Vulnerabilities > Broadcom > High

DATE CVE VULNERABILITY TITLE RISK
2022-06-27 CVE-2022-28168 Insecure Storage of Sensitive Information vulnerability in Broadcom Sannav 2.1.0/2.1.1/2.2.0.0
In Brocade SANnav before Brocade SANnav v2.2.0.2 and Brocade SANnav2.1.1.8, encoded scp-server passwords are stored using Base64 encoding, which could allow an attacker able to access log files to easily decode the passwords.
network
low complexity
broadcom CWE-922
7.5
2022-06-16 CVE-2022-33739 XML Injection (aka Blind XPath Injection) vulnerability in Broadcom CA Clarity 15.9.0
CA Clarity 15.8 and below and 15.9.0 contain an insecure XML parsing vulnerability that could allow a remote attacker to potentially view the contents of any file on the system.
network
low complexity
broadcom CWE-91
7.5
2022-06-16 CVE-2022-33751 Unspecified vulnerability in Broadcom CA Automic Automation 12.2/12.3
CA Automic Automation 12.2 and 12.3 contain an insecure memory handling vulnerability in the Automic agent that could allow a remote attacker to potentially access sensitive data.
network
low complexity
broadcom
7.5
2022-06-16 CVE-2022-33753 Unspecified vulnerability in Broadcom CA Automic Automation 12.2/12.3
CA Automic Automation 12.2 and 12.3 contain an insecure file creation and handling vulnerability in the Automic agent that could allow a user to potentially elevate privileges.
network
low complexity
broadcom
8.8
2022-06-16 CVE-2022-33756 Insufficient Entropy vulnerability in Broadcom CA Automic Automation 12.2/12.3
CA Automic Automation 12.2 and 12.3 contain an entropy weakness vulnerability in the Automic AutomationEngine that could allow a remote attacker to potentially access sensitive data.
network
low complexity
broadcom CWE-331
7.5
2022-05-06 CVE-2022-28165 Unspecified vulnerability in Broadcom Sannav 2.1.0/2.1.1/2.1.1.8
A vulnerability in the role-based access control (RBAC) functionality of the Brocade SANNav before 2.2.0 could allow an authenticated, remote attacker to access resources that they should not be able to access and perform actions that they should not be able to perform.
network
low complexity
broadcom
8.8
2022-05-04 CVE-2022-28487 Memory Leak vulnerability in multiple products
Tcpreplay version 4.4.1 contains a memory leakage flaw in fix_ipv6_checksums() function.
network
low complexity
broadcom fedoraproject CWE-401
7.5
2022-04-12 CVE-2022-27416 Double Free vulnerability in Broadcom Tcpreplay 4.4.1
Tcpreplay v4.4.1 was discovered to contain a double-free via __interceptor_free.
local
low complexity
broadcom CWE-415
7.8
2022-04-12 CVE-2022-27418 Out-of-bounds Write vulnerability in Broadcom Tcpreplay 4.4.1
Tcpreplay v4.4.1 has a heap-based buffer overflow in do_checksum_math at /tcpedit/checksum.c.
local
low complexity
broadcom CWE-787
7.8
2022-03-26 CVE-2022-27940 Out-of-bounds Read vulnerability in multiple products
tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_ipv6_next in common/get.c.
local
low complexity
broadcom fedoraproject CWE-125
7.8