Vulnerabilities > Broadcom > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-08-30 CVE-2018-18371 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Broadcom Advanced Secure Gateway and Symantec Proxysg
The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses an FTP server via a ftp:// URL in a web browser.
network
low complexity
broadcom CWE-327
6.5
2019-08-30 CVE-2018-18370 Cross-site Scripting vulnerability in Broadcom Advanced Secure Gateway and Symantec Proxysg
The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses an FTP server via a ftp:// URL in a web browser.
network
low complexity
broadcom CWE-79
6.1
2019-02-06 CVE-2019-6504 Cross-site Scripting vulnerability in Broadcom Automic Workload Automation 12.0/12.1/12.2
Insufficient output sanitization in the Automic Web Interface (AWI), in CA Automic Workload Automation 12.0 to 12.2, allow attackers to potentially conduct persistent cross site scripting (XSS) attacks via a crafted object.
network
low complexity
broadcom CWE-79
6.1
2018-11-08 CVE-2018-6433 Improper Input Validation vulnerability in Broadcom Fabric Operating System
A vulnerability in the secryptocfg export command of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to bypass the export file access restrictions and initiate a file copy from the source to a remote system.
local
low complexity
broadcom CWE-20
5.5
2018-10-17 CVE-2018-14597 Information Exposure vulnerability in Broadcom products
CA Technologies Identity Governance 12.6, 14.0, 14.1, and 14.2 and CA Identity Suite Virtual Appliance 14.0, 14.1, and 14.2 provide telling error messages that may allow remote attackers to enumerate account names.
network
low complexity
broadcom CWE-200
5.3
2018-10-17 CVE-2018-18407 Out-of-bounds Read vulnerability in multiple products
A heap-based buffer over-read was discovered in the tcpreplay-edit binary of Tcpreplay 4.3.0 beta1, during the incremental checksum operation.
local
low complexity
broadcom fedoraproject CWE-125
5.5
2018-10-03 CVE-2018-17974 Out-of-bounds Read vulnerability in Broadcom Tcpreplay 4.3.0
An issue was discovered in Tcpreplay 4.3.0 beta1.
local
low complexity
broadcom CWE-125
5.5
2018-08-30 CVE-2018-13825 Cross-site Scripting vulnerability in multiple products
Insufficient input validation in the gridExcelExport functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to execute reflected cross-site scripting attacks.
network
low complexity
ca broadcom CWE-79
6.1
2018-08-03 CVE-2018-6590 Cross-site Scripting vulnerability in Broadcom CA API Developer Portal
CA API Developer Portal 4.x, prior to v4.2.5.3 and v4.2.7.1, has an unspecified reflected cross-site scripting vulnerability.
network
low complexity
broadcom CWE-79
6.1
2018-06-18 CVE-2018-9024 Improper Authentication vulnerability in Broadcom Privileged Access Manager
An improper authentication vulnerability in CA Privileged Access Manager 2.x allows attackers to spoof IP addresses in a log file.
network
low complexity
broadcom CWE-287
5.3