Filtered by vendor Broadcom
Subscribe
Total
582 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-4376 | 2 Broadcom, Hp | 2 Fabric Operating System, Storefabric B Series Switch | 2025-04-12 | 7.8 HIGH | 6.5 MEDIUM |
| HPE FOS before 7.4.1d and 8.x before 8.0.1 on StoreFabric B switches allows remote attackers to obtain sensitive information via unspecified vectors. | |||||
| CVE-2011-1653 | 1 Broadcom | 1 Total Defense | 2025-04-11 | 10.0 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the Unified Network Control (UNC) Server in CA Total Defense (TD) r12 before SE2 allow remote attackers to execute arbitrary SQL commands via vectors involving the (1) UnAssignFunctionalRoles, (2) UnassignAdminRoles, (3) DeleteFilter, (4) NonAssignedUserList, (5) DeleteReportLayout, (6) DeleteReports, and (7) RegenerateReport stored procedures. | |||||
| CVE-2011-1654 | 1 Broadcom | 1 Total Defense | 2025-04-11 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in the Heartbeat Web Service in CA.Itm.Server.ManagementWS.dll in the Management Server in CA Total Defense (TD) r12 before SE2 allows remote attackers to execute arbitrary code via directory traversal sequences in the GUID parameter in an upload request to FileUploadHandler.ashx. | |||||
| CVE-2011-3849 | 1 Broadcom | 1 Directory | 2025-04-11 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in dxserver before 6279 in CA Directory 8.1 and CA Directory r12 before SP7 CR1 allows remote attackers to cause a denial of service (daemon crash) via a crafted SNMP packet. | |||||
| CVE-2014-1219 | 1 Broadcom | 1 2e Web Option | 2025-04-11 | 5.1 MEDIUM | N/A |
| CA 2E Web Option r8.1.2 accepts a predictable substring of a W2E_SSNID session token in place of the entire token, which allows remote attackers to hijack sessions by changing characters at the end of this substring, as demonstrated by terminating a session via a modified SSNID parameter to web2edoc/close.htm. | |||||
| CVE-2011-1718 | 2 Broadcom, Ca | 2 Siteminder, Siteminder | 2025-04-11 | 4.3 MEDIUM | N/A |
| The Web Agents component in CA SiteMinder R6 before SP6 CR2 and R12 before SP3 CR2 does not properly handle multi-line headers, which allows remote authenticated users to conduct impersonation attacks and gain privileges via crafted data. | |||||
| CVE-2013-5968 | 2 Broadcom, Ca | 2 Siteminder, Web Agents | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in CA SiteMinder 12.0 through 12.51, and SiteMinder 6 Web Agents, allows remote attackers to inject arbitrary web script or HTML via vectors involving a " (double quote) character. | |||||
| CVE-2013-2630 | 1 Broadcom | 1 Service Desk Manager | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in CA Service Desk Manager 12.5 through 12.7 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. | |||||
| CVE-2011-1655 | 1 Broadcom | 1 Total Defense | 2025-04-11 | 7.5 HIGH | N/A |
| The management.asmx module in the Management Web Service in the Unified Network Control (UNC) Server in CA Total Defense (TD) r12 before SE2 sends a cleartext response to unspecified getDBConfigSettings requests, which makes it easier for remote attackers to obtain database credentials, and subsequently execute arbitrary code, by sniffing the network, related to the UNCWS Web Service. | |||||
| CVE-2010-0104 | 2 Broadcom, Hp | 16 Broadcom, Compaq 6005 Pro Microtower Pc, Compaq 6005 Small Form Factor Pc and 13 more | 2025-04-11 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Broadcom Integrated NIC Management Firmware 1.x before 1.40.0.0 and 8.x before 8.08 on the HP Small Form Factor and Microtower platforms allows remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2011-4503 | 2 Broadcom, Sitecom | 2 Broadcom Linux, Wl-111 | 2025-04-11 | 7.5 HIGH | N/A |
| The UPnP IGD implementation in Broadcom Linux on the Sitecom WL-111 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability. | |||||
| CVE-2012-0692 | 1 Broadcom | 1 License Software | 2025-04-11 | 7.2 HIGH | N/A |
| CA License (aka CA Licensing) before 1.90.03 allows local users to modify or create arbitrary files, and consequently gain privileges, via unspecified vectors. | |||||
| CVE-2011-2667 | 2 Broadcom, Ca | 2 Total Defense, Gateway Security | 2025-04-11 | 10.0 HIGH | N/A |
| Icihttp.exe in CA Gateway Security for HTTP, as used in CA Gateway Security 8.1 before 8.1.0.69 and CA Total Defense r12, does not properly parse URLs, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and daemon crash) via a malformed request. | |||||
| CVE-2011-1719 | 1 Broadcom | 1 Output Management Web Viewer | 2025-04-11 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in the Web Viewer ActiveX controls in CA Output Management Web Viewer 11.0 and 11.5 allow remote attackers to execute arbitrary code via (1) a long SRC property value to the PPSViewer ActiveX control in PPSView.ocx before 1.0.0.7 or (2) a long Title property value to the UOMWV_Helper ActiveX control in UOMWV_HelperActiveX.ocx before 11.5.0.1. | |||||
| CVE-2012-2619 | 2 Apple, Broadcom | 3 Iphone Os, Bcm4325, Bcm4329 | 2025-04-11 | 7.8 HIGH | N/A |
| The Broadcom BCM4325 and BCM4329 Wi-Fi chips, as used in certain Acer, Apple, Asus, Ford, HTC, Kyocera, LG, Malata, Motorola, Nokia, Pantech, Samsung, and Sony products, allow remote attackers to cause a denial of service (out-of-bounds read and Wi-Fi outage) via an RSN 802.11i information element. | |||||
| CVE-2012-0691 | 1 Broadcom | 1 License Software | 2025-04-11 | 7.2 HIGH | N/A |
| CA License (aka CA Licensing) before 1.90.03 does not properly restrict system commands, which allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2012-1662 | 2 Broadcom, Microsoft | 2 Arcserve Backup, Windows | 2025-04-11 | 5.0 MEDIUM | N/A |
| CA ARCserve Backup r12.0 through SP2, r12.5 before SP2, r15 through SP1, and r16 before SP1 on Windows allows remote attackers to cause a denial of service (service shutdown) via a crafted network request. | |||||
| CVE-2006-5882 | 2 Broadcom, Linksys | 2 Bcmwl5.sys Wireless Device Driver, Wpc300n Wireless-n Notebook Adapter Driver | 2025-04-09 | 8.3 HIGH | N/A |
| Stack-based buffer overflow in the Broadcom BCMWL5.SYS wireless device driver 3.50.21.10, as used in Cisco Linksys WPC300N Wireless-N Notebook Adapter before 4.100.15.5 and other products, allows remote attackers to execute arbitrary code via an 802.11 response frame containing a long SSID field. | |||||
| CVE-2007-5084 | 1 Broadcom | 1 Brightstor Hierarchical Storage Manager | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary SQL commands via CsAgent service commands with opcodes (1) 0x07, (2) 0x08, (3) 0x09, (4) 0x1E, (5) 0x32, (6) 0x36, (7) 0x40, and possibly others. | |||||
| CVE-2007-1345 | 1 Broadcom | 1 Etrust Admin | 2025-04-09 | 4.1 MEDIUM | N/A |
| Unspecified vulnerability in cube.exe in the GINA component for CA (Computer Associates) eTrust Admin 8.1.0 through 8.1.2 allows attackers with physical interactive or Remote Desktop access to bypass authentication and gain privileges via the password reset interface. | |||||