Vulnerabilities > Broadcom > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-01-04 CVE-2020-35494 Use of Uninitialized Resource vulnerability in multiple products
There's a flaw in binutils /opcodes/tic4x-dis.c.
local
low complexity
gnu fedoraproject netapp broadcom CWE-908
6.1
2021-01-04 CVE-2020-35493 Improper Input Validation vulnerability in multiple products
A flaw exists in binutils in bfd/pef.c.
local
low complexity
gnu fedoraproject netapp broadcom CWE-20
5.5
2020-12-11 CVE-2020-15376 Unspecified vulnerability in Broadcom Fabric Operating System
Brocade Fabric OS versions before v9.0.0 and after version v8.1.0, configured in Virtual Fabric mode contain a weakness in the ldap implementation that could allow a remote ldap user to login in the Brocade Fibre Channel SAN switch with "user" privileges if it is not associated with any groups.
network
low complexity
broadcom
4.0
2020-12-11 CVE-2020-15375 Improper Input Validation vulnerability in Broadcom Fabric Operating System
Brocade Fabric OS versions before v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, v7.4.2g contain an improper input validation weakness in the command line interface when secccrypptocfg is invoked.
local
low complexity
broadcom CWE-20
4.6
2020-12-10 CVE-2020-12595 Unspecified vulnerability in Broadcom Symantec Messaging Gateway
An information disclosure flaw allows a malicious, authenticated, privileged web UI user to obtain a password for a remote SCP backup server that they might not otherwise be authorized to access.
network
low complexity
broadcom
4.0
2020-12-09 CVE-2020-29660 Improper Locking vulnerability in multiple products
A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13.
4.4
2020-11-23 CVE-2020-15436 Use After Free vulnerability in multiple products
Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field.
local
low complexity
linux broadcom netapp CWE-416
6.7
2020-11-23 CVE-2020-28421 Improper Privilege Management vulnerability in Broadcom Unified Infrastructure Management
CA Unified Infrastructure Management 20.1 and earlier contains a vulnerability in the robot (controller) component that allows local attackers to elevate privileges.
local
low complexity
broadcom CWE-269
4.6
2020-09-25 CVE-2018-6449 Cross-site Scripting vulnerability in Broadcom Fabric Operating System
Host Header Injection vulnerability in the http management interface in Brocade Fabric OS versions before v9.0.0 could allow a remote attacker to exploit this vulnerability by injecting arbitrary HTTP headers
network
broadcom CWE-79
4.3
2020-09-25 CVE-2018-6448 Unspecified vulnerability in Broadcom Fabric Operating System
A vulnerability in the management interface in Brocade Fabric OS Versions before Brocade Fabric OS v9.0.0 could allow a remote attacker to perform a denial of service attack on the vulnerable host.
network
low complexity
broadcom
5.0