Vulnerabilities > Broadcom > High

DATE CVE VULNERABILITY TITLE RISK
2023-03-16 CVE-2023-27785 NULL Pointer Dereference vulnerability in Broadcom Tcpreplay 4.4.3
An issue found in TCPreplay TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the parse endpoints function.
network
low complexity
broadcom CWE-476
7.5
2023-03-16 CVE-2023-27786 NULL Pointer Dereference vulnerability in Broadcom Tcpreplay 4.4.3
An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the macinstring function.
network
low complexity
broadcom CWE-476
7.5
2023-03-16 CVE-2023-27787 NULL Pointer Dereference vulnerability in Broadcom Tcpreplay 4.4.3
An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the parse_list function at the list.c:81 endpoint.
network
low complexity
broadcom CWE-476
7.5
2023-03-16 CVE-2023-27788 Reachable Assertion vulnerability in Broadcom Tcpreplay 4.4.3
An issue found in TCPrewrite v.4.4.3 allows a remote attacker to cause a denial of service via the ports2PORT function at the portmap.c:69 endpoint.
network
low complexity
broadcom CWE-617
7.5
2023-03-16 CVE-2023-27789 Reachable Assertion vulnerability in Broadcom Tcpreplay 4.4.3
An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the cidr2cidr function at the cidr.c:178 endpoint.
network
low complexity
broadcom CWE-617
7.5
2023-01-20 CVE-2022-25631 Unspecified vulnerability in Broadcom Symantec Endpoint Protection
Symantec Endpoint Protection, prior to 14.3 RU6 (14.3.9210.6000), may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated
local
low complexity
broadcom
7.8
2022-12-16 CVE-2022-25628 XXE vulnerability in Broadcom Symantec Identity Governance and Administration 14.3/14.4
An authenticated user can perform XML eXternal Entity injection in Management Console in Symantec Identity Manager 14.4
network
low complexity
broadcom CWE-611
8.8
2022-12-01 CVE-2022-37017 Unspecified vulnerability in Broadcom Symantec Endpoint Protection
Symantec Endpoint Protection (Windows) agent, prior to 14.3 RU6/14.3 RU5 Patch 1, may be susceptible to a Security Control Bypass vulnerability, which is a type of issue that can potentially allow a threat actor to circumvent existing security controls.
network
low complexity
broadcom
7.5
2022-10-25 CVE-2022-28169 Improper Privilege Management vulnerability in Broadcom Fabric Operating System
Brocade Webtools in Brocade Fabric OS versions before Brocade Fabric OS versions v9.1.1, v9.0.1e, and v8.2.3c could allow a low privilege webtools, user, to gain elevated admin rights, or privileges, beyond what is intended or entitled for that user.
network
low complexity
broadcom CWE-269
8.8
2022-10-25 CVE-2022-33178 Improper Input Validation vulnerability in Broadcom Fabric Operating System
A vulnerability in the radius authentication system of Brocade Fabric OS before Brocade Fabric OS 9.0 could allow a remote attacker to execute arbitrary code on the Brocade switch.
network
low complexity
broadcom CWE-20
7.2