Vulnerabilities > Broadcom
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-02 | CVE-2021-44050 | SQL Injection vulnerability in Broadcom CA Network Flow Analysis CA Network Flow Analysis (NFA) 21.2.1 and earlier contain a SQL injection vulnerability in the NFA web application, due to insufficient input validation, that could potentially allow an authenticated user to access sensitive data. | 6.5 |
| 2021-11-12 | CVE-2021-42773 | Unspecified vulnerability in Broadcom Emulex HBA Manager Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, could allow a user to retrieve an arbitrary file from a remote host with the GetDumpFile command. | 7.5 |
| 2021-11-12 | CVE-2021-42774 | Classic Buffer Overflow vulnerability in Broadcom Emulex HBA Manager Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, have a buffer overflow vulnerability in the remote firmware download feature that could allow remote unauthenticated users to perform various attacks. | 9.8 |
| 2021-11-12 | CVE-2021-42775 | Unspecified vulnerability in Broadcom Emulex HBA Manager Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, have a vulnerability in the remote firmware download feature that could allow a user to place or replace an arbitrary file on the remote host. | 9.1 |
| 2021-11-03 | CVE-2021-42772 | Classic Buffer Overflow vulnerability in Broadcom Emulex HBA Manager and ONE Command Manager Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, have a buffer overflow vulnerability in the remote GetDumpFile command that could allow a user to attempt various attacks. | 9.8 |
| 2021-09-22 | CVE-2020-23273 | Out-of-bounds Write vulnerability in Broadcom Tcpreplay 4.3.2 Heap-buffer overflow in the randomize_iparp function in edit_packet.c. | 5.5 |
| 2021-09-16 | CVE-2021-34798 | NULL Pointer Dereference vulnerability in multiple products Malformed requests may cause the server to dereference a NULL pointer. | 7.5 |
| 2021-09-16 | CVE-2021-36160 | Out-of-bounds Read vulnerability in multiple products A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). | 7.5 |
| 2021-09-16 | CVE-2021-40438 | Server-Side Request Forgery (SSRF) vulnerability in multiple products A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. | 9.0 |
| 2021-08-25 | CVE-2020-18976 | Classic Buffer Overflow vulnerability in Broadcom Tcpreplay 4.3.2 Buffer Overflow in Tcpreplay v4.3.2 allows attackers to cause a Denial of Service via the 'do_checksum' function in 'checksum.c'. | 5.5 |