Vulnerabilities > Broadcom
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-16 | CVE-2021-36160 | Out-of-bounds Read vulnerability in multiple products A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). | 7.5 |
| 2021-09-16 | CVE-2021-40438 | Server-Side Request Forgery (SSRF) vulnerability in multiple products A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. | 9.0 |
| 2021-08-25 | CVE-2020-18976 | Classic Buffer Overflow vulnerability in Broadcom Tcpreplay 4.3.2 Buffer Overflow in Tcpreplay v4.3.2 allows attackers to cause a Denial of Service via the 'do_checksum' function in 'checksum.c'. | 5.5 |
| 2021-08-12 | CVE-2021-27790 | Out-of-bounds Write vulnerability in Broadcom Fabric Operating System The command ipfilter in Brocade Fabric OS before Brocade Fabric OS v.9.0.1a, v8.2.3, and v8.2.0_CBN4, and v7.4.2h uses unsafe string function to process user input. | 7.8 |
| 2021-08-12 | CVE-2021-27791 | Out-of-bounds Read vulnerability in Broadcom Fabric Operating System The function that is used to parse the Authentication header in Brocade Fabric OS Web application service before Brocade Fabric OS v9.0.1a and v8.2.3a fails to properly process a malformed authentication header from the client, resulting in reading memory addresses outside the intended range. | 5.4 |
| 2021-08-12 | CVE-2021-27792 | Unspecified vulnerability in Broadcom Fabric Operating System The request handling functions in web management interface of Brocade Fabric OS versions before v9.0.1a, v8.2.3a, and v7.4.2h do not properly handle malformed user input, resulting in a service crash. | 7.8 |
| 2021-08-12 | CVE-2021-27793 | Incorrect Authorization vulnerability in Broadcom Fabric Operating System ntermittent authorization failure in aaa tacacs+ with Brocade Fabric OS versions before Brocade Fabric OS v9.0.1b and after 9.0.0, also in Brocade Fabric OS before Brocade Fabric OS v8.2.3a and after v8.2.0 could cause a user with a valid account to be unable to log into the switch. | 5.3 |
| 2021-08-12 | CVE-2021-27794 | Improper Authentication vulnerability in Broadcom Fabric Operating System A vulnerability in the authentication mechanism of Brocade Fabric OS versions before Brocade Fabric OS v.9.0.1a, v8.2.3a and v7.4.2h could allow a user to Login with empty password, and invalid password through telnet, ssh and REST. | 7.8 |
| 2021-07-14 | CVE-2021-34174 | Unspecified vulnerability in Broadcom Bcm4352 Firmware and Bcm43684 Firmware A vulnerability exists in Broadcom BCM4352 and BCM43684 chips. low complexity broadcom | 4.6 |
| 2021-06-30 | CVE-2021-30648 | Improper Authentication vulnerability in Broadcom products The Symantec Advanced Secure Gateway (ASG) and ProxySG web management consoles are susceptible to an authentication bypass vulnerability. | 9.8 |