Vulnerabilities > Broadcom > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-30 | CVE-2018-18371 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Broadcom Advanced Secure Gateway and Symantec Proxysg The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses an FTP server via a ftp:// URL in a web browser. | 6.5 |
| 2019-08-30 | CVE-2018-18370 | Cross-site Scripting vulnerability in Broadcom Advanced Secure Gateway and Symantec Proxysg The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses an FTP server via a ftp:// URL in a web browser. | 6.1 |
| 2019-02-06 | CVE-2019-6504 | Cross-site Scripting vulnerability in Broadcom Automic Workload Automation 12.0/12.1/12.2 Insufficient output sanitization in the Automic Web Interface (AWI), in CA Automic Workload Automation 12.0 to 12.2, allow attackers to potentially conduct persistent cross site scripting (XSS) attacks via a crafted object. | 6.1 |
| 2018-11-08 | CVE-2018-6433 | Improper Input Validation vulnerability in Broadcom Fabric Operating System A vulnerability in the secryptocfg export command of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to bypass the export file access restrictions and initiate a file copy from the source to a remote system. | 5.5 |
| 2018-10-17 | CVE-2018-14597 | Information Exposure vulnerability in Broadcom products CA Technologies Identity Governance 12.6, 14.0, 14.1, and 14.2 and CA Identity Suite Virtual Appliance 14.0, 14.1, and 14.2 provide telling error messages that may allow remote attackers to enumerate account names. | 5.3 |
| 2018-10-17 | CVE-2018-18407 | Out-of-bounds Read vulnerability in multiple products A heap-based buffer over-read was discovered in the tcpreplay-edit binary of Tcpreplay 4.3.0 beta1, during the incremental checksum operation. | 5.5 |
| 2018-10-03 | CVE-2018-17974 | Out-of-bounds Read vulnerability in Broadcom Tcpreplay 4.3.0 An issue was discovered in Tcpreplay 4.3.0 beta1. | 5.5 |
| 2018-08-30 | CVE-2018-13825 | Cross-site Scripting vulnerability in multiple products Insufficient input validation in the gridExcelExport functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to execute reflected cross-site scripting attacks. | 6.1 |
| 2018-08-03 | CVE-2018-6590 | Cross-site Scripting vulnerability in Broadcom CA API Developer Portal CA API Developer Portal 4.x, prior to v4.2.5.3 and v4.2.7.1, has an unspecified reflected cross-site scripting vulnerability. | 6.1 |
| 2018-06-18 | CVE-2018-9024 | Improper Authentication vulnerability in Broadcom Privileged Access Manager An improper authentication vulnerability in CA Privileged Access Manager 2.x allows attackers to spoof IP addresses in a log file. | 5.3 |