Vulnerabilities > Broadcom > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-03-26 CVE-2021-20197 Link Following vulnerability in multiple products
There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib.
local
high complexity
gnu redhat netapp broadcom CWE-59
6.3
2021-03-11 CVE-2021-28153 Link Following vulnerability in multiple products
An issue was discovered in GNOME GLib before 2.66.8.
network
low complexity
gnome debian fedoraproject broadcom CWE-59
5.3
2021-01-04 CVE-2019-25013 Out-of-bounds Read vulnerability in multiple products
The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.
network
high complexity
gnu fedoraproject netapp broadcom debian CWE-125
5.9
2021-01-04 CVE-2020-35507 NULL Pointer Dereference vulnerability in multiple products
There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutils in versions prior to 2.34 which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference.
local
low complexity
gnu redhat netapp broadcom CWE-476
5.5
2021-01-04 CVE-2020-35496 NULL Pointer Dereference vulnerability in multiple products
There's a flaw in bfd_pef_scan_start_address() of bfd/pef.c in binutils which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference.
local
low complexity
gnu fedoraproject netapp broadcom CWE-476
5.5
2021-01-04 CVE-2020-35495 NULL Pointer Dereference vulnerability in multiple products
There's a flaw in binutils /bfd/pef.c.
local
low complexity
gnu fedoraproject netapp broadcom CWE-476
5.5
2021-01-04 CVE-2020-35494 Use of Uninitialized Resource vulnerability in multiple products
There's a flaw in binutils /opcodes/tic4x-dis.c.
local
low complexity
gnu fedoraproject netapp broadcom CWE-908
6.1
2021-01-04 CVE-2020-35493 Improper Input Validation vulnerability in multiple products
A flaw exists in binutils in bfd/pef.c.
local
low complexity
gnu fedoraproject netapp broadcom CWE-20
5.5
2020-12-11 CVE-2020-15376 Unspecified vulnerability in Broadcom Fabric Operating System
Brocade Fabric OS versions before v9.0.0 and after version v8.1.0, configured in Virtual Fabric mode contain a weakness in the ldap implementation that could allow a remote ldap user to login in the Brocade Fibre Channel SAN switch with "user" privileges if it is not associated with any groups.
network
low complexity
broadcom
4.3
2020-12-11 CVE-2020-15375 Improper Input Validation vulnerability in Broadcom Fabric Operating System
Brocade Fabric OS versions before v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, v7.4.2g contain an improper input validation weakness in the command line interface when secccrypptocfg is invoked.
local
low complexity
broadcom CWE-20
6.7