Vendor CVEs
Broadcom Corporation
All CVEs
490 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-41789 | 0.00 | — | 0.01 | Jan 4, 2022 | In wifi driver, there is a possible system crash due to a missing validation check. This could lead to remote denial of service from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20190426015;… | |||
| CVE-2021-42775 | 0.00 | — | 0.01 | Nov 12, 2021 | Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, have a vulnerability in the remote firmware download feature that could allow a user to place or replace an arbitrary file on the… | |||
| CVE-2021-42773 | 0.00 | — | 0.01 | Nov 12, 2021 | Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, could allow a user to retrieve an arbitrary file from a remote host with the GetDumpFile command. In non-secure mode, the user is… | |||
| CVE-2021-42774 | 0.00 | — | 0.02 | Nov 12, 2021 | Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, have a buffer overflow vulnerability in the remote firmware download feature that could allow remote unauthenticated users to perform… | |||
| CVE-2021-42772 | 0.00 | — | 0.01 | Nov 3, 2021 | Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, have a buffer overflow vulnerability in the remote GetDumpFile command that could allow a user to attempt various attacks. In… | |||
| CVE-2021-0632 | 0.00 | — | 0.00 | Oct 25, 2021 | In wifi driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to a proximal attacker under certain build conditions with no additional execution privileges needed. User interaction is not needed for… | |||
| CVE-2021-27791 | 0.00 | — | 0.01 | Aug 12, 2021 | The function that is used to parse the Authentication header in Brocade Fabric OS Web application service before Brocade Fabric OS v9.0.1a and v8.2.3a fails to properly process a malformed authentication header from the client, resulting in reading memory addresses outside the… | |||
| CVE-2021-27790 | 0.00 | — | 0.00 | Aug 12, 2021 | The command ipfilter in Brocade Fabric OS before Brocade Fabric OS v.9.0.1a, v8.2.3, and v8.2.0_CBN4, and v7.4.2h uses unsafe string function to process user input. Authenticated attackers can abuse this vulnerability to exploit stack-based buffer overflows, allowing execution… | |||
| CVE-2021-27792 | 0.00 | — | 0.00 | Aug 12, 2021 | The request handling functions in web management interface of Brocade Fabric OS versions before v9.0.1a, v8.2.3a, and v7.4.2h do not properly handle malformed user input, resulting in a service crash. An authenticated attacker could use this weakness to cause the FOS HTTP… | |||
| CVE-2021-33478 | 0.00 | — | 0.00 | Jul 22, 2021 | The TrustZone implementation in certain Broadcom MediaxChange firmware could allow an unauthenticated, physically proximate attacker to achieve arbitrary code execution in the TrustZone Trusted Execution Environment (TEE) of an affected device. This, for example, affects certain… | |||
| CVE-2021-34174 | 0.00 | — | 0.00 | Jul 14, 2021 | A vulnerability exists in Broadcom BCM4352 and BCM43684 chips. Any wireless router using BCM4352 and BCM43684 will be affected, such as ASUS AX6100. An attacker may cause a Denial of Service (DoS) to any device connected to BCM4352 or BCM43684 routers via an association or… | |||
| CVE-2020-15386 | 0.00 | — | 0.01 | Jun 9, 2021 | Brocade Fabric OS prior to v9.0.1a and 8.2.3a and after v9.0.0 and 8.2.2d may observe high CPU load during security scanning, which could lead to a slower response to CLI commands and other operations. | |||
| CVE-2020-15385 | 0.00 | — | 0.01 | Jun 9, 2021 | Brocade SANnav before version 2.1.1 allows an authenticated attacker to list directories, and list files without permission. As a result, users without permission can see folders, and hidden files, and can create directories without permission. | |||
| CVE-2020-15380 | 0.00 | — | 0.01 | Jun 9, 2021 | Brocade SANnav before version 2.1.1 logs account credentials at the ‘trace’ logging level. | |||
| CVE-2020-15379 | 0.00 | — | 0.01 | Jun 9, 2021 | Brocade SANnav before v.2.1.0a could allow remote attackers cause a denial-of-service condition due to a lack of proper validation, of the length of user-supplied data as name for custom field name. | |||
| CVE-2020-15378 | 0.00 | — | 0.01 | Jun 9, 2021 | The OVA version of Brocade SANnav before version 2.1.1 installation with IPv6 networking exposes the docker container ports to the network, increasing the potential attack surface. | |||
| CVE-2020-15383 | 0.00 | — | 0.01 | Jun 9, 2021 | Running security scans against the SAN switch can cause config and secnotify processes within the firmware before Brocade Fabric OS v9.0.0, v8.2.2d and v8.2.1e to consume all memory leading to denial of service impacts possibly including a switch panic. | |||
| CVE-2020-15381 | 0.00 | — | 0.01 | Jun 9, 2021 | Brocade SANnav before version 2.1.1 contains an Improper Authentication vulnerability that allows cleartext transmission of authentication credentials of the jmx server. | |||
| CVE-2021-30642 | 0.00 | — | 0.03 | Apr 27, 2021 | An input validation flaw in the Symantec Security Analytics web UI 7.2 prior 7.2.7, 8.1, prior to 8.1.3-NSR3, 8.2, prior to 8.2.1-NSR2 or 8.2.2 allows a remote, unauthenticated attacker to execute arbitrary OS commands on the target with elevated privileges. | |||
| CVE-2020-12595 | 0.00 | — | 0.01 | Dec 10, 2020 | An information disclosure flaw allows a malicious, authenticated, privileged web UI user to obtain a password for a remote SCP backup server that they might not otherwise be authorized to access. This affects SMG prior to 10.7.4. | |||
| CVE-2020-12594 | 0.00 | — | 0.01 | Dec 10, 2020 | A privilege escalation flaw allows a malicious, authenticated, privileged CLI user to escalate their privileges on the system and gain full control over the SMG appliance. This affects SMG prior to 10.7.4. | |||
| CVE-2020-12593 | 0.00 | — | 0.02 | Nov 18, 2020 | Symantec Endpoint Detection & Response, prior to 4.5, may be susceptible to an information disclosure issue, which is a type of vulnerability that could potentially allow unauthorized access to data. | |||
| CVE-2020-15373 | 0.00 | — | 0.02 | Sep 25, 2020 | Multiple buffer overflow vulnerabilities in REST API in Brocade Fabric OS versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c could allow remote unauthenticated attackers to perform various attacks. | |||
| CVE-2020-15372 | 0.00 | — | 0.00 | Sep 25, 2020 | A vulnerability in the command-line interface in Brocade Fabric OS before Brocade Fabric OS v8.2.2a1, 8.2.2c, v7.4.2g, v8.2.0_CBN3, v8.2.1e, v8.1.2k, v9.0.0, could allow a local authenticated attacker to modify shell variables, which may lead to an escalation of privileges or… | |||
| CVE-2020-15371 | 0.00 | — | 0.01 | Sep 25, 2020 | Brocade Fabric OS versions before Brocade Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, contains code injection and privilege escalation vulnerability. | |||
| CVE-2020-15370 | 0.00 | — | 0.01 | Sep 25, 2020 | Brocade Fabric OS versions before Brocade Fabric OS v7.4.2g could allow an authenticated, remote attacker to view a user password in cleartext. The vulnerability is due to incorrectly logging the user password in log files. | |||
| CVE-2020-15369 | 0.00 | — | 0.01 | Sep 25, 2020 | Supportlink CLI in Brocade Fabric OS Versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c does not obfuscate the password field, which could expose users’ credentials of the remote server. An authenticated user could obtain the exposed password credentials to… | |||
| CVE-2019-16211 | 0.00 | — | 0.01 | Sep 25, 2020 | Brocade SANnav versions before v2.1.0, contain a Plaintext Password Storage vulnerability. | |||
| CVE-2018-6447 | 0.00 | — | 0.01 | Sep 25, 2020 | A Reflective XSS Vulnerability in HTTP Management Interface in Brocade Fabric OS versions before Brocade Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, v7.4.2g could allow authenticated attackers with access to the web interface to hijack a user’s session and take… | |||
| CVE-2020-5839 | 0.00 | — | 0.02 | Jul 8, 2020 | Symantec Endpoint Detection And Response, prior to 4.4, may be susceptible to an information disclosure issue, which is a type of vulnerability that could potentially allow unauthorized access to data. | |||
| CVE-2020-6616 | 0.00 | — | 0.01 | May 8, 2020 | Some Broadcom chips mishandle Bluetooth random-number generation because a low-entropy Pseudo Random Number Generator (PRNG) is used in situations where a Hardware Random Number Generator (HRNG) should have been used to prevent spoofing. This affects, for example, Samsung Galaxy… | |||
| CVE-2020-5832 | 0.00 | — | 0.00 | Apr 6, 2020 | Symantec Data Center Security Manager Component, prior to 6.8.2 (aka 6.8 MP2), may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that… | |||
| CVE-2019-9502 | 0.00 | — | 0.02 | Feb 3, 2020 | The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. If the vendor information element data length is larger than 164 bytes, a heap buffer overflow is triggered in wlc_wpa_plumb_gtk. In the worst case scenario, by sending specially-crafted WiFi packets, a remote,… | |||
| CVE-2019-9501 | 0.00 | — | 0.03 | Feb 3, 2020 | The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. By supplying a vendor information element with a data length larger than 32 bytes, a heap buffer overflow is triggered in wlc_wpa_sup_eapol. In the worst case scenario, by sending specially-crafted WiFi… | |||
| CVE-2019-9503 | 0.00 | — | 0.03 | Jan 16, 2020 | The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a remote source, the is_wlc_event_frame function will cause this frame to be… | |||
| CVE-2019-9500 | 0.00 | — | 0.04 | Jan 16, 2020 | The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an heap buffer overflow in the… | |||
| CVE-2020-3941 | 0.00 | — | 0.00 | Jan 15, 2020 | The repair operation of VMware Tools for Windows 10.x.y has a race condition which may allow for privilege escalation in the Virtual Machine where Tools is installed. This vulnerability is not present in VMware Tools 11.x.y since the affected functionality is not present in… | |||
| CVE-2019-19518 | 0.00 | — | 0.03 | Jan 8, 2020 | CA Automic Sysload 5.6.0 through 6.1.2 contains a vulnerability, related to a lack of authentication on the File Server port, that potentially allows remote attackers to execute arbitrary commands. | |||
| CVE-2019-19230 | 0.00 | — | 0.04 | Dec 9, 2019 | An unsafe deserialization vulnerability exists in CA Release Automation (Nolio) 6.6 with the DataManagement component that can allow a remote attacker to execute arbitrary code. | |||
| CVE-2019-16210 | 0.00 | — | 0.00 | Nov 8, 2019 | Brocade SANnav versions before v2.0, logs plain text database connection password while triggering support save. | |||
| CVE-2019-16208 | 0.00 | — | 0.00 | Nov 8, 2019 | Password-based encryption (PBE) algorithm, of Brocade SANnav versions before v2.0, has a weakness in generating cryptographic keys that may allow an attacker to decrypt passwords used with several services (Radius, TACAS, etc.). | |||
| CVE-2019-16207 | 0.00 | — | 0.00 | Nov 8, 2019 | Brocade SANnav versions before v2.0 use a hard-coded password, which could allow local authenticated attackers to access a back-end database and gain privileges. | |||
| CVE-2019-18644 | 0.00 | — | 0.01 | Oct 30, 2019 | The malware scan function in Total Defense Anti-virus 11.5.2.28 is vulnerable to a TOCTOU bug; consequently, symbolic link attacks allow privileged files to be deleted. | |||
| CVE-2019-18645 | 0.00 | — | 0.00 | Oct 30, 2019 | The quarantine restoration function in Total Defense Anti-virus 11.5.2.28 is vulnerable to symbolic link attacks, allowing files to be written to privileged directories. | |||
| CVE-2019-13355 | 0.00 | — | 0.00 | Sep 24, 2019 | In Total Defense Anti-virus 9.0.0.773, insecure access control for the directory %PROGRAMDATA%\TotalDefense\Consumer\ISS\9\ used by ccschedulersvc.exe allows local attackers to hijack dotnetproxy.exe, which leads to privilege escalation when the ccSchedulerSVC service runs the… | |||
| CVE-2019-13356 | 0.00 | — | 0.00 | Sep 24, 2019 | In Total Defense Anti-virus 9.0.0.773, insecure access control for the directory %PROGRAMDATA%\TotalDefense\Consumer\ISS\9\bd\TDUpdate2\ used by AMRT.exe allows local attackers to hijack bdcore.dll, which leads to privilege escalation when the AMRT service loads the DLL. | |||
| CVE-2019-13357 | 0.00 | — | 0.01 | Sep 24, 2019 | In Total Defense Anti-virus 9.0.0.773, resource acquisition from the untrusted search path C:\ used by caschelp.exe allows local attackers to hijack ccGUIFrm.dll, which leads to code execution. SYSTEM-level code execution can be achieved when the ccSchedulerSVC service runs the… | |||
| CVE-2018-19860 | 0.00 | — | 0.01 | Jun 7, 2019 | Broadcom firmware before summer 2014 on Nexus 5 BCM4335C0 2012-12-11, Raspberry Pi 3 BCM43438A1 2014-06-02, and unspecifed other devices does not properly restrict LMP commnds and executes certain memory contents upon receiving an LMP command, as demonstrated by executing an HCI… | |||
| CVE-2019-5514 | 0.00 | — | 0.03 | Apr 1, 2019 | VMware VMware Fusion (11.x before 11.0.3) contains a security vulnerability due to certain unauthenticated APIs accessible through a web socket. An attacker may exploit this issue by tricking the host user to execute a JavaScript to perform unauthorized functions on the guest… | |||
| CVE-2018-6445 | 0.00 | — | 0.02 | Jan 22, 2019 | A Vulnerability in Brocade Network Advisor versions before 14.0.3 could allow a remote unauthenticated attacker to export the current user database which includes the encrypted (not hashed) password of the systems. The attacker could gain access to the Brocade Network Advisor… |
- CVE-2021-41789Jan 4, 2022risk 0.00cvss —epss 0.01
In wifi driver, there is a possible system crash due to a missing validation check. This could lead to remote denial of service from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20190426015;…
- CVE-2021-42775Nov 12, 2021risk 0.00cvss —epss 0.01
Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, have a vulnerability in the remote firmware download feature that could allow a user to place or replace an arbitrary file on the…
- CVE-2021-42773Nov 12, 2021risk 0.00cvss —epss 0.01
Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, could allow a user to retrieve an arbitrary file from a remote host with the GetDumpFile command. In non-secure mode, the user is…
- CVE-2021-42774Nov 12, 2021risk 0.00cvss —epss 0.02
Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, have a buffer overflow vulnerability in the remote firmware download feature that could allow remote unauthenticated users to perform…
- CVE-2021-42772Nov 3, 2021risk 0.00cvss —epss 0.01
Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, have a buffer overflow vulnerability in the remote GetDumpFile command that could allow a user to attempt various attacks. In…
- CVE-2021-0632Oct 25, 2021risk 0.00cvss —epss 0.00
In wifi driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to a proximal attacker under certain build conditions with no additional execution privileges needed. User interaction is not needed for…
- CVE-2021-27791Aug 12, 2021risk 0.00cvss —epss 0.01
The function that is used to parse the Authentication header in Brocade Fabric OS Web application service before Brocade Fabric OS v9.0.1a and v8.2.3a fails to properly process a malformed authentication header from the client, resulting in reading memory addresses outside the…
- CVE-2021-27790Aug 12, 2021risk 0.00cvss —epss 0.00
The command ipfilter in Brocade Fabric OS before Brocade Fabric OS v.9.0.1a, v8.2.3, and v8.2.0_CBN4, and v7.4.2h uses unsafe string function to process user input. Authenticated attackers can abuse this vulnerability to exploit stack-based buffer overflows, allowing execution…
- CVE-2021-27792Aug 12, 2021risk 0.00cvss —epss 0.00
The request handling functions in web management interface of Brocade Fabric OS versions before v9.0.1a, v8.2.3a, and v7.4.2h do not properly handle malformed user input, resulting in a service crash. An authenticated attacker could use this weakness to cause the FOS HTTP…
- CVE-2021-33478Jul 22, 2021risk 0.00cvss —epss 0.00
The TrustZone implementation in certain Broadcom MediaxChange firmware could allow an unauthenticated, physically proximate attacker to achieve arbitrary code execution in the TrustZone Trusted Execution Environment (TEE) of an affected device. This, for example, affects certain…
- CVE-2021-34174Jul 14, 2021risk 0.00cvss —epss 0.00
A vulnerability exists in Broadcom BCM4352 and BCM43684 chips. Any wireless router using BCM4352 and BCM43684 will be affected, such as ASUS AX6100. An attacker may cause a Denial of Service (DoS) to any device connected to BCM4352 or BCM43684 routers via an association or…
- CVE-2020-15386Jun 9, 2021risk 0.00cvss —epss 0.01
Brocade Fabric OS prior to v9.0.1a and 8.2.3a and after v9.0.0 and 8.2.2d may observe high CPU load during security scanning, which could lead to a slower response to CLI commands and other operations.
- CVE-2020-15385Jun 9, 2021risk 0.00cvss —epss 0.01
Brocade SANnav before version 2.1.1 allows an authenticated attacker to list directories, and list files without permission. As a result, users without permission can see folders, and hidden files, and can create directories without permission.
- CVE-2020-15380Jun 9, 2021risk 0.00cvss —epss 0.01
Brocade SANnav before version 2.1.1 logs account credentials at the ‘trace’ logging level.
- CVE-2020-15379Jun 9, 2021risk 0.00cvss —epss 0.01
Brocade SANnav before v.2.1.0a could allow remote attackers cause a denial-of-service condition due to a lack of proper validation, of the length of user-supplied data as name for custom field name.
- CVE-2020-15378Jun 9, 2021risk 0.00cvss —epss 0.01
The OVA version of Brocade SANnav before version 2.1.1 installation with IPv6 networking exposes the docker container ports to the network, increasing the potential attack surface.
- CVE-2020-15383Jun 9, 2021risk 0.00cvss —epss 0.01
Running security scans against the SAN switch can cause config and secnotify processes within the firmware before Brocade Fabric OS v9.0.0, v8.2.2d and v8.2.1e to consume all memory leading to denial of service impacts possibly including a switch panic.
- CVE-2020-15381Jun 9, 2021risk 0.00cvss —epss 0.01
Brocade SANnav before version 2.1.1 contains an Improper Authentication vulnerability that allows cleartext transmission of authentication credentials of the jmx server.
- CVE-2021-30642Apr 27, 2021risk 0.00cvss —epss 0.03
An input validation flaw in the Symantec Security Analytics web UI 7.2 prior 7.2.7, 8.1, prior to 8.1.3-NSR3, 8.2, prior to 8.2.1-NSR2 or 8.2.2 allows a remote, unauthenticated attacker to execute arbitrary OS commands on the target with elevated privileges.
- CVE-2020-12595Dec 10, 2020risk 0.00cvss —epss 0.01
An information disclosure flaw allows a malicious, authenticated, privileged web UI user to obtain a password for a remote SCP backup server that they might not otherwise be authorized to access. This affects SMG prior to 10.7.4.
- CVE-2020-12594Dec 10, 2020risk 0.00cvss —epss 0.01
A privilege escalation flaw allows a malicious, authenticated, privileged CLI user to escalate their privileges on the system and gain full control over the SMG appliance. This affects SMG prior to 10.7.4.
- CVE-2020-12593Nov 18, 2020risk 0.00cvss —epss 0.02
Symantec Endpoint Detection & Response, prior to 4.5, may be susceptible to an information disclosure issue, which is a type of vulnerability that could potentially allow unauthorized access to data.
- CVE-2020-15373Sep 25, 2020risk 0.00cvss —epss 0.02
Multiple buffer overflow vulnerabilities in REST API in Brocade Fabric OS versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c could allow remote unauthenticated attackers to perform various attacks.
- CVE-2020-15372Sep 25, 2020risk 0.00cvss —epss 0.00
A vulnerability in the command-line interface in Brocade Fabric OS before Brocade Fabric OS v8.2.2a1, 8.2.2c, v7.4.2g, v8.2.0_CBN3, v8.2.1e, v8.1.2k, v9.0.0, could allow a local authenticated attacker to modify shell variables, which may lead to an escalation of privileges or…
- CVE-2020-15371Sep 25, 2020risk 0.00cvss —epss 0.01
Brocade Fabric OS versions before Brocade Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, contains code injection and privilege escalation vulnerability.
- CVE-2020-15370Sep 25, 2020risk 0.00cvss —epss 0.01
Brocade Fabric OS versions before Brocade Fabric OS v7.4.2g could allow an authenticated, remote attacker to view a user password in cleartext. The vulnerability is due to incorrectly logging the user password in log files.
- CVE-2020-15369Sep 25, 2020risk 0.00cvss —epss 0.01
Supportlink CLI in Brocade Fabric OS Versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c does not obfuscate the password field, which could expose users’ credentials of the remote server. An authenticated user could obtain the exposed password credentials to…
- CVE-2019-16211Sep 25, 2020risk 0.00cvss —epss 0.01
Brocade SANnav versions before v2.1.0, contain a Plaintext Password Storage vulnerability.
- CVE-2018-6447Sep 25, 2020risk 0.00cvss —epss 0.01
A Reflective XSS Vulnerability in HTTP Management Interface in Brocade Fabric OS versions before Brocade Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, v7.4.2g could allow authenticated attackers with access to the web interface to hijack a user’s session and take…
- CVE-2020-5839Jul 8, 2020risk 0.00cvss —epss 0.02
Symantec Endpoint Detection And Response, prior to 4.4, may be susceptible to an information disclosure issue, which is a type of vulnerability that could potentially allow unauthorized access to data.
- CVE-2020-6616May 8, 2020risk 0.00cvss —epss 0.01
Some Broadcom chips mishandle Bluetooth random-number generation because a low-entropy Pseudo Random Number Generator (PRNG) is used in situations where a Hardware Random Number Generator (HRNG) should have been used to prevent spoofing. This affects, for example, Samsung Galaxy…
- CVE-2020-5832Apr 6, 2020risk 0.00cvss —epss 0.00
Symantec Data Center Security Manager Component, prior to 6.8.2 (aka 6.8 MP2), may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that…
- CVE-2019-9502Feb 3, 2020risk 0.00cvss —epss 0.02
The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. If the vendor information element data length is larger than 164 bytes, a heap buffer overflow is triggered in wlc_wpa_plumb_gtk. In the worst case scenario, by sending specially-crafted WiFi packets, a remote,…
- CVE-2019-9501Feb 3, 2020risk 0.00cvss —epss 0.03
The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. By supplying a vendor information element with a data length larger than 32 bytes, a heap buffer overflow is triggered in wlc_wpa_sup_eapol. In the worst case scenario, by sending specially-crafted WiFi…
- CVE-2019-9503Jan 16, 2020risk 0.00cvss —epss 0.03
The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a remote source, the is_wlc_event_frame function will cause this frame to be…
- CVE-2019-9500Jan 16, 2020risk 0.00cvss —epss 0.04
The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an heap buffer overflow in the…
- CVE-2020-3941Jan 15, 2020risk 0.00cvss —epss 0.00
The repair operation of VMware Tools for Windows 10.x.y has a race condition which may allow for privilege escalation in the Virtual Machine where Tools is installed. This vulnerability is not present in VMware Tools 11.x.y since the affected functionality is not present in…
- CVE-2019-19518Jan 8, 2020risk 0.00cvss —epss 0.03
CA Automic Sysload 5.6.0 through 6.1.2 contains a vulnerability, related to a lack of authentication on the File Server port, that potentially allows remote attackers to execute arbitrary commands.
- CVE-2019-19230Dec 9, 2019risk 0.00cvss —epss 0.04
An unsafe deserialization vulnerability exists in CA Release Automation (Nolio) 6.6 with the DataManagement component that can allow a remote attacker to execute arbitrary code.
- CVE-2019-16210Nov 8, 2019risk 0.00cvss —epss 0.00
Brocade SANnav versions before v2.0, logs plain text database connection password while triggering support save.
- CVE-2019-16208Nov 8, 2019risk 0.00cvss —epss 0.00
Password-based encryption (PBE) algorithm, of Brocade SANnav versions before v2.0, has a weakness in generating cryptographic keys that may allow an attacker to decrypt passwords used with several services (Radius, TACAS, etc.).
- CVE-2019-16207Nov 8, 2019risk 0.00cvss —epss 0.00
Brocade SANnav versions before v2.0 use a hard-coded password, which could allow local authenticated attackers to access a back-end database and gain privileges.
- CVE-2019-18644Oct 30, 2019risk 0.00cvss —epss 0.01
The malware scan function in Total Defense Anti-virus 11.5.2.28 is vulnerable to a TOCTOU bug; consequently, symbolic link attacks allow privileged files to be deleted.
- CVE-2019-18645Oct 30, 2019risk 0.00cvss —epss 0.00
The quarantine restoration function in Total Defense Anti-virus 11.5.2.28 is vulnerable to symbolic link attacks, allowing files to be written to privileged directories.
- CVE-2019-13355Sep 24, 2019risk 0.00cvss —epss 0.00
In Total Defense Anti-virus 9.0.0.773, insecure access control for the directory %PROGRAMDATA%\TotalDefense\Consumer\ISS\9\ used by ccschedulersvc.exe allows local attackers to hijack dotnetproxy.exe, which leads to privilege escalation when the ccSchedulerSVC service runs the…
- CVE-2019-13356Sep 24, 2019risk 0.00cvss —epss 0.00
In Total Defense Anti-virus 9.0.0.773, insecure access control for the directory %PROGRAMDATA%\TotalDefense\Consumer\ISS\9\bd\TDUpdate2\ used by AMRT.exe allows local attackers to hijack bdcore.dll, which leads to privilege escalation when the AMRT service loads the DLL.
- CVE-2019-13357Sep 24, 2019risk 0.00cvss —epss 0.01
In Total Defense Anti-virus 9.0.0.773, resource acquisition from the untrusted search path C:\ used by caschelp.exe allows local attackers to hijack ccGUIFrm.dll, which leads to code execution. SYSTEM-level code execution can be achieved when the ccSchedulerSVC service runs the…
- CVE-2018-19860Jun 7, 2019risk 0.00cvss —epss 0.01
Broadcom firmware before summer 2014 on Nexus 5 BCM4335C0 2012-12-11, Raspberry Pi 3 BCM43438A1 2014-06-02, and unspecifed other devices does not properly restrict LMP commnds and executes certain memory contents upon receiving an LMP command, as demonstrated by executing an HCI…
- CVE-2019-5514Apr 1, 2019risk 0.00cvss —epss 0.03
VMware VMware Fusion (11.x before 11.0.3) contains a security vulnerability due to certain unauthenticated APIs accessible through a web socket. An attacker may exploit this issue by tricking the host user to execute a JavaScript to perform unauthorized functions on the guest…
- CVE-2018-6445Jan 22, 2019risk 0.00cvss —epss 0.02
A Vulnerability in Brocade Network Advisor versions before 14.0.3 could allow a remote unauthenticated attacker to export the current user database which includes the encrypted (not hashed) password of the systems. The attacker could gain access to the Brocade Network Advisor…
Page 8 of 10