23615 | Classic Buffer Overflow vulnerability in Broadcom Symantec Messaging Gateway 10.5/9.5 A buffer overflow vulnerability exists in Symantec Messaging Gateway versions 10.5 and before. | 9.8 |
| 2024-01-26 | CVE-2024-23616 | Classic Buffer Overflow vulnerability in Broadcom Symantec Server Management Suite 7.9 A buffer overflow vulnerability exists in Symantec Server Management Suite version 7.9 and before. | 9.8 |
| 2024-01-26 | CVE-2024-23617 | Classic Buffer Overflow vulnerability in Broadcom Symantec Data Center Security Server 14.0.2/6.5.0/6.6.0 A buffer overflow vulnerability exists in Symantec Data Loss Prevention version 14.0.2 and before. | 8.8 |
| 2023-12-21 | CVE-2023-4256 | Double Free vulnerability in multiple products Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. | 5.5 |
| 2023-12-06 | CVE-2021-27795 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Broadcom Fabric Operating System Brocade Fabric OS (FOS) hardware platforms running any version of Brocade Fabric OS software, which supports the license string format; contain cryptographic issues that could allow for the installation of forged or fraudulent license keys. | 8.1 |