Vulnerabilities > Broadcom

DATE CVE VULNERABILITY TITLE RISK
2021-01-04 CVE-2019-25013 Out-of-bounds Read vulnerability in multiple products
The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.
network
high complexity
gnu fedoraproject netapp broadcom debian CWE-125
5.9
2021-01-04 CVE-2020-35507 There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutils in versions prior to 2.34 which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference.
local
low complexity
gnu redhat netapp broadcom
5.5
2021-01-04 CVE-2020-35496 There's a flaw in bfd_pef_scan_start_address() of bfd/pef.c in binutils which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference.
local
low complexity
gnu fedoraproject netapp broadcom
5.5
2021-01-04 CVE-2020-35495 There's a flaw in binutils /bfd/pef.c.
local
low complexity
gnu fedoraproject netapp broadcom
5.5
2021-01-04 CVE-2020-35494 There's a flaw in binutils /opcodes/tic4x-dis.c.
local
low complexity
gnu fedoraproject netapp broadcom
6.1
2021-01-04 CVE-2020-35493 A flaw exists in binutils in bfd/pef.c.
local
low complexity
gnu fedoraproject netapp broadcom
5.5
2020-12-11 CVE-2020-15376 Unspecified vulnerability in Broadcom Fabric Operating System
Brocade Fabric OS versions before v9.0.0 and after version v8.1.0, configured in Virtual Fabric mode contain a weakness in the ldap implementation that could allow a remote ldap user to login in the Brocade Fibre Channel SAN switch with "user" privileges if it is not associated with any groups.
network
low complexity
broadcom
4.3
2020-12-11 CVE-2020-15375 Improper Input Validation vulnerability in Broadcom Fabric Operating System
Brocade Fabric OS versions before v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, v7.4.2g contain an improper input validation weakness in the command line interface when secccrypptocfg is invoked.
local
low complexity
broadcom CWE-20
6.7
2020-12-10 CVE-2020-12595 Unspecified vulnerability in Broadcom Symantec Messaging Gateway 10.5/10.7/9.5
An information disclosure flaw allows a malicious, authenticated, privileged web UI user to obtain a password for a remote SCP backup server that they might not otherwise be authorized to access.
network
low complexity
broadcom
4.9
2020-12-10 CVE-2020-12594 Unspecified vulnerability in Broadcom Symantec Messaging Gateway 10.5/10.7/9.5
A privilege escalation flaw allows a malicious, authenticated, privileged CLI user to escalate their privileges on the system and gain full control over the SMG appliance.
network
low complexity
broadcom
7.2