Filtered by vendor Broadcom Subscriptions
Total 595 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2006-4900 1 Broadcom 1 Etrust Security Command Center 2025-04-03 N/A
Directory traversal vulnerability in Computer Associates (CA) eTrust Security Command Center 1.0 and r8 up to SP1 CR2, allows remote authenticated users to read and delete arbitrary files via ".." sequences in the eSCCAdHocHtmlFile parameter to eSMPAuditServlet, which is not properly handled by the getadhochtml function.
CVE-2001-0959 2 Broadcom, Ca 3 Arcserve Backup, Arcserve Backup 2000, Arcserve Backup 2000 2025-04-03 N/A
Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 creates a hidden share named ARCSERVE$, which allows remote attackers to obtain sensitive information and overwrite critical files.
CVE-2004-0935 11 Archive Zip, Broadcom, Ca and 8 more 23 Archive Zip, Brightstor Arcserve Backup, Etrust Antivirus and 20 more 2025-04-03 N/A
Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
CVE-2005-2667 2 Broadcom, Ca 24 Advantage Data Transport, Adviseit, Brightstor Portal and 21 more 2025-04-03 N/A
Unknown vulnerability in Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allows attackers to cause a denial of service via unknown vectors, aka the "CAM TCP port vulnerability."
CVE-2023-23951 1 Broadcom 2 Symantec Identity Governance And Administration, Symantec Identity Manager 2025-04-02 6.1 Medium
Ability to enumerate the Oracle LDAP attributes for the current user by modifying the query used by the application
CVE-2023-23950 1 Broadcom 2 Symantec Identity Governance And Administration, Symantec Identity Manager 2025-04-02 6.1 Medium
User’s supplied input (usually a CRLF sequence) can be used to split a returning response into two responses.
CVE-2023-23949 1 Broadcom 2 Symantec Identity Governance And Administration, Symantec Identity Manager 2025-04-02 8.1 High
An authenticated user can supply malicious HTML and JavaScript code that will be executed in the client browser.
CVE-2020-5419 2 Broadcom, Pivotal Software 2 Rabbitmq Server, Rabbitmq 2025-04-02 6.7 Medium
RabbitMQ versions 3.8.x prior to 3.8.7 are prone to a Windows-specific binary planting security vulnerability that allows for arbitrary code execution. An attacker with write privileges to the RabbitMQ installation directory and local access on Windows could carry out a local binary hijacking (planting) attack and execute arbitrary code.
CVE-2021-22117 2 Broadcom, Microsoft 2 Rabbitmq Server, Windows 2025-04-02 7.8 High
RabbitMQ installers on Windows prior to version 3.8.16 do not harden plugin directory permissions, potentially allowing attackers with sufficient local filesystem permissions to add arbitrary plugins.
CVE-2019-11291 3 Broadcom, Redhat, Vmware 3 Rabbitmq Server, Openstack, Rabbitmq 2025-04-02 4.8 Medium
Pivotal RabbitMQ, 3.7 versions prior to v3.7.20 and 3.8 version prior to v3.8.1, and RabbitMQ for PCF, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain two endpoints, federation and shovel, which do not properly sanitize user input. A remote authenticated malicious user with administrative access could craft a cross site scripting attack via the vhost or node name fields that could grant access to virtual hosts and policy management information.
CVE-2019-11287 5 Broadcom, Debian, Fedoraproject and 2 more 5 Rabbitmq Server, Debian Linux, Fedora and 2 more 2025-04-02 7.5 High
Pivotal RabbitMQ, versions 3.7.x prior to 3.7.21 and 3.8.x prior to 3.8.1, and RabbitMQ for Pivotal Platform, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain a web management plugin that is vulnerable to a denial of service attack. The "X-Reason" HTTP Header can be leveraged to insert a malicious Erlang format string that will expand and consume the heap, resulting in the server crashing.
CVE-2024-2859 1 Broadcom 1 Brocade Sannav 2025-03-19 6.8 Medium
By default, SANnav OVA is shipped with root user login enabled. While protected by a password, access to root could expose SANnav to a remote attacker should they gain access to the root account.
CVE-2024-37079 2 Broadcom, Vmware 4 Vmware Cloud Foundation, Vmware Vcenter Server, Cloud Foundation and 1 more 2025-03-14 9.8 Critical
vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution.
CVE-2025-24500 1 Broadcom 1 Symantec Privileged Access Management 2025-03-13 N/A
The vulnerability allows an unauthenticated attacker to access information in PAM database.
CVE-2023-27785 1 Broadcom 1 Tcpreplay 2025-02-26 7.5 High
An issue found in TCPreplay TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the parse endpoints function.
CVE-2023-27784 1 Broadcom 1 Tcpreplay 2025-02-26 7.5 High
An issue found in TCPReplay v.4.4.3 allows a remote attacker to cause a denial of service via the read_hexstring function at the utils.c:309 endpoint.
CVE-2023-27783 1 Broadcom 1 Tcpreplay 2025-02-26 7.5 High
An issue found in TCPreplay tcprewrite v.4.4.3 allows a remote attacker to cause a denial of service via the tcpedit_dlt_cleanup function at plugins/dlt_plugins.c.
CVE-2023-27789 1 Broadcom 1 Tcpreplay 2025-02-26 7.5 High
An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the cidr2cidr function at the cidr.c:178 endpoint.
CVE-2023-27788 1 Broadcom 1 Tcpreplay 2025-02-26 7.5 High
An issue found in TCPrewrite v.4.4.3 allows a remote attacker to cause a denial of service via the ports2PORT function at the portmap.c:69 endpoint.
CVE-2023-27787 1 Broadcom 1 Tcpreplay 2025-02-26 7.5 High
An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the parse_list function at the list.c:81 endpoint.