Filtered by vendor Broadcom
Subscribe
Search
Total
417 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-6917 | 1 Broadcom | 1 Brightstor Arcserve Backup Server | 2021-04-07 | 10.0 HIGH | N/A |
| Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup R11.5 Server before SP2 allows remote attackers to execute arbitrary code in the Tape Engine (tapeeng.exe) via a crafted RPC request with (1) opnum 38, which is not properly handled in TAPEUTIL.dll 11.5.3884.0, or (2) opnum 37, which is not properly handled in TAPEENG.dll 11.5.3884.0. | |||||
| CVE-2007-5084 | 1 Broadcom | 1 Brightstor Hierarchical Storage Manager | 2021-04-07 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary SQL commands via CsAgent service commands with opcodes (1) 0x07, (2) 0x08, (3) 0x09, (4) 0x1E, (5) 0x32, (6) 0x36, (7) 0x40, and possibly others. | |||||
| CVE-2012-1662 | 2 Broadcom, Microsoft | 2 Arcserve Backup, Windows | 2021-04-07 | 5.0 MEDIUM | N/A |
| CA ARCserve Backup r12.0 through SP2, r12.5 before SP2, r15 through SP1, and r16 before SP1 on Windows allows remote attackers to cause a denial of service (service shutdown) via a crafted network request. | |||||
| CVE-2007-0816 | 1 Broadcom | 1 Brightstor Arcserve Backup | 2021-04-07 | 5.0 MEDIUM | N/A |
| The RPC Server service (catirpc.exe) in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 SP2 and earlier allows remote attackers to cause a denial of service (service crash) via a crafted TADDR2UADDR that triggers a null pointer dereference in catirpc.dll, possibly related to null credentials or verifier fields. | |||||
| CVE-2008-2242 | 2 Broadcom, Ca | 2 Brightstor Arcserve Backup, Brightstor Arcserve Backup | 2021-04-07 | 7.5 HIGH | N/A |
| Multiple buffer overflows in xdr functions in the server in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allow remote attackers to execute arbitrary code, as demonstrated by a stack-based buffer overflow via a long parameter to the xdr_rwsstring function. | |||||
| CVE-2007-1785 | 2 Broadcom, Ca | 2 Brightstor Arcserve Backup, Brightstor Arcserve Backup | 2021-04-07 | 7.1 HIGH | N/A |
| The RPC service in mediasvr.exe in CA BrightStor ARCserve Backup 11.5 SP2 build 4237 allows remote attackers to execute arbitrary code via crafted xdr_handle_t data in RPC packets, which is used in calculating an address for a function call, as demonstrated using the 191 (0xbf) RPC request. | |||||
| CVE-2007-4620 | 2 Broadcom, Ca | 4 Anti-virus For The Enterprise, Brightstor Arcserve Backup, Brightstor Arcserve Backup and 1 more | 2021-04-07 | 9.0 HIGH | N/A |
| Multiple stack-based buffer overflows in Computer Associates (CA) Alert Notification Service (Alert.exe) 8.1.586.0, 8.0.450.0, and 7.1.758.0, as used in multiple CA products including Anti-Virus for the Enterprise 7.1 through r11.1 and Threat Manager for the Enterprise 8.1 and r8, allow remote authenticated users to execute arbitrary code via crafted RPC requests. | |||||
| CVE-2005-0260 | 1 Broadcom | 1 Brightstor Arcserve Backup | 2021-04-07 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the Discovery Service for BrightStor ARCserve Backup 11.1 and earlier allows remote attackers to execute arbitrary code via a long packet to UDP port 41524, which is not properly handled in a recvfrom call. | |||||
| CVE-2006-5142 | 1 Broadcom | 1 Brightstor Arcserve Backup | 2021-04-07 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in CA BrightStor ARCserve Backup R11.5 client and server allows remote attackers to execute arbitrary code via long messages to the CheyenneDS Mailslot. | |||||
| CVE-2005-0349 | 1 Broadcom | 1 Brightstor Arcserve Backup | 2021-04-07 | 7.5 HIGH | N/A |
| The production release of the UniversalAgent for UNIX in BrightStor ARCserve Backup 11.1 contains hard-coded credentials, which allows remote attackers to access the file system and possibly execute arbitrary commands. | |||||
| CVE-2006-6076 | 2 Broadcom, Ca | 3 Brightstor Arcserve Backup, Brightstor Arcserve Backup, Brightstor Arcserve Backup Agent | 2021-04-07 | 10.0 HIGH | N/A |
| Buffer overflow in the Tape Engine (tapeeng.exe) in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier allows remote attackers to execute arbitrary code via certain RPC requests to TCP port 6502. | |||||
| CVE-2007-1447 | 1 Broadcom | 1 Brightstor Arcserve Backup | 2021-04-07 | 10.0 HIGH | N/A |
| The Tape Engine in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain RPC procedure arguments, which result in memory corruption, a different vulnerability than CVE-2006-6076. | |||||
| CVE-2008-1979 | 1 Broadcom | 1 Brightstor Arcserve Backup | 2021-04-07 | 5.0 MEDIUM | N/A |
| The Discovery Service (casdscvc) in CA ARCserve Backup 12.0.5454.0 and earlier allows remote attackers to cause a denial of service (crash) via a packet with a large integer value used in an increment to TCP port 41523, which triggers a buffer over-read. | |||||
| CVE-2008-5415 | 3 Broadcom, Ca, Microsoft | 3 Arcserve Backup, Arcserve Backup, Windows | 2021-04-07 | 10.0 HIGH | N/A |
| The LDBserver service in the server in CA ARCserve Backup 11.1 through 12.0 on Windows allows remote attackers to execute arbitrary code via a handle_t argument to an RPC endpoint in which the argument refers to an incompatible procedure. | |||||
| CVE-1999-1049 | 1 Broadcom | 1 Arcserve Backup | 2021-04-07 | 10.0 HIGH | N/A |
| ARCserve NT agents use weak encryption (XOR) for passwords, which allows remote attackers to sniff the authentication request to port 6050 and decrypt the password. | |||||
| CVE-2019-6504 | 1 Broadcom | 1 Automic Workload Automation | 2021-04-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| Insufficient output sanitization in the Automic Web Interface (AWI), in CA Automic Workload Automation 12.0 to 12.2, allow attackers to potentially conduct persistent cross site scripting (XSS) attacks via a crafted object. | |||||
| CVE-2001-1346 | 2 Broadcom, Ca | 2 Arcserve Backup, Arcserve Backup | 2021-04-07 | 1.2 LOW | N/A |
| Computer Associates ARCserveIT 6.61 and 6.63 (also called ARCservIT) allows local users to overwrite arbitrary files via a symlink attack on the temporary files (1) asagent.tmp or (2) inetd.tmp. | |||||
| CVE-2001-0960 | 2 Broadcom, Ca | 3 Arcserve Backup, Arcserve Backup 2000, Arcserve Backup 2000 | 2021-04-07 | 10.0 HIGH | N/A |
| Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 stores the backup agent user name and password in cleartext in the aremote.dmp file in the ARCSERVE$ hidden share, which allows local and remote attackers to gain privileges. | |||||
| CVE-2001-0959 | 2 Broadcom, Ca | 3 Arcserve Backup, Arcserve Backup 2000, Arcserve Backup 2000 | 2021-04-07 | 6.4 MEDIUM | N/A |
| Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 creates a hidden share named ARCSERVE$, which allows remote attackers to obtain sensitive information and overwrite critical files. | |||||
| CVE-2007-1448 | 1 Broadcom | 1 Brightstor Arcserve Backup | 2021-04-07 | 2.1 LOW | N/A |
| The Tape Engine in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier allows remote attackers to cause a denial of service (disabled interface) by calling an unspecified RPC function. | |||||
| CVE-2016-3118 | 1 Broadcom | 1 Api Gateway | 2021-04-07 | 6.4 MEDIUM | 6.5 MEDIUM |
| CRLF injection vulnerability in CA API Gateway (formerly Layer7 API Gateway) 7.1 before 7.1.04, 8.0 through 8.3 before 8.3.01, and 8.4 before 8.4.01 allows remote attackers to have an unspecified impact via unknown vectors. | |||||
| CVE-2014-1219 | 1 Broadcom | 1 2e Web Option | 2021-04-07 | 5.1 MEDIUM | N/A |
| CA 2E Web Option r8.1.2 accepts a predictable substring of a W2E_SSNID session token in place of the entire token, which allows remote attackers to hijack sessions by changing characters at the end of this substring, as demonstrated by terminating a session via a modified SSNID parameter to web2edoc/close.htm. | |||||
| CVE-2021-28246 | 1 Broadcom | 1 Ehealth | 2021-03-29 | 4.4 MEDIUM | 7.8 HIGH |
| ** UNSUPPORTED WHEN ASSIGNED ** CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a Dynamically Linked Shared Object Library. A regular user must create a malicious library in the writable RPATH, to be dynamically linked when the emtgtctl2 executable is run. The code in the library will be executed as the ehealth user. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2021-28248 | 1 Broadcom | 1 Ehealth | 2021-03-29 | 5.0 MEDIUM | 7.5 HIGH |
| ** UNSUPPORTED WHEN ASSIGNED ** CA eHealth Performance Manager through 6.3.2.12 is affected by Improper Restriction of Excessive Authentication Attempts. An attacker is able to perform an arbitrary number of /web/frames/ authentication attempts using different passwords, and eventually gain access to a targeted account, NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2020-29478 | 2 Broadcom, Microsoft | 2 Ca Service Catalog, Windows | 2021-01-08 | 5.0 MEDIUM | 7.5 HIGH |
| CA Service Catalog 17.2 and 17.3 contain a vulnerability in the default configuration of the Setup Utility that may allow a remote attacker to cause a denial of service condition. | |||||
| CVE-2020-12595 | 1 Broadcom | 1 Symantec Messaging Gateway | 2020-12-14 | 4.0 MEDIUM | 4.9 MEDIUM |
| An information disclosure flaw allows a malicious, authenticated, privileged web UI user to obtain a password for a remote SCP backup server that they might not otherwise be authorized to access. This affects SMG prior to 10.7.4. | |||||
| CVE-2019-19231 | 2 Broadcom, Microsoft | 2 Ca Client Automation, Windows | 2020-10-22 | 4.6 MEDIUM | 7.8 HIGH |
| An insecure file access vulnerability exists in CA Client Automation 14.0, 14.1, 14.2, and 14.3 Agent for Windows that can allow a local attacker to gain escalated privileges. | |||||
| CVE-2019-16211 | 1 Broadcom | 1 Brocade Sannav | 2020-10-07 | 5.0 MEDIUM | 9.8 CRITICAL |
| Brocade SANnav versions before v2.1.0, contain a Plaintext Password Storage vulnerability. | |||||
| CVE-2019-16212 | 1 Broadcom | 1 Brocade Sannav | 2020-10-06 | 6.5 MEDIUM | 8.8 HIGH |
| A vulnerability in Brocade SANnav versions before v2.1.0 could allow a remote authenticated attacker to conduct an LDAP injection. The vulnerability could allow a remote attacker to bypass the authentication process. | |||||
| CVE-2019-13656 | 1 Broadcom | 2 Ca Client Automation, Ca Workload Automation Ae | 2020-10-06 | 7.5 HIGH | 9.8 CRITICAL |
| An access vulnerability in CA Common Services DIA of CA Technologies Client Automation 14 and Workload Automation AE 11.3.5, 11.3.6 allows a remote attacker to execute arbitrary code. | |||||
| CVE-2019-20549 | 2 Broadcom, Google | 11 Bcm43162, Bcm43224, Bcm4323 and 8 more | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Broadcom chipsets) software. A heap out-of-bounds access can occur during LE Packet reception in Broadcom Bluetooth. The Samsung ID is SVE-2019-15724 (November 2019). | |||||
| CVE-2018-19860 | 2 Broadcom, Cypress | 126 Bcm4335c0, Bcm4335c0 Firmware, Bcm43438a1 and 123 more | 2020-08-24 | 5.8 MEDIUM | 8.8 HIGH |
| Broadcom firmware before summer 2014 on Nexus 5 BCM4335C0 2012-12-11, Raspberry Pi 3 BCM43438A1 2014-06-02, and unspecifed other devices does not properly restrict LMP commnds and executes certain memory contents upon receiving an LMP command, as demonstrated by executing an HCI command. | |||||
| CVE-2019-15126 | 2 Apple, Broadcom | 15 Ipados, Iphone Os, Mac Os X and 12 more | 2020-08-11 | 2.9 LOW | 3.1 LOW |
| An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic, a different vulnerability than CVE-2019-9500, CVE-2019-9501, CVE-2019-9502, and CVE-2019-9503. | |||||
| CVE-2018-6446 | 1 Broadcom | 1 Brocade Network Advisor | 2020-07-07 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability in Brocade Network Advisor Version Before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocumented user credentials and install additional JEE applications. | |||||
| CVE-2018-13822 | 1 Broadcom | 1 Project Portfolio Management | 2020-05-06 | 5.0 MEDIUM | 7.5 HIGH |
| Unprotected storage of credentials in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows attackers to access sensitive information. | |||||
| CVE-2020-11662 | 1 Broadcom | 1 Ca Api Developer Portal | 2020-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| CA API Developer Portal 4.3.1 and earlier handles requests insecurely, which allows remote attackers to exploit a Cross-Origin Resource Sharing flaw and access sensitive information. | |||||
| CVE-2020-11663 | 1 Broadcom | 1 Ca Api Developer Portal | 2020-04-20 | 5.8 MEDIUM | 6.1 MEDIUM |
| CA API Developer Portal 4.3.1 and earlier handles 404 requests in an insecure manner, which allows attackers to perform open redirect attacks. | |||||
| CVE-2020-11664 | 1 Broadcom | 1 Ca Api Developer Portal | 2020-04-20 | 5.8 MEDIUM | 6.1 MEDIUM |
| CA API Developer Portal 4.3.1 and earlier handles homeRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks. | |||||
| CVE-2020-11665 | 1 Broadcom | 1 Ca Api Developer Portal | 2020-04-20 | 5.8 MEDIUM | 6.1 MEDIUM |
| CA API Developer Portal 4.3.1 and earlier handles loginRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks. | |||||
| CVE-2020-11658 | 1 Broadcom | 1 Ca Api Developer Portal | 2020-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| CA API Developer Portal 4.3.1 and earlier handles shared secret keys in an insecure manner, which allows attackers to bypass authorization. | |||||
| CVE-2020-11659 | 1 Broadcom | 1 Ca Api Developer Portal | 2020-04-20 | 4.0 MEDIUM | 4.3 MEDIUM |
| CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to perform a restricted user administration action. | |||||
| CVE-2019-9502 | 2 Broadcom, Synology | 3 Bcm4339, Bcm4339 Firmware, Router Manager | 2020-02-10 | 8.3 HIGH | 8.8 HIGH |
| The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. If the vendor information element data length is larger than 164 bytes, a heap buffer overflow is triggered in wlc_wpa_plumb_gtk. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions. | |||||
| CVE-2019-9501 | 2 Broadcom, Synology | 3 Bcm4339, Bcm4339 Firmware, Router Manager | 2020-02-10 | 8.3 HIGH | 8.8 HIGH |
| The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. By supplying a vendor information element with a data length larger than 32 bytes, a heap buffer overflow is triggered in wlc_wpa_sup_eapol. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions. | |||||
| CVE-2016-8204 | 1 Broadcom | 1 Brocade Network Advisor | 2020-01-21 | 10.0 HIGH | 9.8 CRITICAL |
| A Directory Traversal vulnerability in FileReceiveServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to upload a malicious file in a section of the file system where it can be executed. | |||||
| CVE-2019-19518 | 1 Broadcom | 1 Ca Automic Sysload | 2020-01-17 | 7.5 HIGH | 9.8 CRITICAL |
| CA Automic Sysload 5.6.0 through 6.1.2 contains a vulnerability, related to a lack of authentication on the File Server port, that potentially allows remote attackers to execute arbitrary commands. | |||||
| CVE-2019-19544 | 1 Broadcom | 1 Ca Automic Dollar Universe | 2020-01-12 | 7.2 HIGH | 7.8 HIGH |
| CA Automic Dollar Universe 5.3.3 contains a vulnerability, related to the uxdqmsrv binary being setuid root, that allows local attackers to elevate privileges. This vulnerability was reported to CA several years after CA Automic Dollar Universe 5.3.3 reached End of Life (EOL) status on April 1, 2015. | |||||
| CVE-2019-19230 | 3 Broadcom, Linux, Microsoft | 3 Nolio, Linux Kernel, Windows | 2019-12-12 | 7.5 HIGH | 9.8 CRITICAL |
| An unsafe deserialization vulnerability exists in CA Release Automation (Nolio) 6.6 with the DataManagement component that can allow a remote attacker to execute arbitrary code. | |||||
| CVE-2019-16208 | 1 Broadcom | 1 Brocade Sannav | 2019-11-14 | 5.0 MEDIUM | 7.5 HIGH |
| Password-based encryption (PBE) algorithm, of Brocade SANnav versions before v2.0, has a weakness in generating cryptographic keys that may allow an attacker to decrypt passwords used with several services (Radius, TACAS, etc.). | |||||
| CVE-2019-16205 | 1 Broadcom | 1 Brocade Sannav | 2019-11-14 | 4.3 MEDIUM | 8.8 HIGH |
| A vulnerability, in Brocade SANnav versions before v2.0, could allow remote attackers to brute-force a valid session ID. The vulnerability is due to an insufficiently random session ID for several post-authentication actions in the SANnav portal. | |||||
| CVE-2019-16209 | 1 Broadcom | 1 Brocade Sannav | 2019-11-09 | 5.8 MEDIUM | 7.4 HIGH |
| A vulnerability, in The ReportsTrustManager class of Brocade SANnav versions before v2.0, could allow an attacker to perform a man-in-the-middle attack against Secure Sockets Layer(SSL)connections. | |||||