Broadcom: Security Vulnerabilities
Broadcom firmware before summer 2014 on Nexus 5 BCM4335C0 2012-12-11, Raspberry Pi 3 BCM43438A1 2014-06-02, and unspecifed other devices does not properly restrict LMP commnds and executes certain memory contents upon receiving an LMP command, as demonstrated by executing an HCI command.
CVSS Score
8.8
EPSS Score
0.006
Published
2019-06-07
An improper authentication vulnerability in CA Privileged Access Manager 3.x Web-UI jk-manager and jk-status allows a remote attacker to gain sensitive information or alter configuration.
CVSS Score
9.1
EPSS Score
0.004
Published
2019-02-26
An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_layer4_v6() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact.
CVSS Score
7.8
EPSS Score
0.002
Published
2019-02-17
An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_ipv6_l4proto() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact.
CVSS Score
7.8
EPSS Score
0.002
Published
2019-02-17
An issue was discovered in Tcpreplay 4.3.1. An invalid memory access occurs in do_checksum in checksum.c. It can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact.
CVSS Score
7.8
EPSS Score
0.003
Published
2019-02-17
Insufficient output sanitization in the Automic Web Interface (AWI), in CA Automic Workload Automation 12.0 to 12.2, allow attackers to potentially conduct persistent cross site scripting (XSS) attacks via a crafted object.
CVSS Score
6.1
EPSS Score
0.009
Published
2019-02-06
CA Service Desk Manager 14.1 and 17 contain a vulnerability that can allow a malicious actor to access survey information.
CVSS Score
7.5
EPSS Score
0.003
Published
2019-01-22
CA Service Desk Manager 14.1 and 17 contain a vulnerability that can allow a malicious actor to escalate privileges in the user interface.
CVSS Score
9.8
EPSS Score
0.005
Published
2019-01-22
Tcpreplay before 4.3.1 has a heap-based buffer over-read in packet2tree in tree.c.
CVSS Score
7.8
EPSS Score
0.002
Published
2018-12-28
Tcpreplay before 4.3.1 has a heap-based buffer over-read in get_l2len in common/get.c.
CVSS Score
7.8
EPSS Score
0.002
Published
2018-12-28