Vulnerabilities > Broadcom > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-09 | CVE-2022-28162 | Cleartext Storage of Sensitive Information vulnerability in Broadcom Sannav 2.1.0/2.1.1 Brocade SANnav before version SANnav 2.2.0 logs the REST API Authentication token in plain text. | 2.1 |
| 2021-06-09 | CVE-2021-26313 | Information Exposure Through Discrepancy vulnerability in multiple products Potential speculative code store bypass in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution of overwritten instructions, may cause an incorrect speculation and could result in data leakage. | 2.1 |
| 2021-04-01 | CVE-2021-22890 | Authentication Bypass by Spoofing vulnerability in multiple products curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of TLS 1.3 session tickets. | 3.7 |
| 2020-09-25 | CVE-2020-15372 | Improper Control of Dynamically-Managed Code Resources vulnerability in Broadcom Fabric Operating System A vulnerability in the command-line interface in Brocade Fabric OS before Brocade Fabric OS v8.2.2a1, 8.2.2c, v7.4.2g, v8.2.0_CBN3, v8.2.1e, v8.1.2k, v9.0.0, could allow a local authenticated attacker to modify shell variables, which may lead to an escalation of privileges or bypassing the logging. | 2.1 |
| 2020-09-25 | CVE-2018-6447 | Cross-site Scripting vulnerability in Broadcom Fabric Operating System A Reflective XSS Vulnerability in HTTP Management Interface in Brocade Fabric OS versions before Brocade Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, v7.4.2g could allow authenticated attackers with access to the web interface to hijack a user’s session and take over the account. | 3.5 |
| 2020-02-06 | CVE-2020-8648 | Use After Free vulnerability in multiple products There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c. | 3.6 |
| 2020-02-05 | CVE-2019-15126 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products An issue was discovered on Broadcom Wi-Fi client devices. | 2.9 |
| 2019-11-18 | CVE-2019-19057 | Memory Leak vulnerability in multiple products Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-d10dcb615c8e. | 3.3 |
| 2019-11-08 | CVE-2019-16206 | Missing Encryption of Sensitive Data vulnerability in Broadcom Brocade Sannav 1.1.0/1.1.1 The authentication mechanism, in Brocade SANnav versions before v2.0, logs plaintext account credentials at the ‘trace’ and the 'debug' logging level; which could allow a local authenticated attacker to access sensitive information. | 2.1 |
| 2019-11-08 | CVE-2019-16210 | Information Exposure Through Log Files vulnerability in Broadcom Brocade Sannav 1.1.0/1.1.1 Brocade SANnav versions before v2.0, logs plain text database connection password while triggering support save. | 2.1 |