High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-10-19	CVE-2020-24265	Out-of-bounds Write vulnerability in multiple products An issue was discovered in tcpreplay tcpprep v4.3.3. network low complexity broadcom fedoraproject CWE-787	7.5
2020-09-25	CVE-2019-16212	Unspecified vulnerability in Broadcom Brocade Sannav 1.1.0/1.1.1/2.0 A vulnerability in Brocade SANnav versions before v2.1.0 could allow a remote authenticated attacker to conduct an LDAP injection. network low complexity broadcom	8.8
2020-09-25	CVE-2018-6448	Unspecified vulnerability in Broadcom Fabric Operating System A vulnerability in the management interface in Brocade Fabric OS Versions before Brocade Fabric OS v9.0.0 could allow a remote attacker to perform a denial of service attack on the vulnerable host. network low complexity broadcom	7.5
2020-09-25	CVE-2020-15369	Weak Password Requirements vulnerability in Broadcom Fabric Operating System Supportlink CLI in Brocade Fabric OS Versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c does not obfuscate the password field, which could expose users’ credentials of the remote server. network low complexity broadcom CWE-521	8.8
2020-07-24	CVE-2020-15778	OS Command Injection vulnerability in multiple products scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. local low complexity openbsd netapp broadcom CWE-78	7.8
2020-06-08	CVE-2020-12695	Incorrect Default Permissions vulnerability in multiple products The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. network high complexity ui w1-fi asus broadcom canon cisco dlink dell epson hp huawei nec netgear ruckussecurity tp-link zte zyxel microsoft fedoraproject debian canonical CWE-276	7.5
2020-04-28	CVE-2020-12243	Uncontrolled Recursion vulnerability in multiple products In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash). network low complexity openldap debian opensuse canonical netapp broadcom apple oracle CWE-674	7.5
2020-04-21	CVE-2020-1967	NULL Pointer Dereference vulnerability in multiple products Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. network low complexity openssl debian freebsd fedoraproject oracle netapp broadcom opensuse jdedwards tenable CWE-476	7.5
2020-04-15	CVE-2020-11666	Unspecified vulnerability in Broadcom CA API Developer Portal CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows malicious users to elevate privileges. network low complexity broadcom	8.8
2020-04-15	CVE-2020-11662	Unspecified vulnerability in Broadcom CA API Developer Portal CA API Developer Portal 4.3.1 and earlier handles requests insecurely, which allows remote attackers to exploit a Cross-Origin Resource Sharing flaw and access sensitive information. network low complexity broadcom	7.5