Vulnerabilities > Broadcom
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-01 | CVE-2023-23953 | Unspecified vulnerability in Broadcom Advanced Secure Gateway and Content Analysis Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to an Elevation of Privilege vulnerability. | 7.8 |
| 2023-06-01 | CVE-2023-23954 | Cross-site Scripting vulnerability in Broadcom Advanced Secure Gateway and Content Analysis Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to a Stored Cross-Site Scripting vulnerability. | 5.4 |
| 2023-06-01 | CVE-2023-23955 | Server-Side Request Forgery (SSRF) vulnerability in Broadcom Advanced Secure Gateway and Content Analysis Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to a Server-Side Request Forgery vulnerability. | 8.1 |
| 2023-05-30 | CVE-2023-23956 | Cross-site Scripting vulnerability in Broadcom Symantec Siteminder Webagent 12.52 A user can supply malicious HTML and JavaScript code that will be executed in the client browser | 5.4 |
| 2023-03-30 | CVE-2023-27534 | Path Traversal vulnerability in multiple products A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home directory. | 8.8 |
| 2023-03-30 | CVE-2023-27537 | Double Free vulnerability in multiple products A double free vulnerability exists in libcurl <8.0.0 when sharing HSTS data between separate "handles". | 5.9 |
| 2023-03-30 | CVE-2023-27538 | Improper Authentication vulnerability in multiple products An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. | 5.5 |
| 2023-03-16 | CVE-2023-27783 | Reachable Assertion vulnerability in Broadcom Tcpreplay 4.4.3 An issue found in TCPreplay tcprewrite v.4.4.3 allows a remote attacker to cause a denial of service via the tcpedit_dlt_cleanup function at plugins/dlt_plugins.c. | 7.5 |
| 2023-03-16 | CVE-2023-27784 | NULL Pointer Dereference vulnerability in Broadcom Tcpreplay 4.4.3 An issue found in TCPReplay v.4.4.3 allows a remote attacker to cause a denial of service via the read_hexstring function at the utils.c:309 endpoint. | 7.5 |
| 2023-03-16 | CVE-2023-27785 | NULL Pointer Dereference vulnerability in Broadcom Tcpreplay 4.4.3 An issue found in TCPreplay TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the parse endpoints function. | 7.5 |