Filtered by vendor Broadcom
Subscribe
Total
568 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-13678 | 1 Broadcom | 2 Advanced Secure Gateway, Symantec Proxysg | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| Stored XSS vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles. A malicious appliance administrator can inject arbitrary JavaScript code in the management console web client application. | |||||
| CVE-2017-13677 | 2 Broadcom, Symantec | 2 Symantec Proxysg, Advanced Secure Gateway | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Denial-of-service (DoS) vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles. A remote attacker can use crafted HTTP/HTTPS requests to cause denial-of-service through management console application crashes. | |||||
| CVE-2016-10258 | 1 Broadcom | 2 Advanced Secure Gateway, Symantec Proxysg | 2024-11-21 | 6.0 MEDIUM | 6.8 MEDIUM |
| Unrestricted file upload vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles. A malicious appliance administrator can upload arbitrary malicious files to the management console and trick another administrator user into downloading and executing malicious code. | |||||
| CVE-2016-10257 | 1 Broadcom | 2 Advanced Secure Gateway, Symantec Proxysg | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 (prior to 6.7.2.1), ProxySG 6.5 (prior to 6.5.10.6), ProxySG 6.6, and ProxySG 6.7 (prior to 6.7.2.1) management console is susceptible to a reflected XSS vulnerability. A remote attacker can use a crafted management console URL in a phishing attack to inject arbitrary JavaScript code into the management console web client application. This is a separate vulnerability from CVE-2016-10256. | |||||
| CVE-2016-10256 | 1 Broadcom | 1 Symantec Proxysg | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Symantec ProxySG 6.5 (prior to 6.5.10.6), 6.6, and 6.7 (prior to 6.7.2.1) management console is susceptible to a reflected XSS vulnerability. A remote attacker can use a crafted management console URL in a phishing attack to inject arbitrary JavaScript code into the management console web client application. This is a separate vulnerability from CVE-2016-10257. | |||||
| CVE-2015-4664 | 2 Broadcom, Xceedium | 2 Privileged Access Manager, Xsuite | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An improper input validation vulnerability in CA Privileged Access Manager 2.4.4.4 and earlier allows remote attackers to execute arbitrary commands. | |||||
| CVE-2005-10001 | 1 Broadcom | 1 Symantec Siteminder | 2024-11-20 | 5.8 MEDIUM | 5.4 MEDIUM |
| ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Netegrity SiteMinder up to 4.5.1 and classified as critical. Affected by this issue is the file /siteminderagent/pwcgi/smpwservicescgi.exe of the component Login. The manipulation of the argument target leads to an open redirect. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2023-4330 | 1 Broadcom | 1 Raid Controller Web Interface | 2024-02-05 | N/A | N/A |
| Broadcom RAID Controller web interface is vulnerable Denial of Service can be caused by an authenticated user to the REST API Interface | |||||