High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-03-26	CVE-2022-27941	Out-of-bounds Read vulnerability in multiple products tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_l2len_protocol in common/get.c. local low complexity broadcom fedoraproject CWE-125	7.8
2022-03-26	CVE-2022-27942	Out-of-bounds Read vulnerability in multiple products tcpprep in Tcpreplay 4.4.1 has a heap-based buffer over-read in parse_mpls in common/get.c. local low complexity broadcom fedoraproject CWE-125	7.8
2022-03-23	CVE-2021-4197	Improper Authentication vulnerability in multiple products An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. local low complexity linux debian oracle broadcom netapp CWE-287	7.8
2022-02-04	CVE-2022-22689	Improper Neutralization of Formula Elements in a CSV File vulnerability in Broadcom CA Harvest Software Change Manager CA Harvest Software Change Manager versions 13.0.3, 13.0.4, 14.0.0, and 14.0.1, contain a vulnerability in the CSV export functionality, due to insufficient input validation, that can allow a privileged user to potentially execute arbitrary code or commands. network low complexity broadcom CWE-1236	8.8
2022-01-18	CVE-2022-23302	Deserialization of Untrusted Data vulnerability in multiple products JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to. network low complexity apache netapp broadcom qos oracle CWE-502	8.8
2021-11-12	CVE-2021-42773	Unspecified vulnerability in Broadcom Emulex HBA Manager Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, could allow a user to retrieve an arbitrary file from a remote host with the GetDumpFile command. network low complexity broadcom	7.5
2021-09-16	CVE-2021-34798	NULL Pointer Dereference vulnerability in multiple products Malformed requests may cause the server to dereference a NULL pointer. network low complexity apache fedoraproject debian netapp tenable oracle broadcom siemens CWE-476	7.5
2021-09-16	CVE-2021-36160	Out-of-bounds Read vulnerability in multiple products A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). network low complexity apache fedoraproject debian netapp oracle broadcom CWE-125	7.5
2021-08-12	CVE-2021-27790	Out-of-bounds Write vulnerability in Broadcom Fabric Operating System The command ipfilter in Brocade Fabric OS before Brocade Fabric OS v.9.0.1a, v8.2.3, and v8.2.0_CBN4, and v7.4.2h uses unsafe string function to process user input. local low complexity broadcom CWE-787	7.8
2021-08-12	CVE-2021-27792	Unspecified vulnerability in Broadcom Fabric Operating System The request handling functions in web management interface of Brocade Fabric OS versions before v9.0.1a, v8.2.3a, and v7.4.2h do not properly handle malformed user input, resulting in a service crash. local low complexity broadcom	7.8