Vulnerabilities > Broadcom
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-10 | CVE-2016-10257 | Cross-site Scripting vulnerability in Broadcom Advanced Secure Gateway and Symantec Proxysg The Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 (prior to 6.7.2.1), ProxySG 6.5 (prior to 6.5.10.6), ProxySG 6.6, and ProxySG 6.7 (prior to 6.7.2.1) management console is susceptible to a reflected XSS vulnerability. | 6.1 |
| 2018-01-10 | CVE-2016-10256 | Cross-site Scripting vulnerability in Broadcom Symantec Proxysg The Symantec ProxySG 6.5 (prior to 6.5.10.6), 6.6, and 6.7 (prior to 6.7.2.1) management console is susceptible to a reflected XSS vulnerability. | 6.1 |
| 2017-10-04 | CVE-2017-11122 | Information Exposure vulnerability in multiple products On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56, an attacker can trigger an information leak due to insufficient length validation, related to ICMPv6 router advertisement offloading. | 7.5 |
| 2017-09-28 | CVE-2017-11121 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, properly crafted malicious over-the-air Fast Transition frames can potentially trigger internal Wi-Fi firmware heap and/or stack overflows, leading to denial of service or other effects, aka B-V2017061205. | 9.8 |
| 2017-09-28 | CVE-2017-11120 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, an attacker can craft a malformed RRM neighbor report frame to trigger an internal buffer overflow in the Wi-Fi firmware, aka B-V2017061204. | 9.8 |
| 2017-09-12 | CVE-2017-14266 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Broadcom Tcpreplay 3.4.4 tcprewrite in Tcpreplay 3.4.4 has a Heap-Based Buffer Overflow vulnerability triggered by a crafted PCAP file, a related issue to CVE-2016-6160. | 7.8 |
| 2017-06-04 | CVE-2017-9417 | Unspecified vulnerability in Broadcom Bcm43Xx Wi-Fi Chipset Firmware Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute arbitrary code via unspecified vectors, aka the "Broadpwn" issue. | 9.8 |
| 2017-05-11 | CVE-2016-9100 | Credentials Management vulnerability in Broadcom Advanced Secure Gateway and Symantec Proxysg Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.13, ASG 6.7 prior to 6.7.3.1, ProxySG 6.5 prior to 6.5.10.6, ProxySG 6.6 prior to 6.6.5.13, and ProxySG 6.7 prior to 6.7.3.1 are susceptible to an information disclosure vulnerability. | 7.8 |
| 2017-05-11 | CVE-2016-9099 | Open Redirect vulnerability in Broadcom Advanced Secure Gateway and Symantec Proxysg Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 prior to 6.7.2.1, ProxySG 6.5 prior to 6.5.10.6, ProxySG 6.6, and ProxySG 6.7 prior to 6.7.2.1 are susceptible to an open redirection vulnerability. | 6.1 |
| 2017-05-11 | CVE-2016-9097 | Permissions, Privileges, and Access Controls vulnerability in Broadcom Advanced Secure Gateway and Symantec Proxysg The Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.8, ProxySG 6.5 prior 6.5.10.6, ProxySG 6.6 prior to 6.6.5.8, and ProxySG 6.7 prior to 6.7.1.2 management consoles do not, under certain circumstances, correctly authorize administrator users. | 7.2 |