Vulnerabilities > Broadcom > Critical

DATE CVE VULNERABILITY TITLE RISK
2020-02-18 CVE-2020-8012 Classic Buffer Overflow vulnerability in Broadcom Unified Infrastructure Management
CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains a buffer overflow vulnerability in the robot (controller) component.
network
low complexity
broadcom CWE-120
critical
9.8
2020-02-18 CVE-2020-8010 Unspecified vulnerability in Broadcom Unified Infrastructure Management
CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains an improper ACL handling vulnerability in the robot (controller) component.
network
low complexity
broadcom
critical
9.8
2020-01-08 CVE-2019-19518 Improper Authentication vulnerability in Broadcom CA Automic Sysload 5.6.0/6.1.2
CA Automic Sysload 5.6.0 through 6.1.2 contains a vulnerability, related to a lack of authentication on the File Server port, that potentially allows remote attackers to execute arbitrary commands.
network
low complexity
broadcom CWE-287
critical
9.8
2019-12-09 CVE-2019-19230 Deserialization of Untrusted Data vulnerability in Broadcom Nolio 6.6
An unsafe deserialization vulnerability exists in CA Release Automation (Nolio) 6.6 with the DataManagement component that can allow a remote attacker to execute arbitrary code.
network
low complexity
broadcom CWE-502
critical
9.8
2019-11-25 CVE-2019-18374 Improper Authentication vulnerability in Broadcom Symantec Critical System Protection 8.0.0
Symantec Critical System Protection (CSP), versions 8.0, 8.0 HF1 & 8.0 MP1, may be susceptible to an authentication bypass vulnerability, which is a type of issue that can potentially allow a threat actor to circumvent existing authentication controls.
network
low complexity
broadcom CWE-287
critical
9.8
2019-11-07 CVE-2019-18805 Integer Overflow or Wraparound vulnerability in multiple products
An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11.
network
low complexity
linux opensuse redhat netapp broadcom CWE-190
critical
9.8
2019-10-02 CVE-2019-13658 Use of Hard-coded Credentials vulnerability in Broadcom Network Flow Analysis
CA Network Flow Analysis 9.x and 10.0.x have a default credential vulnerability that can allow a remote attacker to execute arbitrary commands and compromise system security.
network
low complexity
broadcom CWE-798
critical
9.8
2019-09-06 CVE-2019-13656 Unspecified vulnerability in Broadcom CA Client Automation and CA Workload Automation AE
An access vulnerability in CA Common Services DIA of CA Technologies Client Automation 14 and Workload Automation AE 11.3.5, 11.3.6 allows a remote attacker to execute arbitrary code.
network
low complexity
broadcom
critical
9.8
2019-02-26 CVE-2019-7392 Improper Authentication vulnerability in Broadcom Privileged Access Manager
An improper authentication vulnerability in CA Privileged Access Manager 3.x Web-UI jk-manager and jk-status allows a remote attacker to gain sensitive information or alter configuration.
network
low complexity
broadcom CWE-287
critical
9.1
2019-01-22 CVE-2018-19635 CA Service Desk Manager 14.1 and 17 contain a vulnerability that can allow a malicious actor to escalate privileges in the user interface.
network
low complexity
ca broadcom
critical
9.8