VYPR

Vendor CVEs

Broadcom Corporation

All CVEs

490 total · sorted by risk
  • CVE-2014-0160HigKEVApr 7, 2014
    risk 0.72cvss 7.5epss 1.00

    The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by…

  • CVE-2017-9417CriJun 4, 2017
    risk 0.71cvss 9.8epss 0.48

    Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute arbitrary code via unspecified vectors, aka the "Broadpwn" issue.

  • CVE-2017-0561CriApr 7, 2017
    risk 0.69cvss 9.8epss 0.30

    A remote code execution vulnerability in the Broadcom Wi-Fi firmware could enable a remote attacker to execute arbitrary code within the context of the Wi-Fi SoC. This issue is rated as Critical due to the possibility of remote code execution in the context of the Wi-Fi SoC.…

  • CVE-2013-4659CriMar 14, 2017
    risk 0.68cvss 9.8epss 0.14

    Buffer overflow in Broadcom ACSD allows remote attackers to execute arbitrary code via a long string to TCP port 5916. This component is used on routers of multiple vendors including ASUS RT-AC66U and TRENDnet TEW-812DRU.

  • CVE-2017-11120CriSep 28, 2017
    risk 0.67cvss 9.8epss 0.09

    On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, an attacker can craft a malformed RRM neighbor report frame to trigger an internal buffer overflow in the Wi-Fi firmware, aka B-V2017061204.

  • CVE-2016-8205CriJan 14, 2017
    risk 0.65cvss 9.8epss 0.13

    A Directory Traversal vulnerability in DashboardFileReceiveServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to upload a malicious file in a section of the file system where it can be executed.

  • CVE-2017-0824CriOct 4, 2017
    risk 0.64cvss 9.8epss 0.00

    An elevation of privilege vulnerability in the Broadcom wifi driver. Product: Android. Versions: Android kernel. Android ID: A-37622847. References: B-V2017063001.

  • CVE-2017-11121CriSep 28, 2017
    risk 0.64cvss 9.8epss 0.03

    On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, properly crafted malicious over-the-air Fast Transition frames can potentially trigger internal Wi-Fi firmware heap and/or stack overflows, leading to denial of service or other effects, aka B-V2017061205.

  • CVE-2016-8204CriJan 14, 2017
    risk 0.64cvss 9.8epss 0.07

    A Directory Traversal vulnerability in FileReceiveServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to upload a malicious file in a section of the file system where it can be executed.

  • CVE-2016-9877CriDec 29, 2016
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in Pivotal RabbitMQ 3.x before 3.5.8 and 3.6.x before 3.6.6 and RabbitMQ for PCF 1.5.x before 1.5.20, 1.6.x before 1.6.12, and 1.7.x before 1.7.7. MQTT (MQ Telemetry Transport) connection authentication with a username/password pair succeeds if an…

  • CVE-2016-2473CriJun 13, 2016
    risk 0.64cvss 9.8epss 0.01

    The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 27777501.

  • CVE-2025-41238CriJul 15, 2025
    risk 0.60cvss 9.3epss 0.00

    VMware ESXi, Workstation, and Fusion contain a heap-overflow vulnerability in the PVSCSI (Paravirtualized SCSI) controller that leads to an out of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as…

  • CVE-2024-3596CriJul 9, 2024
    risk 0.60cvss 9.0epss 0.15

    RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature.

  • CVE-2025-7398CriJul 17, 2025
    risk 0.59cvss 9.1epss 0.00

    Brocade ASCG before 3.3.0 allows for the use of medium strength cryptography algorithms on internal ports ports 9000 and 8036.

  • CVE-2025-6391CriJul 17, 2025
    risk 0.59cvss 9.1epss 0.00

    Brocade ASCG before 3.3.0 logs JSON Web Tokens (JWT) in log files. An attacker with access to the log files can withdraw the unencrypted tokens with security implications, such as unauthorized access, session hijacking, and information disclosure.

  • CVE-2024-1509CriFeb 28, 2025
    risk 0.59cvss 9.1epss 0.00

    Brocade ASCG before 3.2.0 Web Interface is not enforcing HSTS, as defined by RFC 6797. HSTS is an optional response header that can be configured on the server to instruct the browser to only communicate via HTTPS. The lack of HSTS allows downgrade attacks, SSL-stripping…

  • CVE-2015-6854CriMar 24, 2016
    risk 0.59cvss 9.1epss 0.01

    The non-Domino web agents in CA Single Sign-On (aka SSO, formerly SiteMinder) R6, R12.0 before SP3 CR13, R12.0J before SP3 CR1.2, and R12.5 before CR5 allow remote attackers to cause a denial of service (daemon crash) or obtain sensitive information via a crafted request.

  • CVE-2015-6853CriMar 24, 2016
    risk 0.59cvss 9.1epss 0.01

    The Domino web agent in CA Single Sign-On (aka SSO, formerly SiteMinder) R6, R12.0 before SP3 CR13, R12.0J before SP3 CR1.2, R12.5 before CR5, R12.51 before CR4, and R12.52 before SP1 CR3 allows remote attackers to cause a denial of service (daemon crash) or obtain sensitive…

  • CVE-2025-4971HigMay 20, 2025
    risk 0.58cvss epss 0.01

    Broadcom Automic Automation Agent Unix versions < 24.3.0 HF4 and < 21.0.13 HF1 allow low privileged users who have execution rights on the agent executable to escalate their privileges.

  • CVE-2025-9059HigSep 11, 2025
    risk 0.57cvss epss 0.00

    The Altiris Core Agent Updater package (AeXNSC.exe) is prone to an elevation of privileges vulnerability through DLL hijacking.

  • CVE-2024-38499HigDec 17, 2024
    risk 0.57cvss 8.8epss 0.00

    CA Client Automation (ITCM) allows non-admin/non-root users to encrypt a string using CAF CLI and SD_ACMD CLI. This would allow the non admin user to access the critical encryption keys which further causes the exploitation of stored credentials. This fix doesn't allow a…

  • CVE-2022-23305CriJan 18, 2022
    risk 0.57cvss 9.8epss 0.67

    By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be included. This allows attackers to manipulate the SQL by entering…

  • CVE-2017-0791HigSep 8, 2017
    risk 0.57cvss 8.8epss 0.00

    A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37306719. References: B-V2017052302.

  • CVE-2017-0790HigSep 8, 2017
    risk 0.57cvss 8.8epss 0.00

    A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37357704. References: B-V2017053101.

  • CVE-2017-0789HigSep 8, 2017
    risk 0.57cvss 8.8epss 0.00

    A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37685267. References: B-V2017053102.

  • CVE-2017-0788HigSep 8, 2017
    risk 0.57cvss 8.8epss 0.00

    A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37722328. References: B-V2017053103.

  • CVE-2017-0787HigSep 8, 2017
    risk 0.57cvss 8.8epss 0.00

    A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37722970. References: B-V2017053104.

  • CVE-2017-0786HigSep 8, 2017
    risk 0.57cvss 8.8epss 0.00

    A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37351060. References: B-V2017060101.

  • CVE-2016-8202HigMay 8, 2017
    risk 0.57cvss 8.8epss 0.03

    A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface.…

  • CVE-2017-6956HigApr 5, 2017
    risk 0.57cvss 8.8epss 0.02

    On the Broadcom Wi-Fi HardMAC SoC with fbt firmware, a stack buffer overflow occurs when handling an 802.11r (FT) authentication response, leading to remote code execution via a crafted access point that sends a long R0KH-ID field in a Fast BSS Transition Information Element…

  • CVE-2016-6152HigJul 26, 2016
    risk 0.57cvss 8.8epss 0.03

    CA eHealth 6.2.x and 6.3.x before 6.3.2.13 allows remote authenticated users to cause a denial of service or possibly execute arbitrary commands via unspecified vectors.

  • CVE-2015-8157HigJun 8, 2016
    risk 0.57cvss 8.8epss 0.02

    SQL injection vulnerability in the Management Server in Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x before 1.0 MP5, Embedded Security: Critical System Protection for Controllers and Devices (SES:CSP) 6.5.0 before MP1, Critical System Protection (SCSP)…

  • CVE-2025-22217HigJan 28, 2025
    risk 0.56cvss 8.6epss 0.01

    Avi Load Balancer contains an unauthenticated blind SQL Injection vulnerability which was privately reported to VMware. Patches are available to remediate this vulnerability in affected VMware products.  A malicious user with network access may be able to use specially crafted…

  • CVE-2026-8370HigMay 19, 2026
    risk 0.55cvss epss 0.00

    Execution with unnecessary privileges vulnerability in Broadcom Automic Automation Agent Unix on Linux x64, Linux Power 64 BE, Linux Power 64 LE, zLinux (zSeries), AIX, Solaris x64, Solaris Sparc 64 allows Privilege Escalation, Target Programs with Elevated Privileges. This…

  • CVE-2025-10847HigOct 1, 2025
    risk 0.55cvss epss 0.00

    DX Unified Infrastructure Management (Nimsoft/UIM) and below contains an improper ACL handling vulnerability in the robot (controller) component. A remote attacker can execute commands, read from, or write to the target system.

  • CVE-2024-36459HigJun 14, 2024
    risk 0.55cvss epss 0.00

    A CRLF cross-site scripting vulnerability has been identified in certain configurations of the SiteMinder Web Agent for IIS Web Server and SiteMinder Web Agent for Domino Web Server. As a result, an attacker can execute arbitrary Javascript code in a client browser.

  • CVE-2017-14266HigSep 12, 2017
    risk 0.54cvss 7.8epss 0.04

    tcprewrite in Tcpreplay 3.4.4 has a Heap-Based Buffer Overflow vulnerability triggered by a crafted PCAP file, a related issue to CVE-2016-6160.

  • CVE-2026-41700HigJun 11, 2026
    risk 0.53cvss 8.1epss 0.00

    Spring for GraphQL applications that have enabled the WebSocket transport are vulnerable to Cross-Site WebSocket Hijacking. An attacker can trick an authenticated user into visiting a malicious page, allowing the attacker to execute arbitrary GraphQL operations with the victim's…

  • CVE-2025-41229HigMay 20, 2025
    risk 0.53cvss 8.2epss 0.01

    VMware Cloud Foundation contains a directory traversal vulnerability. A malicious actor with network access to port 443 on VMware Cloud Foundation may exploit this issue to access certain internal services.

  • CVE-2017-6957HigMar 27, 2017
    risk 0.53cvss 8.1epss 0.05

    Stack-based buffer overflow in the firmware in Broadcom Wi-Fi HardMAC SoC chips, when the firmware supports CCKM Fast and Secure Roaming and the feature is enabled in RAM, allows remote attackers to execute arbitrary code via a crafted reassociation response frame with a Cisco…

  • CVE-2026-41724HigJun 8, 2026
    risk 0.52cvss 8.0epss 0.00

    VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to create policies, views or text-widgets may be able to inject scripts to perform administrative actions in VMware Cloud Foundation Operations.

  • CVE-2026-41723HigJun 8, 2026
    risk 0.52cvss 8.0epss 0.00

    VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to create policies, views or text-widgets may be able to inject scripts to perform administrative actions in VMware Cloud Foundation Operations.

  • CVE-2026-41722HigJun 8, 2026
    risk 0.52cvss 8.0epss 0.00

    VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to create policies, views or text-widgets may be able to inject scripts to perform administrative actions in VMware Cloud Foundation Operations.

  • CVE-2015-8798HigJun 8, 2016
    risk 0.52cvss 8.0epss 0.03

    Directory traversal vulnerability in the Management Server in Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x before 1.0 MP5, Embedded Security: Critical System Protection for Controllers and Devices (SES:CSP) 6.5.0 before MP1, Critical System Protection…

  • CVE-2025-22231HigApr 1, 2025
    risk 0.51cvss 7.8epss 0.00

    VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with local administrative privileges can escalate their privileges to root on the appliance running VMware Aria Operations.

  • CVE-2025-0893HigFeb 19, 2025
    risk 0.51cvss 7.8epss 0.00

    Symantec Diagnostic Tool (SymDiag), prior to 3.0.79, may be susceptible to a Privilege Escalation vulnerability.

  • CVE-2018-6439HigDec 3, 2018
    risk 0.51cvss 7.8epss 0.00

    A Vulnerability in the configdownload command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access.

  • CVE-2017-13213HigJan 12, 2018
    risk 0.51cvss 7.8epss 0.00

    An elevation of privilege vulnerability in the Broadcom bcmdhd driver. Product: Android. Versions: Android kernel. Android ID: A-63374465. References: B-V2017081501.

  • CVE-2017-13161HigDec 6, 2017
    risk 0.51cvss 7.8epss 0.00

    An elevation of privilege vulnerability in the Broadcom wireless driver. Product: Android. Versions: Android kernel. Android ID A-63930471. References: BC-V2017092501.

  • CVE-2017-0740HigAug 9, 2017
    risk 0.51cvss 7.8epss 0.01

    A remote code execution vulnerability in the Broadcom networking driver. Product: Android. Versions: Android kernel. Android ID: A-37168488. References: B-RB#116402.

Page 1 of 10