Vulnerabilities > Broadcom > Critical

DATE CVE VULNERABILITY TITLE RISK
2017-09-28 CVE-2017-11121 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, properly crafted malicious over-the-air Fast Transition frames can potentially trigger internal Wi-Fi firmware heap and/or stack overflows, leading to denial of service or other effects, aka B-V2017061205.
network
low complexity
broadcom apple CWE-119
critical
9.8
2017-09-28 CVE-2017-11120 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, an attacker can craft a malformed RRM neighbor report frame to trigger an internal buffer overflow in the Wi-Fi firmware, aka B-V2017061204.
network
low complexity
broadcom apple CWE-119
critical
9.8
2017-06-04 CVE-2017-9417 Unspecified vulnerability in Broadcom Bcm43Xx Wi-Fi Chipset Firmware
Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute arbitrary code via unspecified vectors, aka the "Broadpwn" issue.
network
low complexity
broadcom
critical
9.8
2017-01-14 CVE-2016-8204 Path Traversal vulnerability in Broadcom Brocade Network Advisor
A Directory Traversal vulnerability in FileReceiveServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to upload a malicious file in a section of the file system where it can be executed.
network
low complexity
broadcom CWE-22
critical
9.8
2016-03-24 CVE-2015-6854 Insufficient Verification of Data Authenticity vulnerability in Broadcom Single Sign-On
The non-Domino web agents in CA Single Sign-On (aka SSO, formerly SiteMinder) R6, R12.0 before SP3 CR13, R12.0J before SP3 CR1.2, and R12.5 before CR5 allow remote attackers to cause a denial of service (daemon crash) or obtain sensitive information via a crafted request.
network
low complexity
broadcom CWE-345
critical
9.1
2016-03-24 CVE-2015-6853 Insufficient Verification of Data Authenticity vulnerability in Broadcom Single Sign-On
The Domino web agent in CA Single Sign-On (aka SSO, formerly SiteMinder) R6, R12.0 before SP3 CR13, R12.0J before SP3 CR1.2, R12.5 before CR5, R12.51 before CR4, and R12.52 before SP1 CR3 allows remote attackers to cause a denial of service (daemon crash) or obtain sensitive information via a crafted request.
network
low complexity
broadcom CWE-345
critical
9.1