Vulnerabilities (CVE)

Filtered by vendor Broadcom Subscribe
Total 563 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2004-0934 11 Archive Zip, Broadcom, Ca and 8 more 23 Archive Zip, Brightstor Arcserve Backup, Etrust Antivirus and 20 more 2025-04-03 7.5 HIGH N/A
Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
CVE-2005-0583 1 Broadcom 1 License Software 2025-04-03 5.0 MEDIUM N/A
Directory traversal vulnerability in Computer Associates (CA) License Client 0.1.0.15 allows remote attackers to create arbitrary files via .. (dot dot) sequences in a PUTOLF request.
CVE-2002-2285 1 Broadcom 1 Inoculateit 2025-04-03 4.3 MEDIUM N/A
eTrust InoculateIT 6.0 with the "Incremental Scan" option enabled may certify that a file is free of viruses before the file has been completely downloaded, which allows remote attackers to bypass virus detection.
CVE-2001-0625 1 Broadcom 1 Inoculateit 2025-04-03 7.2 HIGH N/A
ftpdownload in Computer Associates InoculateIT 6.0 allows a local attacker to overwrite arbitrary files via a symlink attack on /tmp/ftpdownload.log .
CVE-2000-1244 1 Broadcom 1 Inoculateit Agent For Exchange 2025-04-03 7.5 HIGH N/A
Computer Associates InoculateIT Agent for Exchange Server does not recognize an e-mail virus attachment if the SMTP header is missing the "From" field, which allows remote attackers to bypass virus protection.
CVE-2005-0642 1 Broadcom 1 Unicenter Asset Management 2025-04-03 7.5 HIGH N/A
SQL injection vulnerability in the Query Designer for Computer Associates (CA) Unicenter Asset Management (UAM) 4.0 allows remote attackers to execute arbitrary SQL via an imported file.
CVE-2005-0581 1 Broadcom 1 License Software 2025-04-03 4.6 MEDIUM N/A
Multiple buffer overflows in Computer Associates (CA) License Client and Server 0.1.0.15 allow remote attackers to execute arbitrary code via (1) certain long fields in the Checksum item in a GCR request, (2) a long IP address, hostname, or netmask values in a GCR request, (3) a long last parameter in a GETCONFIG packet, or (4) long values in a request with an invalid format.
CVE-2001-0960 2 Broadcom, Ca 3 Arcserve Backup, Arcserve Backup 2000, Arcserve Backup 2000 2025-04-03 10.0 HIGH N/A
Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 stores the backup agent user name and password in cleartext in the aremote.dmp file in the ARCSERVE$ hidden share, which allows local and remote attackers to gain privileges.
CVE-2005-4150 1 Broadcom 1 Cleverpath Portal 2025-04-03 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the portal login page in Computer Associates CleverPath 4.7 allows remote attackers to execute Javascript via unknown vectors.
CVE-2004-0267 1 Broadcom 1 Inoculateit 2025-04-03 2.1 LOW N/A
The (1) inoregupdate, (2) uniftest, or (3) unimove scripts in eTrust InoculateIT for Linux 6.0 allow local users to overwrite arbitrary files via a symlink attack on files in /tmp.
CVE-2005-1272 2 Broadcom, Ca 4 Brightstor Enterprise Backup, Brightstor Arcserve Backup, Brightstor Arcserve Backup Agent and 1 more 2025-04-03 7.5 HIGH N/A
Stack-based buffer overflow in the Backup Agent for Microsoft SQL Server in BrightStor ARCserve Backup Agent for SQL Server 11.0 allows remote attackers to execute arbitrary code via a long string sent to port (1) 6070 or (2) 6050.
CVE-2004-0932 11 Archive Zip, Broadcom, Ca and 8 more 23 Archive Zip, Brightstor Arcserve Backup, Etrust Antivirus and 20 more 2025-04-03 7.5 HIGH N/A
McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
CVE-2004-1663 5 Broadcom, Brocade, Engenio and 2 more 6 Fabric Operating System, Silkworm, Silkworm Fiber Channel Switch and 3 more 2025-04-03 5.0 MEDIUM N/A
Engenio/LSI Logic storage controllers, as used in products such as Storagetek D280, and IBM DS4100 (formerly FastT 100) and Brocade SilkWorm Switches, allow remote attackers to cause a denial of service (freeze and possible data corruption) via crafted TCP packets.
CVE-2006-3223 1 Broadcom 3 Etrust Antivirus, Etrust Pestpatrol, Integrated Threat Management 2025-04-03 7.5 HIGH N/A
Format string vulnerability in CA Integrated Threat Management (ITM), eTrust Antivirus (eAV), and eTrust PestPatrol (ePP) r8 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a scan job with format strings in the description field.
CVE-1999-1049 1 Broadcom 1 Arcserve Backup 2025-04-03 10.0 HIGH N/A
ARCserve NT agents use weak encryption (XOR) for passwords, which allows remote attackers to sniff the authentication request to port 6050 and decrypt the password.
CVE-2006-2201 1 Broadcom 1 Resource Initialization Manager 2025-04-03 4.3 MEDIUM N/A
Unspecified vulnerability in CA Resource Initialization Manager (CAIRIM) 1.x before 20060502, as used in z/OS Common Services and the LMP component in multiple products, allows attackers to violate integrity via a certain "problem state program" that uses SVC to gain access to supervisor state, key 0.
CVE-2001-0382 1 Broadcom 1 Ccc Harvest 2025-04-03 7.5 HIGH N/A
Computer Associates CCC\Harvest 5.0 for Windows NT/2000 uses weak encryption for passwords, which allows a remote attacker to gain privileges on the application.
CVE-2005-3225 1 Broadcom 2 Etrust Antivirus, Etrust Antivirus Iris Engine 2025-04-03 5.1 MEDIUM N/A
Multiple interpretation error in unspecified versions of (1) eTrust-Iris and (2) eTrust-Vet Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.
CVE-2023-23951 1 Broadcom 2 Symantec Identity Governance And Administration, Symantec Identity Manager 2025-04-02 N/A 6.1 MEDIUM
Ability to enumerate the Oracle LDAP attributes for the current user by modifying the query used by the application
CVE-2023-23950 1 Broadcom 2 Symantec Identity Governance And Administration, Symantec Identity Manager 2025-04-02 N/A 6.1 MEDIUM
User’s supplied input (usually a CRLF sequence) can be used to split a returning response into two responses.