Vulnerabilities > Broadcom > Critical

DATE CVE VULNERABILITY TITLE RISK
2020-09-25 CVE-2020-15371 Code Injection vulnerability in Broadcom Fabric Operating System
Brocade Fabric OS versions before Brocade Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, contains code injection and privilege escalation vulnerability.
network
low complexity
broadcom CWE-94
critical
 9.8
9.8
2020-06-29 CVE-2018-6446 Use of Hard-coded Credentials vulnerability in Broadcom Brocade Network Advisor
A vulnerability in Brocade Network Advisor Version Before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocumented user credentials and install additional JEE applications.
network
low complexity
broadcom CWE-798
critical
 9.8
9.8
2020-05-08 CVE-2020-12740 Out-of-bounds Read vulnerability in multiple products
tcprewrite in Tcpreplay through 4.3.2 has a heap-based buffer over-read during a get_c operation.
network
low complexity
broadcom fedoraproject CWE-125
critical
 9.1
9.1
2020-04-15 CVE-2020-11658 Authorization Bypass Through User-Controlled Key vulnerability in Broadcom CA API Developer Portal
CA API Developer Portal 4.3.1 and earlier handles shared secret keys in an insecure manner, which allows attackers to bypass authorization.
network
low complexity
broadcom CWE-639
critical
 9.8
9.8
2020-02-18 CVE-2020-8012 Classic Buffer Overflow vulnerability in Broadcom Unified Infrastructure Management
CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains a buffer overflow vulnerability in the robot (controller) component.
network
low complexity
broadcom CWE-120
critical
 9.8
9.8
2020-02-18 CVE-2020-8010 Unspecified vulnerability in Broadcom Unified Infrastructure Management
CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains an improper ACL handling vulnerability in the robot (controller) component.
network
low complexity
broadcom
critical
 9.8
9.8
2020-01-08 CVE-2019-19518 Improper Authentication vulnerability in Broadcom CA Automic Sysload 5.6.0/6.1.2
CA Automic Sysload 5.6.0 through 6.1.2 contains a vulnerability, related to a lack of authentication on the File Server port, that potentially allows remote attackers to execute arbitrary commands.
network
low complexity
broadcom CWE-287
critical
 9.8
9.8
2019-12-09 CVE-2019-19230 Deserialization of Untrusted Data vulnerability in Broadcom Nolio 6.6
An unsafe deserialization vulnerability exists in CA Release Automation (Nolio) 6.6 with the DataManagement component that can allow a remote attacker to execute arbitrary code.
network
low complexity
broadcom CWE-502
critical
 9.8
9.8
2019-11-25 CVE-2019-18374 Improper Authentication vulnerability in Broadcom Symantec Critical System Protection 8.0.0
Symantec Critical System Protection (CSP), versions 8.0, 8.0 HF1 & 8.0 MP1, may be susceptible to an authentication bypass vulnerability, which is a type of issue that can potentially allow a threat actor to circumvent existing authentication controls.
network
low complexity
broadcom CWE-287
critical
 9.8
9.8
2019-11-07 CVE-2019-18805 Integer Overflow or Wraparound vulnerability in multiple products
An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11.
network
low complexity
linux opensuse redhat netapp broadcom CWE-190
critical
 9.8
9.8