Vulnerabilities > Broadcom > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-18 | CVE-2021-27789 | Unspecified vulnerability in Broadcom Fabric Operating System The Web application of Brocade Fabric OS before versions Brocade Fabric OS v9.0.1a and v8.2.3a contains debug statements that expose sensitive information to the program's standard output device. | 6.5 |
| 2022-02-21 | CVE-2021-27796 | Unspecified vulnerability in Broadcom Fabric Operating System A vulnerability in Brocade Fabric OS versions before Brocade Fabric OS v8.0.1b, v7.4.1d could allow an authenticated attacker within the restricted shell environment (rbash) as either the “user” or “factory” account, to read the contents of any file on the filesystem utilizing one of a few available binaries. | 6.5 |
| 2022-02-18 | CVE-2021-30650 | Cross-site Scripting vulnerability in Broadcom Layer7 API Management Oauth Toolkit 4.4 A reflected cross-site scripting (XSS) vulnerability in the Symantec Layer7 API Management OAuth Toolkit (OTK) allows a remote attacker to craft a malicious URL for the OTK web UI and target OTK users with phishing attacks or other social engineering techniques. | 6.1 |
| 2022-02-11 | CVE-2021-45386 | Reachable Assertion vulnerability in Broadcom Tcpreplay 4.3.4 tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv6() at tree.c | 5.5 |
| 2022-02-11 | CVE-2021-45387 | Reachable Assertion vulnerability in Broadcom Tcpreplay 4.3.4 tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv4() at tree.c. | 5.5 |
| 2022-01-18 | CVE-2022-23083 | Cross-site Scripting vulnerability in Broadcom products NetMaster 12.2 Network Management for TCP/IP and NetMaster File Transfer Management contain a XSS (Cross-Site Scripting) vulnerability in ReportCenter UI due to insufficient input validation that could potentially allow an attacker to execute code on the affected machine. | 6.1 |
| 2021-12-02 | CVE-2021-44050 | SQL Injection vulnerability in Broadcom CA Network Flow Analysis CA Network Flow Analysis (NFA) 21.2.1 and earlier contain a SQL injection vulnerability in the NFA web application, due to insufficient input validation, that could potentially allow an authenticated user to access sensitive data. | 6.5 |
| 2021-09-22 | CVE-2020-23273 | Out-of-bounds Write vulnerability in Broadcom Tcpreplay 4.3.2 Heap-buffer overflow in the randomize_iparp function in edit_packet.c. | 5.5 |
| 2021-08-25 | CVE-2020-18976 | Classic Buffer Overflow vulnerability in Broadcom Tcpreplay 4.3.2 Buffer Overflow in Tcpreplay v4.3.2 allows attackers to cause a Denial of Service via the 'do_checksum' function in 'checksum.c'. | 5.5 |
| 2021-08-12 | CVE-2021-27791 | Out-of-bounds Read vulnerability in Broadcom Fabric Operating System The function that is used to parse the Authentication header in Brocade Fabric OS Web application service before Brocade Fabric OS v9.0.1a and v8.2.3a fails to properly process a malformed authentication header from the client, resulting in reading memory addresses outside the intended range. | 5.4 |