Lucene search
K
BroadcomRecent

879 matches found

Broadcom
Broadcom
•added 2017/09/29 12:0 a.m.•10 views

BSA-2017-436

Security Advisory ID : BSA-2017-436 Component : Perl Revision : 2.0: Interim Heap-based buffer overflow in the regular expression compiler in PERL before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service crash via a crafted regular expression with the...

7.5CVSS7.2AI score0.06207EPSS
Exploits0
Broadcom
Broadcom
•added 2017/09/29 12:0 a.m.•7 views

BSA-2017-442

Security Advisory ID : BSA-2017-442 Component : OpenLDAP Revision : 3.0: Final /usr/libexec/openldap/generate-server-cert.sh inopenldap-servers sets weak permissions for the TLS certificate, which allows local users to obtain the TLS certificate by leveraging a race condition between the creation...

4.7CVSS6.4AI score0.0015EPSS
Exploits0
Broadcom
Broadcom
•added 2017/09/29 12:0 a.m.•7 views

BSA-2017-445

Security Advisory ID : BSA-2017-445 Component : DENX Das U-Boot Revision : 3.0: Final Das U-Boot is a devicebootloader that can read its configuration from an AES encrypted file. For devices utilizing this environment encryption mode, U-Boot's use of a zero initialization vector and improper...

6.4CVSS6.3AI score0.00266EPSS
Exploits0
Broadcom
Broadcom
•added 2017/09/29 12:0 a.m.•9 views

BSA-2017-444

Security Advisory ID : BSA-2017-444 Component : DENX Das U-Boot Revision : 3.0: Final Das U-Boot is a devicebootloader that can read its configuration from an AES encrypted file. For devices utilizing this environment encryption mode, U-Boot's use of a zero initialization vector and improper...

4.6CVSS6.6AI score0.00309EPSS
Exploits0
Broadcom
Broadcom
•added 2017/09/29 12:0 a.m.•6 views

BSA-2017-431

Security Advisory ID : BSA-2017-431 Component : Kernel Revision : 3.0: Interim A stack buffer overflow flaw was found in the way the Bluetooth subsystem of the Linux kernel processed pending L2CAP configuration responses from a client. On systems with the stack protection feature enabled in the...

8CVSS8.1AI score0.16181EPSS
Exploits12
Broadcom
Broadcom
•added 2017/09/29 12:0 a.m.•8 views

BSA-2017-443

Security Advisory ID : BSA-2017-443 Component : DHCP Revision : 1.0: Interim A resource-consumption flaw was discovered in the DHCP server. dhcpd did not restrict the number of open connections to OMAPI and failover ports. A remote attacker able to establish TCP connections to one of these ports...

7.1CVSS7AI score0.73622EPSS
Exploits0
Broadcom
Broadcom
•added 2017/09/29 12:0 a.m.•8 views

BSA-2017-437

Security Advisory ID : BSA-2017-437 Component : Perl Revision : 2.0: Interim Buffer overflow in the regular expression parser in PERL before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service crash or leak data from memory via vectors involving use...

9.1CVSS7.2AI score0.05908EPSS
Exploits0
Broadcom
Broadcom
•added 2017/09/29 12:0 a.m.•7 views

BSA-2017-432

Security Advisory ID : BSA-2017-432 Component : JOBSS Revision : 2.0: Interim Red HatJBossEAP version 3.0.7 through before 4.0.0.Beta1 is vulnerable to a server-side cache poisoning or CORS requests in the JAX-RS component resulting in a moderate impact. Affected Products Brocade is investigating...

7.5CVSS6.9AI score0.01514EPSS
Exploits0
Broadcom
Broadcom
•added 2017/09/29 12:0 a.m.•8 views

BSA-2017-438

Security Advisory ID : BSA-2017-438 Component : Apache Struts Revision : 2.0: Interim It was found thatFreemarkerin Struts would permit using read-only properties in value assignment of tag expressions. An attacker could use this to execute arbitrary code. Affected Products Brocade is investigati...

9.8CVSS7.4AI score0.8802EPSS
Exploits6
Broadcom
Broadcom
•added 2017/09/29 12:0 a.m.•8 views

BSA-2017-441

Security Advisory ID : BSA-2017-441 Component : Samba Revision : 2.0: Interim It was found that samba did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text. Affected Products...

7.4CVSS6.5AI score0.13334EPSS
Exploits0
Broadcom
Broadcom
•added 2017/09/29 12:0 a.m.•9 views

BSA-2017-435

Security Advisory ID : BSA-2017-435 Component : Apache HTTPD Revision : 3.0: Final Apachehttpdallows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccessfile, or ifhttpd.confhas certain misconfigurations, akaOptionsbleed. This affects th...

7.5CVSS9.5AI score0.94999EPSS
Exploits9
Broadcom
Broadcom
•added 2017/09/29 12:0 a.m.•7 views

BSA-2017-440

Security Advisory ID : BSA-2017-440 Component : Samba Revision : 2.0: Interim An information leak flaw was found in the way SMB1 protocol was implemented by Samba. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the...

7.1CVSS6.5AI score0.0759EPSS
Exploits0
Broadcom
Broadcom
•added 2017/09/29 12:0 a.m.•7 views

BSA-2017-439

Security Advisory ID : BSA-2017-439 Component : Samba Revision : 2.0: Interim A flaw was found in the way samba client used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and encrypting to any DFS redirects, allowing an attacker to read or alte...

7.4CVSS6.5AI score0.04595EPSS
Exploits0
Broadcom
Broadcom
•added 2017/09/09 12:0 a.m.•15 views

BSA-2017-426

Security Advisory ID : BSA-2017-426 Component : OpenSSL Revision : 1.0: Interim While parsing anIPAddressFamilyextension in an X.509 certificate, it is possible to do a one-byteoverread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is...

5.3CVSS9.4AI score0.17699EPSS
Exploits0
Broadcom
Broadcom
•added 2017/09/08 12:0 a.m.•11 views

BSA-2017-427

Security Advisory ID : BSA-2017-427 Component : Apache Struts 2 Revision : 2.0: Interim The REST Plugin in Apache Struts2 is usingaXStreamHandlerwith an instance ofXStreamfor deserialization without any type filtering which could lead to Remote Code Execution whendeserializingXML payloads. An...

8.1CVSS9.1AI score0.99461EPSS
Exploits23
Broadcom
Broadcom
•added 2017/09/08 12:0 a.m.•10 views

BSA-2017-429

Security Advisory ID : BSA-2017-429 Component : Struts REST Revision : 2.0: Interim A flaw was found in the Struts REST plugin when using an outdatedXStreamlibrary. An attacker could perform a denial of service attack using a malicious request with specially crafted XML payload. Affected Products...

7.5CVSS6.6AI score0.0902EPSS
Exploits0
Broadcom
Broadcom
•added 2017/09/08 12:0 a.m.•9 views

BSA-2017-428

Security Advisory ID : BSA-2017-428 Component : Apache Struts Revision : 2.0: Interim The previous fix issued with CVE-2017-7672 was incomplete. If an application allows enter an URL in a form field and built-inURLValidatoris used, it is possible to prepare a special URL which will be used to...

7.5CVSS6.9AI score0.09362EPSS
Exploits23
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•6 views

BSA-2017-408

Security Advisory ID : BSA-2017-408 Component : Java Revision : 2.0: Interim Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit:...

8.3CVSS8.6AI score0.03524EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•7 views

BSA-2017-404

Security Advisory ID : BSA-2017-404 Component : Java Revision : 2.0: Interim Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit:...

8.3CVSS8AI score0.03117EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•7 views

BSA-2017-398

Security Advisory ID : BSA-2017-398 Component : Java Revision : 2.0: Interim Vulnerability in the Java SE component of Oracle Java SE subcomponent: Deployment. Supported versions that are affected are Java SE: 7u141 and 8u131. Difficult to exploit vulnerability allows physical access to compromis...

7.1CVSS7.9AI score0.0063EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•7 views

BSA-2017-410

Security Advisory ID : BSA-2017-410 Component : Java Revision : 2.0: Interim Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable...

9.6CVSS8.4AI score0.02555EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•7 views

BSA-2017-420

Security Advisory ID : BSA-2017-420 Component : Java Revision : 2.0: Interim Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit:...

5.3CVSS7.3AI score0.03114EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•6 views

BSA-2017-418

Security Advisory ID : BSA-2017-418 Component : Java Revision : 2.0: Interim Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: 2D. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14...

5.3CVSS7.2AI score0.0345EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•6 views

BSA-2017-421

Security Advisory ID : BSA-2017-421 Component : Java Revision : 2.0: Interim Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JCE. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14...

5.9CVSS7.5AI score0.02598EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•7 views

BSA-2017-413

Security Advisory ID : BSA-2017-413 Component : Java Revision : 2.0: Interim Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit...

9.6CVSS6.4AI score0.02415EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•7 views

BSA-2017-417

Security Advisory ID : BSA-2017-417 Component : Java Revision : 2.0: Interim Vulnerability in the Java SE component of Oracle Java SE subcomponent: Deployment. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacke...

4.3CVSS6.9AI score0.01913EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•6 views

BSA-2017-415

Security Advisory ID : BSA-2017-415 Component : Java Revision : 2.0: Interim Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit...

3.1CVSS6.4AI score0.02224EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•8 views

BSA-2017-407

Security Advisory ID : BSA-2017-407 Component : Java Revision : 2.0: Interim Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable...

9.6CVSS8.4AI score0.02555EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•6 views

BSA-2017-399

Security Advisory ID : BSA-2017-399 Component : Java Revision : 2.0: Interim Vulnerability in the Java SE component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Difficult to exploit vulnerability allows unauthenticated attacke...

7.5CVSS7.8AI score0.03236EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•7 views

BSA-2017-409

Security Advisory ID : BSA-2017-409 Component : Java Revision : 2.0: Interim Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: RMI. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit...

9CVSS8.7AI score0.02971EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•8 views

BSA-2017-406

Security Advisory ID : BSA-2017-406 Component : Java Revision : 2.0: Interim Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable...

9.6CVSS8.4AI score0.02555EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•6 views

BSA-2017-416

Security Advisory ID : BSA-2017-416 Component : Java Revision : 2.0: Interim Vulnerability in the Java SE component of Oracle Java SE subcomponent: Deployment. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacke...

4.3CVSS6.9AI score0.0222EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•8 views

BSA-2017-414

Security Advisory ID : BSA-2017-414 Component : Java Revision : 2.0: Interim Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit...

9.6CVSS6.4AI score0.02132EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•9 views

BSA-2017-382

Security Advisory ID : BSA-2017-382 Component : gSOAP Revision : 2.0: Interim Integer overflow in the soapget function in Genivia gSOAP 2.7.x and 2.8.x before 2.8.48, as used on Axis cameras and other devices, allows remote attackers to execute arbitrary code or cause a denial of service...

8.1CVSS8.2AI score0.21894EPSS
Exploits2
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•6 views

BSA-2017-419

Security Advisory ID : BSA-2017-419 Component : Java Revision : 2.0: Interim Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit:...

5.3CVSS7.2AI score0.03114EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•8 views

BSA-2017-383

Security Advisory ID : BSA-2017-383 Component : OpenSSL Revision : 2.0: Interim The signing function in crypto/ecdsa/ecdsaossl.c in certain OpenSSL versions and forks is vulnerable to timing attacks when signing with the standardized elliptic curve P-256 despite featuring constant-time curve...

5.5CVSS9.2AI score0.00594EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•7 views

BSA-2017-412

Security Advisory ID : BSA-2017-412 Component : Java Revision : 2.0: Interim Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit...

9.6CVSS6.4AI score0.02555EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•8 views

BSA-2017-375

Security Advisory ID : BSA-2017-375 Component : NFS Revision : 3.0: Final The NFS2/3 RPC client could send long arguments to the NFS server. These encoded arguments are stored in an array of memory pages, and accessed using pointer variables. Arbitrarily long arguments could make these pointers...

7.8CVSS6.9AI score0.05905EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•6 views

BSA-2017-353

Security Advisory ID : BSA-2017-353 Component : Linux Kernel Revision : 3.0: Interim The IPv6 DCCP implementation in the Linux kernel mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue t...

7.8CVSS7.2AI score0.01372EPSS
Exploits5
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•18 views

BSA-2017-355

Security Advisory ID : BSA-2017-355 Component : Stack Revision : 2.0: Interim A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap or different memory region and stack memory regions were adjacent to each other, an attacker could use this flaw to ju...

7.8CVSS9.3AI score0.02733EPSS
Exploits14
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•7 views

BSA-2017-360

Security Advisory ID : BSA-2017-360 Component : Linux Kernel Revision : 2.0: Interim The offset2lib patch as used by the Linux Kernel contains a vulnerability, if RLIMITSTACK is set to RLIMITINFINITY and 1 Gigabyte of memory is allocated the maximum under the 1/4 restriction then the stack will b...

7.8CVSS6.6AI score0.00899EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•10 views

BSA-2017-372

Security Advisory ID : BSA-2017-372 Component : RedHat Jboss EAP Revision : 2.0: Interim Red Hat JBoss Enterprise Application Platform EAP 7, when operating as a reverse-proxy with default buffer sizes, allows remote attackers to cause a denial of service CPU and disk consumption via a long URL...

7.1CVSS7AI score0.0248EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•7 views

BSA-2017-370

Security Advisory ID : BSA-2017-370 Component : Systemd Revision : 2.0: Interim In systemd through 233, certain sizes passed to dnspacketnew in systemd-resolved can cause it to allocate a buffer that's too small. A malicious DNS server can exploit this via a response with a specially crafted TCP...

7.5CVSS7.2AI score0.55116EPSS
Exploits1
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•8 views

BSA-2017-352

Security Advisory ID : BSA-2017-352 Component : Linux Kernel Revision : 3.0: Interim The sctpv6createacceptsk function in net/sctp/ipv6.c in the Linux kernel mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system...

7.8CVSS7.2AI score0.01372EPSS
Exploits5
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•7 views

BSA-2017-423

Security Advisory ID : BSA-2017-423 Component : Kernel Revision : 2.0: Interim Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service list corruption or use-after-free via simultaneous file-descriptor operations that...

7.6CVSS6.6AI score0.13378EPSS
Exploits3
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•10 views

BSA-2017-424

Security Advisory ID : BSA-2017-424 Component : Kernel Revision : 3.0: Interim The sanitycheckrawsuper function in fs/f2fs/super.c in the Linux kernel before 4.11.1 does not validate the segment count, which allows local users to gain privileges via unspecified vectors kernel: Missing sanity chec...

7.8CVSS6.9AI score0.00465EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•7 views

BSA-2017-358

Security Advisory ID : BSA-2017-358 Component : Offset2lib Patch Protection Bypass Revision : 2.0: Interim The offset2lib patch as used in the Linux Kernel contains a vulnerability that allows a PIE binary to beexecve'edwith 1GB of arguments or environmental strings then the stack occupies the...

7.8CVSS6.7AI score0.02253EPSS
Exploits6
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•7 views

BSA-2017-359

Security Advisory ID : BSA-2017-359 Component : Kernel Revision : 2.0: Interim The offset2lib patch as used by the Linux Kernel contains a vulnerability, if RLIMITSTACK is set to RLIMITINFINITY and 1 Gigabyte of memory is allocated the maximum under the 1/4 restriction then the stack will be grow...

7.8CVSS6.6AI score0.02428EPSS
Exploits6
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•9 views

BSA-2017-374

Security Advisory ID : BSA-2017-374 Component : Linux Kernel Revision : 2.0: Interim The doanonymouspage function in mm/memory.c in the Linux kernel before 2.6.27.52, 2.6.32.x before 2.6.32.19, 2.6.34.x before 2.6.34.4, and 2.6.35.x before 2.6.35.2 does not properly separate the stack and the hea...

7.2CVSS7.5AI score0.00716EPSS
Exploits1
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•7 views

BSA-2017-351

Security Advisory ID : BSA-2017-351 Component : Linux Kernel Revision : 3.0: Interim Theinetcskclonelockfunction in net/ipv4/inetconnectionsock.cin the Linux kernel allows attackers to cause a denial of service double free or possibly have unspecified other impact by leveraging use of the accept...

7.8CVSS7.1AI score0.01372EPSS
Exploits5
Total number of security vulnerabilities879