Vulnerabilities > Broadcom > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-02-06 | CVE-2019-6504 | Cross-site Scripting vulnerability in Broadcom Automic Workload Automation 12.0/12.1/12.2 Insufficient output sanitization in the Automic Web Interface (AWI), in CA Automic Workload Automation 12.0 to 12.2, allow attackers to potentially conduct persistent cross site scripting (XSS) attacks via a crafted object. | 4.3 |
| 2019-01-22 | CVE-2018-19634 | CA Service Desk Manager 14.1 and 17 contain a vulnerability that can allow a malicious actor to access survey information. | 5.0 |
| 2018-12-28 | CVE-2018-20553 | Out-of-bounds Read vulnerability in Broadcom Tcpreplay Tcpreplay before 4.3.1 has a heap-based buffer over-read in get_l2len in common/get.c. | 6.8 |
| 2018-12-28 | CVE-2018-20552 | Out-of-bounds Read vulnerability in Broadcom Tcpreplay Tcpreplay before 4.3.1 has a heap-based buffer over-read in packet2tree in tree.c. | 6.8 |
| 2018-12-03 | CVE-2018-6440 | Unspecified vulnerability in Broadcom Fabric Operating System A vulnerability in the proxy service of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow remote unauthenticated attackers to obtain sensitive information and possibly cause a denial of service attack. | 6.4 |
| 2018-11-08 | CVE-2018-6442 | Unspecified vulnerability in Broadcom Fabric Operating System A vulnerability in the Brocade Webtools firmware update section of Brocade Fabric OS before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow remote authenticated attackers to execute arbitrary commands. | 6.5 |
| 2018-11-08 | CVE-2018-6434 | Session Fixation vulnerability in Broadcom Fabric Operating System A vulnerability in the web management interface of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow attackers to intercept or manipulate a user's session ID. | 5.0 |
| 2018-10-17 | CVE-2018-14597 | Information Exposure vulnerability in Broadcom products CA Technologies Identity Governance 12.6, 14.0, 14.1, and 14.2 and CA Identity Suite Virtual Appliance 14.0, 14.1, and 14.2 provide telling error messages that may allow remote attackers to enumerate account names. | 5.0 |
| 2018-10-17 | CVE-2018-18407 | Out-of-bounds Read vulnerability in multiple products A heap-based buffer over-read was discovered in the tcpreplay-edit binary of Tcpreplay 4.3.0 beta1, during the incremental checksum operation. | 5.5 |
| 2018-10-03 | CVE-2018-17974 | Out-of-bounds Read vulnerability in Broadcom Tcpreplay 4.3.0 An issue was discovered in Tcpreplay 4.3.0 beta1. | 4.3 |