Vulnerabilities > Broadcom

DATE CVE VULNERABILITY TITLE RISK
2021-04-22 CVE-2021-23133 Race Condition vulnerability in multiple products
A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process.
7.0
2021-04-01 CVE-2021-22890 Authentication Bypass by Spoofing vulnerability in multiple products
curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of TLS 1.3 session tickets.
3.7
2021-04-01 CVE-2021-22876 Information Exposure vulnerability in multiple products
curl 7.1.1 to and including 7.75.0 is vulnerable to an "Exposure of Private Personal Information to an Unauthorized Actor" by leaking credentials in the HTTP Referer: header.
5.3
2021-03-26 CVE-2021-20197 There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib.
local
high complexity
gnu redhat netapp broadcom
6.3
2021-03-26 CVE-2021-28248 Improper Restriction of Excessive Authentication Attempts vulnerability in Broadcom Ehealth
CA eHealth Performance Manager through 6.3.2.12 is affected by Improper Restriction of Excessive Authentication Attempts.
network
low complexity
broadcom CWE-307
7.5
2021-03-26 CVE-2021-28246 Untrusted Search Path vulnerability in Broadcom Ehealth
CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a Dynamically Linked Shared Object Library.
local
low complexity
broadcom CWE-426
7.8
2021-03-11 CVE-2021-28153 Link Following vulnerability in multiple products
An issue was discovered in GNOME GLib before 2.66.8.
network
low complexity
gnome debian fedoraproject broadcom CWE-59
5.3
2021-02-15 CVE-2021-27219 Incorrect Conversion between Numeric Types vulnerability in multiple products
An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3.
network
low complexity
gnome fedoraproject debian netapp broadcom CWE-681
7.5
2021-02-15 CVE-2021-27218 Incorrect Conversion between Numeric Types vulnerability in multiple products
An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4.
network
low complexity
gnome fedoraproject debian netapp broadcom CWE-681
7.5
2021-01-05 CVE-2020-29478 Unspecified vulnerability in Broadcom CA Service Catalog 17.2/17.3
CA Service Catalog 17.2 and 17.3 contain a vulnerability in the default configuration of the Setup Utility that may allow a remote attacker to cause a denial of service condition.
network
low complexity
broadcom
7.5