Vulnerabilities > Broadcom > High

DATE CVE VULNERABILITY TITLE RISK
2019-11-18 CVE-2019-19060 Memory Leak vulnerability in multiple products
A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-ab612b1daf41.
network
low complexity
linux netapp broadcom canonical opensuse CWE-401
7.5
2019-11-18 CVE-2019-19053 Memory Leak vulnerability in multiple products
A memory leak in the rpmsg_eptdev_write_iter() function in drivers/rpmsg/rpmsg_char.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy_from_iter_full() failures, aka CID-bbe692e349e2.
network
low complexity
linux canonical netapp broadcom CWE-401
7.5
2019-11-18 CVE-2019-19052 Memory Leak vulnerability in multiple products
A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-fb5be6a7b486.
7.5
2019-11-18 CVE-2019-19050 Memory Leak vulnerability in multiple products
A memory leak in the crypto_reportstat() function in crypto/crypto_user_stat.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_reportstat_alg() failures, aka CID-c03b04dcdba1.
7.5
2019-11-18 CVE-2019-19044 Memory Leak vulnerability in multiple products
Two memory leaks in the v3d_submit_cl_ioctl() function in drivers/gpu/drm/v3d/v3d_gem.c in the Linux kernel before 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering kcalloc() or v3d_job_init() failures, aka CID-29cd13cfd762.
network
low complexity
linux netapp broadcom canonical CWE-401
7.5
2019-11-08 CVE-2019-16209 Improper Certificate Validation vulnerability in Broadcom Brocade Sannav 1.1.0/1.1.1
A vulnerability, in The ReportsTrustManager class of Brocade SANnav versions before v2.0, could allow an attacker to perform a man-in-the-middle attack against Secure Sockets Layer(SSL)connections.
network
high complexity
broadcom CWE-295
7.4
2019-11-08 CVE-2019-16208 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Broadcom Brocade Sannav 1.1.0/1.1.1
Password-based encryption (PBE) algorithm, of Brocade SANnav versions before v2.0, has a weakness in generating cryptographic keys that may allow an attacker to decrypt passwords used with several services (Radius, TACAS, etc.).
network
low complexity
broadcom CWE-327
7.5
2019-11-08 CVE-2019-16207 Use of Hard-coded Credentials vulnerability in Broadcom Brocade Sannav 1.1.0/1.1.1
Brocade SANnav versions before v2.0 use a hard-coded password, which could allow local authenticated attackers to access a back-end database and gain privileges.
local
low complexity
broadcom CWE-798
7.8
2019-11-08 CVE-2019-16205 Use of Insufficiently Random Values vulnerability in Broadcom Brocade Sannav 1.1.0/1.1.1
A vulnerability, in Brocade SANnav versions before v2.0, could allow remote attackers to brute-force a valid session ID.
network
low complexity
broadcom CWE-330
8.8
2019-11-04 CVE-2019-18683 Use After Free vulnerability in multiple products
An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8.
7.0