Filtered by vendor Broadcom
Subscribe
Total
559 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-4899 | 1 Broadcom | 1 Etrust Security Command Center | 2025-04-03 | 5.0 MEDIUM | N/A |
| The ePPIServlet script in Computer Associates (CA) eTrust Security Command Center 1.0 and r8 up to SP1 CR2, when running on Windows, allows remote attackers to obtain the web server path via a "'" (single quote) in the PIProfile function, which leaks the path in an error message. | |||||
| CVE-2006-0307 | 2 Broadcom, Ca | 7 Brightstor Arcserve Backup Laptops Desktops, Brightstor Mobile Backup, Business Protection Suite and 4 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| The DM Primer in the DM Deployment Common Component in Computer Associates (CA) BrightStor Mobile Backup r4.0, BrightStor ARCserve Backup for Laptops & Desktops r11.0, r11.1, r11.1 SP1, Unicenter Remote Control 6.0, 6.0 SP1, CA Desktop Protection Suite r2, CA Server Protection Suite r2, and CA Business Protection Suite r2 allows remote attackers to cause a denial of service (CPU consumption and log file consumption) via unspecified "unrecognized network messages" that are not properly handled. | |||||
| CVE-2004-1812 | 1 Broadcom | 1 Unicenter Tng | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in Agent Common Services (1) cam.exe and (2) awservices.exe in Unicenter TNG 2.4 allow remote attackers to execute arbitrary code. | |||||
| CVE-2002-1598 | 1 Broadcom | 1 Mlink | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflows in Computer Associates MLink (CA-MLink) 6.5 and earlier may allow local users to execute arbitrary code via long command line arguments to (1) mlclear or (2) mllock. | |||||
| CVE-2001-0959 | 2 Broadcom, Ca | 3 Arcserve Backup, Arcserve Backup 2000, Arcserve Backup 2000 | 2025-04-03 | 6.4 MEDIUM | N/A |
| Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 creates a hidden share named ARCSERVE$, which allows remote attackers to obtain sensitive information and overwrite critical files. | |||||
| CVE-2003-0997 | 1 Broadcom | 1 Unicenter Remote Control Host | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown "Denial of Service Attack" vulnerability in Computer Associates (CA) Unicenter Remote Control (URC) 6.0 allows attackers to cause a denial of service (CPU consumption in URC host service). | |||||
| CVE-2006-3223 | 1 Broadcom | 3 Etrust Antivirus, Etrust Pestpatrol, Integrated Threat Management | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in CA Integrated Threat Management (ITM), eTrust Antivirus (eAV), and eTrust PestPatrol (ePP) r8 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a scan job with format strings in the description field. | |||||
| CVE-2004-0935 | 11 Archive Zip, Broadcom, Ca and 8 more | 23 Archive Zip, Brightstor Arcserve Backup, Etrust Antivirus and 20 more | 2025-04-03 | 7.5 HIGH | N/A |
| Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. | |||||
| CVE-1999-1049 | 1 Broadcom | 1 Arcserve Backup | 2025-04-03 | 10.0 HIGH | N/A |
| ARCserve NT agents use weak encryption (XOR) for passwords, which allows remote attackers to sniff the authentication request to port 6050 and decrypt the password. | |||||
| CVE-2006-2201 | 1 Broadcom | 1 Resource Initialization Manager | 2025-04-03 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in CA Resource Initialization Manager (CAIRIM) 1.x before 20060502, as used in z/OS Common Services and the LMP component in multiple products, allows attackers to violate integrity via a certain "problem state program" that uses SVC to gain access to supervisor state, key 0. | |||||
| CVE-2002-2285 | 1 Broadcom | 1 Inoculateit | 2025-04-03 | 4.3 MEDIUM | N/A |
| eTrust InoculateIT 6.0 with the "Incremental Scan" option enabled may certify that a file is free of viruses before the file has been completely downloaded, which allows remote attackers to bypass virus detection. | |||||
| CVE-2005-3372 | 1 Broadcom | 1 Etrust Antivirus | 2025-04-03 | 5.1 MEDIUM | N/A |
| Multiple interpretation error in eTrust CA 7.0.1.4 with the 11.9.1 engine allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug." | |||||
| CVE-1999-0355 | 1 Broadcom | 1 Controlit | 2025-04-03 | 5.0 MEDIUM | N/A |
| Local or remote users can force ControlIT 4.5 to reboot or force a user to log out, resulting in a denial of service. | |||||
| CVE-2005-2669 | 2 Broadcom, Ca | 28 Advantage Data Transport, Adviseit, Brightstor Portal and 25 more | 2025-04-03 | 10.0 HIGH | N/A |
| Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allows remote attackers to execute arbitrary commands via spoofed CAFT packets. | |||||
| CVE-2005-0968 | 1 Broadcom | 1 Etrust Intrusion Detection | 2025-04-03 | 5.0 MEDIUM | N/A |
| Computer Associates (CA) eTrust Intrusion Detection 3.0 allows remote attackers to cause a denial of service via large size values that are not properly validated before calling the CPImportKey function in the Crypto API. | |||||
| CVE-2004-2305 | 1 Broadcom | 1 Etrust Antivirus Ee | 2025-04-03 | 5.0 MEDIUM | N/A |
| Computer Associates eTrust Antivirus EE 6.0 through 7.0 allows remote attackers to bypass virus scanning by including a password-protected file in a ZIP file, which causes eTrust to scan only the password protected file and skip the other files. | |||||
| CVE-2023-23951 | 1 Broadcom | 2 Symantec Identity Governance And Administration, Symantec Identity Manager | 2025-04-02 | N/A | 6.1 MEDIUM |
| Ability to enumerate the Oracle LDAP attributes for the current user by modifying the query used by the application | |||||
| CVE-2023-23950 | 1 Broadcom | 2 Symantec Identity Governance And Administration, Symantec Identity Manager | 2025-04-02 | N/A | 6.1 MEDIUM |
| User’s supplied input (usually a CRLF sequence) can be used to split a returning response into two responses. | |||||
| CVE-2023-23949 | 1 Broadcom | 2 Symantec Identity Governance And Administration, Symantec Identity Manager | 2025-04-02 | N/A | 5.4 MEDIUM |
| An authenticated user can supply malicious HTML and JavaScript code that will be executed in the client browser. | |||||
| CVE-2019-11287 | 5 Broadcom, Debian, Fedoraproject and 2 more | 5 Rabbitmq Server, Debian Linux, Fedora and 2 more | 2025-04-02 | 5.0 MEDIUM | 7.5 HIGH |
| Pivotal RabbitMQ, versions 3.7.x prior to 3.7.21 and 3.8.x prior to 3.8.1, and RabbitMQ for Pivotal Platform, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain a web management plugin that is vulnerable to a denial of service attack. The "X-Reason" HTTP Header can be leveraged to insert a malicious Erlang format string that will expand and consume the heap, resulting in the server crashing. | |||||