Vulnerabilities > Broadcom > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-08-15 | CVE-2023-4343 | Unspecified vulnerability in Broadcom Raid Controller web Interface 51.12.02779 Broadcom RAID Controller web interface is vulnerable due to exposure of sensitive password information in the URL as a URL search parameter | 7.5 |
2023-08-02 | CVE-2023-31926 | Improper Preservation of Permissions vulnerability in Broadcom Brocade Fabric Operating System System files could be overwritten using the less command in Brocade Fabric OS before Brocade Fabric OS v9.1.1c and v9.2.0. | 7.1 |
2023-08-02 | CVE-2023-31432 | Improper Privilege Management vulnerability in Broadcom Brocade Fabric Operating System Through manipulation of passwords or other variables, using commands such as portcfgupload, configupload, license, myid, a non-privileged user could obtain root privileges in Brocade Fabric OS versions before Brocade Fabric OS v9.1.1c and v9.2.0. | 7.8 |
2023-08-01 | CVE-2023-31427 | Path Traversal vulnerability in Broadcom Fabric Operating System Brocade Fabric OS versions before Brocade Fabric OS v9.1.1c, and v9.2.0 Could allow an authenticated, local user with knowledge of full path names inside Brocade Fabric OS to execute any command regardless of assigned privilege. | 7.8 |
2023-08-01 | CVE-2023-31425 | OS Command Injection vulnerability in Broadcom Fabric Operating System 9.1.0 A vulnerability in the fosexec command of Brocade Fabric OS after Brocade Fabric OS v9.1.0 and, before Brocade Fabric OS v9.1.1 could allow a local authenticated user to perform privilege escalation to root by breaking the rbash shell. | 7.8 |
2023-06-01 | CVE-2023-23953 | Unspecified vulnerability in Broadcom Advanced Secure Gateway and Content Analysis Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to an Elevation of Privilege vulnerability. | 7.8 |
2023-06-01 | CVE-2023-23955 | Server-Side Request Forgery (SSRF) vulnerability in Broadcom Advanced Secure Gateway and Content Analysis Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to a Server-Side Request Forgery vulnerability. | 8.1 |
2023-03-30 | CVE-2023-27534 | Path Traversal vulnerability in multiple products A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home directory. | 8.8 |
2023-03-16 | CVE-2023-27783 | Reachable Assertion vulnerability in Broadcom Tcpreplay 4.4.3 An issue found in TCPreplay tcprewrite v.4.4.3 allows a remote attacker to cause a denial of service via the tcpedit_dlt_cleanup function at plugins/dlt_plugins.c. | 7.5 |
2023-03-16 | CVE-2023-27784 | NULL Pointer Dereference vulnerability in Broadcom Tcpreplay 4.4.3 An issue found in TCPReplay v.4.4.3 allows a remote attacker to cause a denial of service via the read_hexstring function at the utils.c:309 endpoint. | 7.5 |