Vulnerabilities > Broadcom > High

DATE CVE VULNERABILITY TITLE RISK
2018-07-03 CVE-2018-13112 Out-of-bounds Read vulnerability in Broadcom Tcpreplay 4.3.0
get_l2len in common/get.c in Tcpreplay 4.3.0 beta1 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packets, as demonstrated by tcpprep.
network
low complexity
broadcom CWE-125
7.5
2018-06-18 CVE-2018-9028 Inadequate Encryption Strength vulnerability in Broadcom Privileged Access Manager
Weak cryptography used for passwords in CA Privileged Access Manager 2.x reduces the complexity for password cracking.
network
low complexity
broadcom CWE-326
7.5
2018-06-18 CVE-2018-9026 Session Fixation vulnerability in Broadcom Privileged Access Manager
A session fixation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to hijack user sessions with a specially crafted request.
network
low complexity
broadcom CWE-384
7.5
2018-06-18 CVE-2018-9025 Improper Input Validation vulnerability in Broadcom Privileged Access Manager
An input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to poison log files with specially crafted input.
network
low complexity
broadcom CWE-20
7.5
2018-06-18 CVE-2018-9023 Improper Input Validation vulnerability in Broadcom Privileged Access Manager
An input validation vulnerability in CA Privileged Access Manager 2.x allows unprivileged users to execute arbitrary commands by passing specially crafted arguments to the update_crld script.
network
low complexity
broadcom CWE-20
8.8
2018-04-11 CVE-2017-13677 Unspecified vulnerability in Broadcom Advanced Secure Gateway and Symantec Proxysg
Denial-of-service (DoS) vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles.
network
low complexity
broadcom
7.5
2017-10-04 CVE-2017-11122 Information Exposure vulnerability in multiple products
On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56, an attacker can trigger an information leak due to insufficient length validation, related to ICMPv6 router advertisement offloading.
network
low complexity
broadcom apple CWE-200
7.5
2017-09-12 CVE-2017-14266 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Broadcom Tcpreplay 3.4.4
tcprewrite in Tcpreplay 3.4.4 has a Heap-Based Buffer Overflow vulnerability triggered by a crafted PCAP file, a related issue to CVE-2016-6160.
local
low complexity
broadcom CWE-119
7.8
2017-05-11 CVE-2016-9100 Credentials Management vulnerability in Broadcom Advanced Secure Gateway and Symantec Proxysg
Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.13, ASG 6.7 prior to 6.7.3.1, ProxySG 6.5 prior to 6.5.10.6, ProxySG 6.6 prior to 6.6.5.13, and ProxySG 6.7 prior to 6.7.3.1 are susceptible to an information disclosure vulnerability.
local
low complexity
broadcom CWE-255
7.8
2017-05-11 CVE-2016-9097 Permissions, Privileges, and Access Controls vulnerability in Broadcom Advanced Secure Gateway and Symantec Proxysg
The Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.8, ProxySG 6.5 prior 6.5.10.6, ProxySG 6.6 prior to 6.6.5.8, and ProxySG 6.7 prior to 6.7.1.2 management consoles do not, under certain circumstances, correctly authorize administrator users.
network
low complexity
broadcom CWE-264
7.2