Vulnerabilities > Broadcom > High

DATE CVE VULNERABILITY TITLE RISK
2019-10-17 CVE-2019-13657 Use of Hard-coded Credentials vulnerability in Broadcom CA Performance Management and Network Operations
CA Performance Management 3.5.x, 3.6.x before 3.6.9, and 3.7.x before 3.7.4 have a default credential vulnerability that can allow a remote attacker to execute arbitrary commands and compromise system security.
network
low complexity
broadcom CWE-798
8.8
8.8
2019-06-07 CVE-2018-19860 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
Broadcom firmware before summer 2014 on Nexus 5 BCM4335C0 2012-12-11, Raspberry Pi 3 BCM43438A1 2014-06-02, and unspecifed other devices does not properly restrict LMP commnds and executes certain memory contents upon receiving an LMP command, as demonstrated by executing an HCI command.
low complexity
broadcom cypress CWE-732
8.8
8.8
2019-02-17 CVE-2019-8381 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in Tcpreplay 4.3.1.
local
low complexity
broadcom fedoraproject CWE-119
7.8
7.8
2019-02-17 CVE-2019-8377 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in Tcpreplay 4.3.1.
local
low complexity
broadcom fedoraproject CWE-476
7.8
7.8
2019-02-17 CVE-2019-8376 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in Tcpreplay 4.3.1.
local
low complexity
broadcom fedoraproject CWE-476
7.8
7.8
2019-01-22 CVE-2018-19634 CA Service Desk Manager 14.1 and 17 contain a vulnerability that can allow a malicious actor to access survey information.
network
low complexity
ca broadcom
7.5
7.5
2018-12-28 CVE-2018-20553 Out-of-bounds Read vulnerability in Broadcom Tcpreplay
Tcpreplay before 4.3.1 has a heap-based buffer over-read in get_l2len in common/get.c.
local
low complexity
broadcom CWE-125
7.8
7.8
2018-12-28 CVE-2018-20552 Out-of-bounds Read vulnerability in Broadcom Tcpreplay
Tcpreplay before 4.3.1 has a heap-based buffer over-read in packet2tree in tree.c.
local
low complexity
broadcom CWE-125
7.8
7.8
2018-12-03 CVE-2018-6439 Unspecified vulnerability in Broadcom Fabric Operating System
A Vulnerability in the configdownload command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access.
local
low complexity
broadcom
7.8
7.8
2018-11-08 CVE-2018-6438 Unspecified vulnerability in Broadcom Fabric Operating System
A Vulnerability in the supportsave command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access.
local
low complexity
broadcom
7.8
7.8