Vulnerabilities > Broadcom > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-15 | CVE-2024-38493 | Cross-site Scripting vulnerability in Broadcom Symantec Privileged Access Management 4.1.0.0/4.1.0.10 A reflected cross-site scripting (XSS) vulnerability exists in the PAM UI web interface. | 6.1 |
| 2024-06-26 | CVE-2024-29954 | Information Exposure Through Log Files vulnerability in Broadcom Fabric Operating System A vulnerability in a password management API in Brocade Fabric OS versions before v9.2.1, v9.2.0b, v9.1.1d, and v8.2.3e prints sensitive information in log files. | 5.5 |
| 2023-12-21 | CVE-2023-4256 | Double Free vulnerability in multiple products Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. | 5.5 |
| 2023-11-09 | CVE-2023-37790 | Cross-site Scripting vulnerability in Broadcom Clarity 14.3.0.298 Jaspersoft Clarity PPM version 14.3.0.298 was discovered to contain an arbitrary file upload vulnerability via the Profile Picture Upload function. | 5.4 |
| 2023-08-31 | CVE-2023-31423 | Cleartext Storage of Sensitive Information vulnerability in Broadcom Brocade Sannav Possible information exposure through log file vulnerability where sensitive fields are recorded in the configuration log without masking on Brocade SANnav before v2.3.0 and 2.2.2a. | 5.5 |
| 2023-08-31 | CVE-2023-31925 | Cleartext Storage of Sensitive Information vulnerability in Broadcom Brocade Sannav Brocade SANnav before v2.3.0 and v2.2.2a stores SNMPv3 Authentication passwords in plaintext. | 6.5 |
| 2023-08-31 | CVE-2023-4163 | Classic Buffer Overflow vulnerability in Broadcom Fabric Operating System In Brocade Fabric OS before v9.2.0a, a local authenticated privileged user can trigger a buffer overflow condition, leading to a kernel panic with large input to buffers in the portcfgfportbuffers command. | 4.4 |
| 2023-08-15 | CVE-2023-4327 | Unspecified vulnerability in Broadcom Raid Controller web Interface 51.12.02779 Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux | 5.5 |
| 2023-08-15 | CVE-2023-4328 | Unspecified vulnerability in Broadcom Raid Controller web Interface 51.12.02779 Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Windows | 5.5 |
| 2023-08-15 | CVE-2023-4333 | Unspecified vulnerability in Broadcom Raid Controller web Interface 51.12.02779 Broadcom RAID Controller web interface doesn’t enforce SSL cipher ordering by server | 5.5 |