Vulnerabilities > Broadcom
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-17 | CVE-2018-14597 | Information Exposure vulnerability in Broadcom products CA Technologies Identity Governance 12.6, 14.0, 14.1, and 14.2 and CA Identity Suite Virtual Appliance 14.0, 14.1, and 14.2 provide telling error messages that may allow remote attackers to enumerate account names. | 5.0 |
| 2018-10-17 | CVE-2018-18408 | Use After Free vulnerability in multiple products A use-after-free was discovered in the tcpbridge binary of Tcpreplay 4.3.0 beta1. | 9.8 |
| 2018-10-17 | CVE-2018-18407 | Out-of-bounds Read vulnerability in multiple products A heap-based buffer over-read was discovered in the tcpreplay-edit binary of Tcpreplay 4.3.0 beta1, during the incremental checksum operation. | 5.5 |
| 2018-10-03 | CVE-2018-17974 | Out-of-bounds Read vulnerability in Broadcom Tcpreplay 4.3.0 An issue was discovered in Tcpreplay 4.3.0 beta1. | 4.3 |
| 2018-09-28 | CVE-2018-17582 | Out-of-bounds Read vulnerability in Broadcom Tcpreplay 4.3.0 Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. | 5.8 |
| 2018-09-28 | CVE-2018-17580 | Out-of-bounds Read vulnerability in Broadcom Tcpreplay 4.3.0 A heap-based buffer over-read exists in the function fast_edit_packet() in the file send_packets.c of Tcpreplay v4.3.0 beta1. | 5.8 |
| 2018-08-30 | CVE-2018-15691 | Deserialization of Untrusted Data vulnerability in Broadcom Release Automation 6.3/6.4/6.5 Insecure deserialization of a specially crafted serialized object, in CA Release Automation 6.5 and earlier, allows attackers to potentially execute arbitrary code. | 7.5 |
| 2018-08-30 | CVE-2018-13826 | XXE vulnerability in multiple products An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to conduct server side request forgery attacks. | 6.4 |
| 2018-08-30 | CVE-2018-13825 | Cross-site Scripting vulnerability in multiple products Insufficient input validation in the gridExcelExport functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to execute reflected cross-site scripting attacks. | 4.3 |
| 2018-08-30 | CVE-2018-13824 | SQL Injection vulnerability in multiple products Insufficient input sanitization of two parameters in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to execute SQL injection attacks. | 7.5 |