Vulnerabilities > Broadcom > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-06-16 | CVE-2022-33750 | Improper Authentication vulnerability in Broadcom CA Automic Automation 12.2/12.3 CA Automic Automation 12.2 and 12.3 contain an authentication error vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary commands. | 9.8 |
2022-06-16 | CVE-2022-33752 | Improper Input Validation vulnerability in Broadcom CA Automic Automation 12.2/12.3 CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary code. | 9.8 |
2022-06-16 | CVE-2022-33754 | Improper Input Validation vulnerability in Broadcom CA Automic Automation 12.2/12.3 CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary code. | 9.8 |
2022-05-06 | CVE-2022-28163 | SQL Injection vulnerability in Broadcom Sannav 2.1.0/2.1.1/2.1.1.8 In Brocade SANnav before Brocade SANnav 2.2.0, multiple endpoints associated with Zone management are susceptible to SQL injection, allowing an attacker to run arbitrary SQL commands. | 9.8 |
2022-02-21 | CVE-2021-27797 | Use of Hard-coded Credentials vulnerability in Broadcom Fabric Operating System Brocade Fabric OS before Brocade Fabric OS v8.2.1c, v8.1.2h, and all versions of Brocade Fabric OS v8.0.x and v7.x contain documented hard-coded credentials, which could allow attackers to gain access to the system. | 9.8 |
2022-02-14 | CVE-2022-23992 | Improper Input Validation vulnerability in Broadcom Xcom Data Transport 11.6 XCOM Data Transport for Windows, Linux, and UNIX 11.6 releases contain a vulnerability due to insufficient input validation that could potentially allow remote attackers to execute arbitrary commands with elevated privileges. | 9.8 |
2022-01-18 | CVE-2022-23305 | SQL Injection vulnerability in multiple products By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. | 9.8 |
2021-11-12 | CVE-2021-42774 | Classic Buffer Overflow vulnerability in Broadcom Emulex HBA Manager Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, have a buffer overflow vulnerability in the remote firmware download feature that could allow remote unauthenticated users to perform various attacks. | 9.8 |
2021-11-12 | CVE-2021-42775 | Unspecified vulnerability in Broadcom Emulex HBA Manager Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, have a vulnerability in the remote firmware download feature that could allow a user to place or replace an arbitrary file on the remote host. | 9.1 |
2021-11-03 | CVE-2021-42772 | Classic Buffer Overflow vulnerability in Broadcom Emulex HBA Manager and ONE Command Manager Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, have a buffer overflow vulnerability in the remote GetDumpFile command that could allow a user to attempt various attacks. | 9.8 |