Vulnerabilities > Broadcom > High

DATE CVE VULNERABILITY TITLE RISK
2020-02-03 CVE-2019-9501 Out-of-bounds Write vulnerability in multiple products
The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow.
low complexity
synology broadcom CWE-787
8.3
2020-01-16 CVE-2019-9503 Improper Input Validation vulnerability in multiple products
The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass.
7.9
2020-01-16 CVE-2019-9500 Out-of-bounds Write vulnerability in multiple products
The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow.
high complexity
broadcom linux CWE-787
8.3
2020-01-08 CVE-2019-19544 Improper Privilege Management vulnerability in Broadcom CA Automic Dollar Universe 5.3.3
CA Automic Dollar Universe 5.3.3 contains a vulnerability, related to the uxdqmsrv binary being setuid root, that allows local attackers to elevate privileges.
local
low complexity
broadcom CWE-269
7.2
2020-01-08 CVE-2019-19518 Improper Authentication vulnerability in Broadcom CA Automic Sysload 5.6.0/6.1.2
CA Automic Sysload 5.6.0 through 6.1.2 contains a vulnerability, related to a lack of authentication on the File Server port, that potentially allows remote attackers to execute arbitrary commands.
network
low complexity
broadcom CWE-287
7.5
2019-12-09 CVE-2019-19230 Deserialization of Untrusted Data vulnerability in Broadcom Nolio 6.6
An unsafe deserialization vulnerability exists in CA Release Automation (Nolio) 6.6 with the DataManagement component that can allow a remote attacker to execute arbitrary code.
network
low complexity
broadcom CWE-502
7.5
2019-11-25 CVE-2019-18374 Improper Authentication vulnerability in Broadcom Symantec Critical System Protection 8.0.0
Symantec Critical System Protection (CSP), versions 8.0, 8.0 HF1 & 8.0 MP1, may be susceptible to an authentication bypass vulnerability, which is a type of issue that can potentially allow a threat actor to circumvent existing authentication controls.
network
low complexity
broadcom CWE-287
7.5
2019-11-18 CVE-2019-19069 Memory Leak vulnerability in multiple products
A memory leak in the fastrpc_dma_buf_attach() function in drivers/misc/fastrpc.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering dma_get_sgtable() failures, aka CID-fc739a058d99.
network
low complexity
linux canonical netapp broadcom CWE-401
7.8
2019-11-18 CVE-2019-19061 Memory Leak vulnerability in multiple products
A memory leak in the adis_update_scan_mode_burst() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-9c0530e898f3.
network
low complexity
linux canonical netapp broadcom CWE-401
7.5
2019-11-18 CVE-2019-19060 Memory Leak vulnerability in multiple products
A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-ab612b1daf41.
network
low complexity
linux netapp broadcom canonical opensuse CWE-401
7.5