VYPR

Vendor CVEs

Broadcom Corporation

All CVEs

490 total · sorted by risk
  • CVE-2017-4966HigJun 13, 2017
    risk 0.51cvss 7.8epss 0.00

    An issue was discovered in these Pivotal RabbitMQ versions: all 3.4.x versions, all 3.5.x versions, and 3.6.x versions prior to 3.6.9; and these RabbitMQ for PCF versions: all 1.5.x versions, 1.6.x versions prior to 1.6.18, and 1.7.x versions prior to 1.7.15. RabbitMQ management…

  • CVE-2016-9100HigMay 11, 2017
    risk 0.51cvss 7.8epss 0.00

    Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.13, ASG 6.7 prior to 6.7.3.1, ProxySG 6.5 prior to 6.5.10.6, ProxySG 6.6 prior to 6.6.5.13, and ProxySG 6.7 prior to 6.7.3.1 are susceptible to an information disclosure vulnerability. An attacker with local access to the…

  • CVE-2017-6429HigMar 15, 2017
    risk 0.51cvss 7.8epss 0.03

    Buffer overflow in the tcpcapinfo utility in Tcpreplay before 4.2.0 Beta 1 allows remote attackers to have unspecified impact via a pcap file with an over-size packet.

  • CVE-2017-0509HigMar 8, 2017
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may…

  • CVE-2017-0430HigFeb 8, 2017
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may…

  • CVE-2016-9795HigJan 27, 2017
    risk 0.51cvss 7.8epss 0.01

    The casrvc program in CA Common Services, as used in CA Client Automation 12.8, 12.9, and 14.0; CA SystemEDGE 5.8.2 and 5.9; CA Systems Performance for Infrastructure Managers 12.8 and 12.9; CA Universal Job Management Agent 11.2; CA Virtual Assurance for Infrastructure Managers…

  • CVE-2016-3869HigSep 11, 2016
    risk 0.51cvss 7.8epss 0.01

    The Broadcom Wi-Fi driver in Android before 2016-09-05 on Nexus 5, Nexus 6, Nexus 6P, Nexus 9, Nexus Player, and Pixel C devices allows attackers to gain privileges via a crafted application, aka Android internal bug 29009982 and Broadcom internal bug RB#96070.

  • CVE-2016-3792HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.00

    CORE/HDD/src/wlan_hdd_hostapd.c in the Qualcomm Wi-Fi driver in Android before 2016-07-05 on Nexus 7 (2013) devices mishandles userspace data copying, which allows attackers to gain privileges via a crafted application, aka Android internal bug 27725204 and Qualcomm internal bug…

  • CVE-2016-2493HigJun 13, 2016
    risk 0.51cvss 7.8epss 0.00

    The Broadcom Wi-Fi driver in Android before 2016-06-01 on Nexus 5, Nexus 6, Nexus 6P, Nexus 7 (2013), Nexus Player, and Pixel C devices allows attackers to gain privileges via a crafted application, aka internal bug 26571522.

  • CVE-2016-2471HigJun 13, 2016
    risk 0.51cvss 7.8epss 0.00

    The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 27773913.

  • CVE-2016-2470HigJun 13, 2016
    risk 0.51cvss 7.8epss 0.00

    The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 27662174.

  • CVE-2016-8206HigJan 14, 2017
    risk 0.50cvss 7.5epss 0.15

    A Directory Traversal vulnerability in servlet SoftwareImageUpload in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to write to arbitrary files, and consequently delete the files.

  • CVE-2015-8799HigJun 8, 2016
    risk 0.50cvss 7.6epss 0.06

    Directory traversal vulnerability in the Management Server in Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x before 1.0 MP5, Embedded Security: Critical System Protection for Controllers and Devices (SES:CSP) 6.5.0 before MP1, Critical System Protection…

  • CVE-2026-41716HigJun 10, 2026
    risk 0.49cvss 7.5epss 0.00

    Spring Data's internal property-lookup cache accepts and permanently retains attacker-supplied strings as cache keys, allowing heap exhaustion through repeated requests. Affected versions: Spring Data Commons 2.7.0 through 2.7.19; 3.3.0 through 3.3.16; 3.4.0 through 3.4.14;…

  • CVE-2026-41695HigJun 10, 2026
    risk 0.49cvss 7.5epss 0.00

    Spring Data Commons applications may be vulnerable to denial of service through resource exhaustion when attacker-controlled property path strings are passed to MappingContext property path resolution. Affected versions: Spring Data Commons 4.0.0 through 4.0.5; 3.5.0 through…

  • CVE-2025-41230HigMay 20, 2025
    risk 0.49cvss 7.5epss 0.00

    VMware Cloud Foundation contains an information disclosure vulnerability. A malicious actor with network access to port 443 on VMware Cloud Foundation may exploit this issue to gain access to sensitive information.

  • CVE-2017-11122HigOct 4, 2017
    risk 0.49cvss 7.5epss 0.02

    On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56, an attacker can trigger an information leak due to insufficient length validation, related to ICMPv6 router advertisement offloading.

  • CVE-2017-0825HigOct 4, 2017
    risk 0.49cvss 7.5epss 0.00

    An information disclosure vulnerability in the Broadcom wifi driver. Product: Android. Versions: Android kernel. Android ID: A-37305633. References: B-V2017063002.

  • CVE-2017-0569HigApr 7, 2017
    risk 0.49cvss 7.0epss 0.08

    An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…

  • CVE-2016-6160HigJan 23, 2017
    risk 0.49cvss 7.5epss 0.02

    tcprewrite in tcpreplay before 4.1.2 allows remote attackers to cause a denial of service (segmentation fault) via a large frame, a related issue to CVE-2017-14266.

  • CVE-2004-2397HigDec 31, 2004
    risk 0.49cvss 7.5epss 0.01

    The web-based Management Console in Blue Coat Security Gateway OS 3.0 through 3.1.3.13 and 3.2.1, when importing a private key, stores the key and its passphrase in plaintext in a log file, which allows attackers to steal digital certificates.

  • CVE-2015-8800HigJun 8, 2016
    risk 0.48cvss 7.3epss 0.01

    Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x before 1.0 MP5, Embedded Security: Critical System Protection for Controllers and Devices (SES:CSP) 6.5.0 before MP1, Critical System Protection (SCSP) before 5.2.9 MP6, Data Center Security: Server Advanced…

  • CVE-2016-9097HigMay 11, 2017
    risk 0.47cvss 7.2epss 0.02

    The Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.8, ProxySG 6.5 prior 6.5.10.6, ProxySG 6.6 prior to 6.6.5.8, and ProxySG 6.7 prior to 6.7.1.2 management consoles do not, under certain circumstances, correctly authorize administrator users. A malicious administrator…

  • CVE-2026-44838HigMay 27, 2026
    risk 0.46cvss 8.1epss 0.00

    RabbitMQ is a messaging and streaming broker. From 4.2.0 to before 4.2.4, RabbitMQ's MQTT plugin allows for topic-level authorization using regular expressions with variable substitution. Administrators can create patterns such as ^{client_id}-sensors$ to restrict user access to…

  • CVE-2025-13917HigJan 28, 2026
    risk 0.46cvss 7.0epss 0.00

    WSS Agent, prior to 9.8.5, may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.

  • CVE-2025-41239HigJul 15, 2025
    risk 0.46cvss 7.1epss 0.02

    VMware ESXi, Workstation, Fusion, and VMware Tools contains an information disclosure vulnerability due to the usage of an uninitialised memory in vSockets. A malicious actor with local administrative privileges on a virtual machine may be able to exploit this issue to leak…

  • CVE-2024-12530HigApr 17, 2025
    risk 0.46cvss epss 0.00

    Uncontrolled Search Path Element vulnerability in OpenText Secure Content Manager on Windows allows DLL Side-Loading.This issue affects Secure Content Manager: 23.4. End-users can potentially exploit the vulnerability to execute malicious code in the trusted context of the…

  • CVE-2018-6969HigJul 13, 2018
    risk 0.46cvss 7.0epss 0.00

    VMware Tools (10.x and prior before 10.3.0) contains an out-of-bounds read vulnerability in HGFS. Successful exploitation of this issue may lead to information disclosure or may allow attackers to escalate their privileges on the guest VMs. In order to be able to exploit this…

  • CVE-2017-0574HigApr 7, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…

  • CVE-2017-0573HigApr 7, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…

  • CVE-2017-0572HigApr 7, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…

  • CVE-2017-0571HigApr 7, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…

  • CVE-2017-0570HigApr 7, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…

  • CVE-2017-0568HigApr 7, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…

  • CVE-2017-0567HigApr 7, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…

  • CVE-2017-0449HigFeb 8, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and is…

  • CVE-2014-9910HigJan 18, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…

  • CVE-2014-9909HigJan 18, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…

  • CVE-2016-8466HigJan 12, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and is…

  • CVE-2016-8465HigJan 12, 2017
    risk 0.46cvss 7.0epss 0.02

    An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and is…

  • CVE-2016-8464HigJan 12, 2017
    risk 0.46cvss 7.0epss 0.02

    An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and is…

  • CVE-2016-8457HigJan 12, 2017
    risk 0.46cvss 7.0epss 0.02

    An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…

  • CVE-2016-8456HigJan 12, 2017
    risk 0.46cvss 7.0epss 0.02

    An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…

  • CVE-2016-8455HigJan 12, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…

  • CVE-2016-8454HigJan 12, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…

  • CVE-2016-8453HigJan 12, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…

  • CVE-2015-8698HigJun 29, 2016
    risk 0.46cvss 7.1epss 0.01

    CA Release Automation (formerly LISA Release Automation) 5.0.2 before 5.0.2-227, 5.5.1 before 5.5.1-1616, 5.5.2 before 5.5.2-434, and 6.1.0 before 6.1.0-1026 allows remote attackers to read arbitrary files or cause a denial of service via a request containing an XML external…

  • CVE-2025-41233MedJun 12, 2025
    risk 0.44cvss 6.8epss 0.00

    Description: VMware AVI Load Balancer contains an authenticated blind SQL Injection vulnerability. VMware has evaluated the severity of the issue to be in the Moderate severity range https://www.broadcom.com/support/vmware-services/security-response  with a maximum CVSSv3…

  • CVE-2025-41226MedMay 20, 2025
    risk 0.44cvss 6.8epss 0.00

    VMware ESXi contains a denial-of-service vulnerability that occurs when performing a guest operation. A malicious actor with guest operation privileges on a VM, who is already authenticated through vCenter Server or ESXi may trigger this issue to create a denial-of-service…

  • CVE-2024-38818MedOct 9, 2024
    risk 0.44cvss 6.7epss 0.00

    VMware NSX contains a local privilege escalation vulnerability.  An authenticated malicious actor may exploit this vulnerability to obtain permissions from a separate group role than previously assigned.

Page 2 of 10