Vulnerabilities > Broadcom > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-12 | CVE-2021-27793 | Incorrect Authorization vulnerability in Broadcom Fabric Operating System ntermittent authorization failure in aaa tacacs+ with Brocade Fabric OS versions before Brocade Fabric OS v9.0.1b and after 9.0.0, also in Brocade Fabric OS before Brocade Fabric OS v8.2.3a and after v8.2.0 could cause a user with a valid account to be unable to log into the switch. | 5.3 |
| 2021-07-14 | CVE-2021-34174 | Unspecified vulnerability in Broadcom Bcm4352 Firmware and Bcm43684 Firmware A vulnerability exists in Broadcom BCM4352 and BCM43684 chips. low complexity broadcom | 4.6 |
| 2021-06-09 | CVE-2020-15378 | Unspecified vulnerability in Broadcom Sannav 2.1.0 The OVA version of Brocade SANnav before version 2.1.1 installation with IPv6 networking exposes the docker container ports to the network, increasing the potential attack surface. | 5.3 |
| 2021-06-09 | CVE-2020-15384 | Cleartext Storage of Sensitive Information vulnerability in Broadcom Sannav 2.1.0 Brocade SANNav before version 2.1.1 contains an information disclosure vulnerability. | 5.3 |
| 2021-06-09 | CVE-2020-15385 | Unspecified vulnerability in Broadcom Sannav 2.1.0 Brocade SANnav before version 2.1.1 allows an authenticated attacker to list directories, and list files without permission. | 5.4 |
| 2021-06-09 | CVE-2020-15386 | Unspecified vulnerability in Broadcom Fabric Operating System Brocade Fabric OS prior to v9.0.1a and 8.2.3a and after v9.0.0 and 8.2.2d may observe high CPU load during security scanning, which could lead to a slower response to CLI commands and other operations. | 5.3 |
| 2021-06-09 | CVE-2021-26313 | Information Exposure Through Discrepancy vulnerability in multiple products Potential speculative code store bypass in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution of overwritten instructions, may cause an incorrect speculation and could result in data leakage. | 5.5 |
| 2021-06-09 | CVE-2021-26314 | Information Exposure Through Discrepancy vulnerability in multiple products Potential floating point value injection in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution with incorrect floating point results, may cause the use of incorrect data from FPVI and may result in data leakage. | 5.5 |
| 2021-04-29 | CVE-2021-31879 | Open Redirect vulnerability in multiple products GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007. | 6.1 |
| 2021-04-01 | CVE-2021-22876 | Information Exposure vulnerability in multiple products curl 7.1.1 to and including 7.75.0 is vulnerable to an "Exposure of Private Personal Information to an Unauthorized Actor" by leaking credentials in the HTTP Referer: header. | 5.3 |