Filtered by vendor Broadcom
Subscribe
Total
560 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-33755 | 1 Broadcom | 1 Ca Automic Automation | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| CA Automic Automation 12.2 and 12.3 contain an insecure input handling vulnerability in the Automic Agent that could allow a remote attacker to potentially enumerate users. | |||||
| CVE-2022-33754 | 1 Broadcom | 1 Ca Automic Automation | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary code. | |||||
| CVE-2022-33753 | 1 Broadcom | 1 Ca Automic Automation | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| CA Automic Automation 12.2 and 12.3 contain an insecure file creation and handling vulnerability in the Automic agent that could allow a user to potentially elevate privileges. | |||||
| CVE-2022-33752 | 1 Broadcom | 1 Ca Automic Automation | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary code. | |||||
| CVE-2022-33751 | 1 Broadcom | 1 Ca Automic Automation | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| CA Automic Automation 12.2 and 12.3 contain an insecure memory handling vulnerability in the Automic agent that could allow a remote attacker to potentially access sensitive data. | |||||
| CVE-2022-33750 | 1 Broadcom | 1 Ca Automic Automation | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| CA Automic Automation 12.2 and 12.3 contain an authentication error vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary commands. | |||||
| CVE-2022-33739 | 1 Broadcom | 1 Ca Clarity | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| CA Clarity 15.8 and below and 15.9.0 contain an insecure XML parsing vulnerability that could allow a remote attacker to potentially view the contents of any file on the system. | |||||
| CVE-2022-33187 | 1 Broadcom | 1 Brocade Sannav | 2024-11-21 | N/A | 5.5 MEDIUM |
| Brocade SANnav before v2.2.1 logs usernames and encoded passwords in debug-enabled logs. The vulnerability could allow an attacker with admin privilege to read sensitive information. | |||||
| CVE-2022-28487 | 2 Broadcom, Fedoraproject | 2 Tcpreplay, Fedora | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Tcpreplay version 4.4.1 contains a memory leakage flaw in fix_ipv6_checksums() function. The highest threat from this vulnerability is to data confidentiality. | |||||
| CVE-2022-28168 | 1 Broadcom | 1 Sannav | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In Brocade SANnav before Brocade SANnav v2.2.0.2 and Brocade SANnav2.1.1.8, encoded scp-server passwords are stored using Base64 encoding, which could allow an attacker able to access log files to easily decode the passwords. | |||||
| CVE-2022-28167 | 1 Broadcom | 1 Sannav | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Brocade SANnav before Brocade SANvav v. 2.2.0.2 and Brocade SANanv v.2.1.1.8 logs the Brocade Fabric OS switch password in plain text in asyncjobscheduler-manager.log | |||||
| CVE-2022-28166 | 1 Broadcom | 1 Sannav | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In Brocade SANnav version before SANN2.2.0.2 and Brocade SANNav before 2.1.1.8, the implementation of TLS/SSL Server Supports the Use of Static Key Ciphers (ssl-static-key-ciphers) on ports 443 & 18082. | |||||
| CVE-2022-28165 | 1 Broadcom | 1 Sannav | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| A vulnerability in the role-based access control (RBAC) functionality of the Brocade SANNav before 2.2.0 could allow an authenticated, remote attacker to access resources that they should not be able to access and perform actions that they should not be able to perform. The vulnerability exists because restrictions are not performed on Server side to ensure the user has required permission before processing requests. | |||||
| CVE-2022-28164 | 1 Broadcom | 1 Sannav | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Brocade SANnav before SANnav 2.2.0 application uses the Blowfish symmetric encryption algorithm for the storage of passwords. This could allow an authenticated attacker to decrypt stored account passwords. | |||||
| CVE-2022-28163 | 1 Broadcom | 1 Sannav | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In Brocade SANnav before Brocade SANnav 2.2.0, multiple endpoints associated with Zone management are susceptible to SQL injection, allowing an attacker to run arbitrary SQL commands. | |||||
| CVE-2022-28162 | 1 Broadcom | 1 Sannav | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| Brocade SANnav before version SANnav 2.2.0 logs the REST API Authentication token in plain text. | |||||
| CVE-2022-27942 | 2 Broadcom, Fedoraproject | 2 Tcpreplay, Fedora | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| tcpprep in Tcpreplay 4.4.1 has a heap-based buffer over-read in parse_mpls in common/get.c. | |||||
| CVE-2022-27941 | 2 Broadcom, Fedoraproject | 2 Tcpreplay, Fedora | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_l2len_protocol in common/get.c. | |||||
| CVE-2022-27940 | 2 Broadcom, Fedoraproject | 2 Tcpreplay, Fedora | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_ipv6_next in common/get.c. | |||||
| CVE-2022-27939 | 2 Broadcom, Fedoraproject | 2 Tcpreplay, Fedora | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| tcprewrite in Tcpreplay 4.4.1 has a reachable assertion in get_layer4_v6 in common/get.c. | |||||