Vulnerabilities > Broadcom > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-09 | CVE-2021-26314 | Information Exposure Through Discrepancy vulnerability in multiple products Potential floating point value injection in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution with incorrect floating point results, may cause the use of incorrect data from FPVI and may result in data leakage. | 5.5 |
| 2021-04-29 | CVE-2021-31879 | Open Redirect vulnerability in multiple products GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007. | 5.8 |
| 2021-04-01 | CVE-2021-22876 | Information Exposure vulnerability in multiple products curl 7.1.1 to and including 7.75.0 is vulnerable to an "Exposure of Private Personal Information to an Unauthorized Actor" by leaking credentials in the HTTP Referer: header. | 5.3 |
| 2021-03-26 | CVE-2021-20197 | Link Following vulnerability in multiple products There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. | 6.3 |
| 2021-03-11 | CVE-2021-28153 | Link Following vulnerability in multiple products An issue was discovered in GNOME GLib before 2.66.8. | 5.3 |
| 2021-01-05 | CVE-2020-29478 | Unspecified vulnerability in Broadcom CA Service Catalog 17.2/17.3 CA Service Catalog 17.2 and 17.3 contain a vulnerability in the default configuration of the Setup Utility that may allow a remote attacker to cause a denial of service condition. | 5.0 |
| 2021-01-04 | CVE-2019-25013 | Out-of-bounds Read vulnerability in multiple products The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read. | 5.9 |
| 2021-01-04 | CVE-2020-35507 | NULL Pointer Dereference vulnerability in multiple products There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutils in versions prior to 2.34 which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. | 5.5 |
| 2021-01-04 | CVE-2020-35496 | NULL Pointer Dereference vulnerability in multiple products There's a flaw in bfd_pef_scan_start_address() of bfd/pef.c in binutils which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. | 5.5 |
| 2021-01-04 | CVE-2020-35495 | NULL Pointer Dereference vulnerability in multiple products There's a flaw in binutils /bfd/pef.c. | 5.5 |