Vulnerabilities > Broadcom > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-17 | CVE-2017-18268 | Information Exposure Through Discrepancy vulnerability in Broadcom Symantec Intelligencecenter 3.3 Symantec IntelligenceCenter 3.3 is vulnerable to the Return of the Bleichenbacher Oracle Threat (ROBOT) attack. | 5.9 |
| 2018-05-17 | CVE-2017-15533 | Information Exposure Through Discrepancy vulnerability in Broadcom SSL Visibility Appliance Symantec SSL Visibility (SSLV) 3.8.4FC, 3.10 prior to 3.10.4.1, 3.11, and 3.12 prior to 3.12.2.1 are vulnerable to the Return of the Bleichenbacher Oracle Threat (ROBOT) attack. | 5.9 |
| 2018-04-11 | CVE-2017-13678 | Cross-site Scripting vulnerability in Broadcom Advanced Secure Gateway and Symantec Proxysg Stored XSS vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles. | 4.8 |
| 2018-04-11 | CVE-2016-10258 | Unrestricted Upload of File with Dangerous Type vulnerability in Broadcom Advanced Secure Gateway and Symantec Proxysg Unrestricted file upload vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles. | 6.8 |
| 2018-02-08 | CVE-2017-6227 | A vulnerability in the IPv6 stack on Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) versions before 7.4.2b, 8.1.2 and 8.2.0 could allow an attacker to cause a denial of service (CPU consumption and device hang) condition by sending crafted Router Advertisement (RA) messages to a targeted system. | 6.5 |
| 2018-02-08 | CVE-2017-6225 | Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the web-based management interface of Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) versions before 7.4.2b, 8.1.2 and 8.2.0 could allow remote attackers to execute arbitrary code or access sensitive browser-based information. | 6.1 |
| 2018-01-10 | CVE-2016-10257 | Cross-site Scripting vulnerability in Broadcom Advanced Secure Gateway and Symantec Proxysg The Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 (prior to 6.7.2.1), ProxySG 6.5 (prior to 6.5.10.6), ProxySG 6.6, and ProxySG 6.7 (prior to 6.7.2.1) management console is susceptible to a reflected XSS vulnerability. | 6.1 |
| 2018-01-10 | CVE-2016-10256 | Cross-site Scripting vulnerability in Broadcom Symantec Proxysg The Symantec ProxySG 6.5 (prior to 6.5.10.6), 6.6, and 6.7 (prior to 6.7.2.1) management console is susceptible to a reflected XSS vulnerability. | 6.1 |
| 2017-05-11 | CVE-2016-9099 | Open Redirect vulnerability in Broadcom Advanced Secure Gateway and Symantec Proxysg Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 prior to 6.7.2.1, ProxySG 6.5 prior to 6.5.10.6, ProxySG 6.6, and ProxySG 6.7 prior to 6.7.2.1 are susceptible to an open redirection vulnerability. | 6.1 |
| 2017-04-14 | CVE-2016-5310 | Out-of-bounds Write vulnerability in multiple products The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for Windows/Mac; Symantec Endpoint Protection Small Business Edition 12.1; CSAPI before 10.0.4 HF02; Symantec Protection Engine (SPE) before 7.0.5 HF02, 7.5.x before 7.5.4 HF02, 7.5.5 before 7.5.5 HF01, and 7.8.x before 7.8.0 HF03; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF2.1, 8.1.x before 8.1.2 HF2.3, and 8.1.3 before 8.1.3 HF2.2; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 6.5.8_3968140 HF2.3, 7.x before 7.0_3966002 HF2.1, and 7.5.x before 7.5_3966008 VHF2.2; Symantec Protection for SharePoint Servers (SPSS) before SPSS_6.0.3_To_6.0.5_HF_2.5 update, 6.0.6 before 6.0.6 HF_2.6, and 6.0.7 before 6.0.7_HF_2.7; Symantec Messaging Gateway (SMG) before 10.6.2; Symantec Messaging Gateway for Service Providers (SMG-SP) before 10.5 patch 260 and 10.6 before patch 259; Symantec Web Gateway; and Symantec Web Security.Cloud allows remote attackers to cause a denial of service (memory corruption) via a crafted RAR file that is mishandled during decompression. | 5.5 |