Vulnerabilities > Broadcom > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-26 | CVE-2022-27939 | Reachable Assertion vulnerability in multiple products tcprewrite in Tcpreplay 4.4.1 has a reachable assertion in get_layer4_v6 in common/get.c. | 5.5 |
| 2022-03-22 | CVE-2022-25484 | Reachable Assertion vulnerability in Broadcom Tcpreplay 4.4.1 tcpprep v4.4.1 has a reachable assertion (assert(l2len > 0)) in packet2tree() at tree.c in tcpprep v4.4.1. | 4.3 |
| 2022-03-18 | CVE-2020-15388 | Unspecified vulnerability in Broadcom Fabric Operating System A vulnerability in the Brocade Fabric OS before Brocade Fabric OS v9.0.1a, v8.2.3, v8.2.0_CBN4, and v7.4.2h could allow an authenticated CLI user to abuse the history command to write arbitrary content to files. | 4.0 |
| 2022-03-18 | CVE-2021-27789 | Unspecified vulnerability in Broadcom Fabric Operating System The Web application of Brocade Fabric OS before versions Brocade Fabric OS v9.0.1a and v8.2.3a contains debug statements that expose sensitive information to the program's standard output device. | 4.0 |
| 2022-02-21 | CVE-2021-27796 | Unspecified vulnerability in Broadcom Fabric Operating System A vulnerability in Brocade Fabric OS versions before Brocade Fabric OS v8.0.1b, v7.4.1d could allow an authenticated attacker within the restricted shell environment (rbash) as either the “user” or “factory” account, to read the contents of any file on the filesystem utilizing one of a few available binaries. | 6.8 |
| 2022-02-18 | CVE-2021-30650 | Cross-site Scripting vulnerability in Broadcom Layer7 API Management Oauth Toolkit 4.4 A reflected cross-site scripting (XSS) vulnerability in the Symantec Layer7 API Management OAuth Toolkit (OTK) allows a remote attacker to craft a malicious URL for the OTK web UI and target OTK users with phishing attacks or other social engineering techniques. | 4.3 |
| 2022-02-11 | CVE-2021-45386 | Reachable Assertion vulnerability in Broadcom Tcpreplay 4.3.4 tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv6() at tree.c | 5.5 |
| 2022-02-11 | CVE-2021-45387 | Reachable Assertion vulnerability in Broadcom Tcpreplay 4.3.4 tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv4() at tree.c. | 5.5 |
| 2022-02-04 | CVE-2022-22689 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Broadcom CA Harvest Software Change Manager CA Harvest Software Change Manager versions 13.0.3, 13.0.4, 14.0.0, and 14.0.1, contain a vulnerability in the CSV export functionality, due to insufficient input validation, that can allow a privileged user to potentially execute arbitrary code or commands. | 6.5 |
| 2022-01-18 | CVE-2022-23083 | Cross-site Scripting vulnerability in Broadcom products NetMaster 12.2 Network Management for TCP/IP and NetMaster File Transfer Management contain a XSS (Cross-Site Scripting) vulnerability in ReportCenter UI due to insufficient input validation that could potentially allow an attacker to execute code on the affected machine. | 4.3 |