Vulnerabilities > Broadcom > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-03-26 CVE-2022-27939 Reachable Assertion vulnerability in multiple products
tcprewrite in Tcpreplay 4.4.1 has a reachable assertion in get_layer4_v6 in common/get.c.
local
low complexity
broadcom fedoraproject CWE-617
5.5
2022-03-22 CVE-2022-25484 Reachable Assertion vulnerability in Broadcom Tcpreplay 4.4.1
tcpprep v4.4.1 has a reachable assertion (assert(l2len > 0)) in packet2tree() at tree.c in tcpprep v4.4.1.
network
broadcom CWE-617
4.3
2022-03-18 CVE-2020-15388 Unspecified vulnerability in Broadcom Fabric Operating System
A vulnerability in the Brocade Fabric OS before Brocade Fabric OS v9.0.1a, v8.2.3, v8.2.0_CBN4, and v7.4.2h could allow an authenticated CLI user to abuse the history command to write arbitrary content to files.
network
low complexity
broadcom
4.0
2022-03-18 CVE-2021-27789 Unspecified vulnerability in Broadcom Fabric Operating System
The Web application of Brocade Fabric OS before versions Brocade Fabric OS v9.0.1a and v8.2.3a contains debug statements that expose sensitive information to the program's standard output device.
network
low complexity
broadcom
4.0
2022-02-21 CVE-2021-27796 Unspecified vulnerability in Broadcom Fabric Operating System
A vulnerability in Brocade Fabric OS versions before Brocade Fabric OS v8.0.1b, v7.4.1d could allow an authenticated attacker within the restricted shell environment (rbash) as either the “user” or “factory” account, to read the contents of any file on the filesystem utilizing one of a few available binaries.
network
low complexity
broadcom
6.8
2022-02-18 CVE-2021-30650 Cross-site Scripting vulnerability in Broadcom Layer7 API Management Oauth Toolkit 4.4
A reflected cross-site scripting (XSS) vulnerability in the Symantec Layer7 API Management OAuth Toolkit (OTK) allows a remote attacker to craft a malicious URL for the OTK web UI and target OTK users with phishing attacks or other social engineering techniques.
network
broadcom CWE-79
4.3
2022-02-11 CVE-2021-45386 Reachable Assertion vulnerability in Broadcom Tcpreplay 4.3.4
tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv6() at tree.c
local
low complexity
broadcom CWE-617
5.5
2022-02-11 CVE-2021-45387 Reachable Assertion vulnerability in Broadcom Tcpreplay 4.3.4
tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv4() at tree.c.
local
low complexity
broadcom CWE-617
5.5
2022-02-04 CVE-2022-22689 Improper Neutralization of Formula Elements in a CSV File vulnerability in Broadcom CA Harvest Software Change Manager
CA Harvest Software Change Manager versions 13.0.3, 13.0.4, 14.0.0, and 14.0.1, contain a vulnerability in the CSV export functionality, due to insufficient input validation, that can allow a privileged user to potentially execute arbitrary code or commands.
network
low complexity
broadcom CWE-1236
6.5
2022-01-18 CVE-2022-23083 Cross-site Scripting vulnerability in Broadcom products
NetMaster 12.2 Network Management for TCP/IP and NetMaster File Transfer Management contain a XSS (Cross-Site Scripting) vulnerability in ReportCenter UI due to insufficient input validation that could potentially allow an attacker to execute code on the affected machine.
network
broadcom CWE-79
4.3