Lucene search
K
BroadcomRecent

879 matches found

Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•18 views

BSA-2017-355

Security Advisory ID : BSA-2017-355 Component : Stack Revision : 2.0: Interim A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap or different memory region and stack memory regions were adjacent to each other, an attacker could use this flaw to ju...

7.8CVSS9.3AI score0.02733EPSS
Exploits14
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•5 views

BSA-2017-354

Security Advisory ID : BSA-2017-354 Component : Linux Kernel Revision : 3.0: Interim The tcpv6synrecvsock function in net/ipv6/tcpipv6.c in the Linux kernel mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system...

7.8CVSS7.2AI score0.01372EPSS
Exploits5
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•7 views

BSA-2017-351

Security Advisory ID : BSA-2017-351 Component : Linux Kernel Revision : 3.0: Interim Theinetcskclonelockfunction in net/ipv4/inetconnectionsock.cin the Linux kernel allows attackers to cause a denial of service double free or possibly have unspecified other impact by leveraging use of the accept...

7.8CVSS7.1AI score0.01372EPSS
Exploits5
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•7 views

BSA-2017-396

Security Advisory ID : BSA-2017-396 Component : PostgreSQL Revision : 1.0: Interim An authorization flaw was found in the way PostgreSQL handled large objects. A remote authenticated attacker with no privileges on a large object could potentially use this flaw to overwrite the entire content of t...

7.5CVSS6.6AI score0.03517EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•10 views

BSA-2017-365

Security Advisory ID : BSA-2017-365 Component : Apache Revision : 1.0: Interim In Apachehttpd2.2.x before 2.2.33 and 2.4.x before 2.4.26,modmimecan read one byte past the end of a buffer when sending a malicious Content-Type response header. Affected Products Brocade is investigating its product...

9.8CVSS9.6AI score0.39341EPSS
Exploits3
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•5 views

BSA-2017-371

Security Advisory ID : BSA-2017-371 Component : OpenSSH Revision : 1.0: Interim ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows attackers to violate intended policy and gain privileges by causing an ...

7.5CVSS7.1AI score0.02374EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•6 views

BSA-2017-380

Security Advisory ID : BSA-2017-380 Component : OpenVPN Revision : 1.0: Interim OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service due to memory exhaustion caused by memory leaks and double-free issue in extractx509extension. Affected Products Brocade is...

5.9CVSS7AI score0.03855EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•5 views

BSA-2017-362

Security Advisory ID : BSA-2017-362 Component : Apache Revision : 1.0: Interim In Apachehttpd2.2.x before 2.2.33 and 2.4.x before 2.4.26,modsslmay dereference a NULL pointer when third-party modules callaphookprocessconnection during an HTTP request to an HTTPS port. Affected Products Brocade is...

9.8CVSS9.5AI score0.19953EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•8 views

BSA-2017-381

Security Advisory ID : BSA-2017-381 Component : OpenVPN Revision : 1.0: Interim OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service by authenticated remote attacker via sending a certificate with an embedded NULL character. Affected Products Brocade is investigatin...

6.5CVSS6.9AI score0.05539EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•5 views

BSA-2017-395

Security Advisory ID : BSA-2017-395 Component : PostgreSQL Revision : 1.0: Interim An authorization flaw was found in the way PostgreSQL handled access to the pgusermappings view on foreign servers. A remote authenticated attacker could potentially use this flaw to retrieve passwords from the use...

8.8CVSS6.7AI score0.05581EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•8 views

BSA-2017-363

Security Advisory ID : BSA-2017-363 Component : Apache Revision : 1.0: Interim A maliciously constructed HTTP/2 request could cause modhttp2 to dereference a NULL pointer and crash the server process. Affected Products Brocade is investigating its product lines to determine which products may be...

7.5CVSS6.9AI score0.53939EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•8 views

BSA-2017-410

Security Advisory ID : BSA-2017-410 Component : Java Revision : 2.0: Interim Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable...

9.6CVSS8.4AI score0.02555EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•7 views

BSA-2017-404

Security Advisory ID : BSA-2017-404 Component : Java Revision : 2.0: Interim Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit:...

8.3CVSS8AI score0.03117EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•8 views

BSA-2017-407

Security Advisory ID : BSA-2017-407 Component : Java Revision : 2.0: Interim Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable...

9.6CVSS8.4AI score0.02555EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•7 views

BSA-2017-400

Security Advisory ID : BSA-2017-400 Component : Java Revision : 2.0: Interim Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit:...

7.5CVSS8.6AI score0.02737EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•7 views

BSA-2017-401

Security Advisory ID : BSA-2017-401 Component : Java Revision : 2.0: Interim Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit:...

7.5CVSS8AI score0.02972EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•8 views

BSA-2017-416

Security Advisory ID : BSA-2017-416 Component : Java Revision : 2.0: Interim Vulnerability in the Java SE component of Oracle Java SE subcomponent: Deployment. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacke...

4.3CVSS6.9AI score0.0222EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•8 views

BSA-2017-399

Security Advisory ID : BSA-2017-399 Component : Java Revision : 2.0: Interim Vulnerability in the Java SE component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Difficult to exploit vulnerability allows unauthenticated attacke...

7.5CVSS7.8AI score0.03236EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•8 views

BSA-2017-375

Security Advisory ID : BSA-2017-375 Component : NFS Revision : 3.0: Final The NFS2/3 RPC client could send long arguments to the NFS server. These encoded arguments are stored in an array of memory pages, and accessed using pointer variables. Arbitrarily long arguments could make these pointers...

7.8CVSS6.9AI score0.05905EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•6 views

BSA-2017-376

Security Advisory ID : BSA-2017-376 Component : Apache HTTPD Revision : 3.0: Final When under stress, closing many connections, the HTTP/2 handling code in Apache httpd 2.4.26 would sometimes access memory after it has been freed, resulting in potentially erratic behavior...

7.5CVSS7.2AI score0.09507EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•7 views

BSA-2017-364

Security Advisory ID : BSA-2017-364 Component : Apache HTTPD Revision : 2.0: Final The HTTP strict parsing changes added in Apachehttpd2.2.32 and 2.4.24 introduced a bug in token list parsing, which allowsapfindtokento search past the end of its input string. By maliciously crafting a sequence of...

7.5CVSS9.1AI score0.57472EPSS
Exploits1
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•7 views

BSA-2017-361

Security Advisory ID : BSA-2017-361 Component : Apache HTTPD Revision : 2.0: Final In Apachehttpd2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of theapgetbasicauthpw by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed...

9.8CVSS8.6AI score0.20231EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•9 views

BSA-2017-377

Security Advisory ID : BSA-2017-377 Component : Apache HTTPD Revision : 3.0: Final In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in Proxy-Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by...

9.1CVSS9.4AI score0.5677EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•9 views

CVE-2017-10078 - Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Scripting). (BSA-2017-403)

Security Advisory ID: BSA-2017-403 Component: Java Revision : 3.0: Final Vulnerability in the Java SE component of Oracle Java SE subcomponent: Scripting. The supported version that is affected is Java SE: 8u131. Easily exploitable vulnerability allows low-privileged attacker with network access...

8.1CVSS7.9AI score0.02402EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•10 views

BSA-2017-424

Security Advisory ID : BSA-2017-424 Component : Kernel Revision : 3.0: Interim The sanitycheckrawsuper function in fs/f2fs/super.c in the Linux kernel before 4.11.1 does not validate the segment count, which allows local users to gain privileges via unspecified vectors kernel: Missing sanity chec...

7.8CVSS6.9AI score0.00465EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•7 views

BSA-2017-420

Security Advisory ID : BSA-2017-420 Component : Java Revision : 2.0: Interim Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit:...

5.3CVSS7.3AI score0.03114EPSS
Exploits0
Broadcom
Broadcom
•added 2017/08/25 12:0 a.m.•7 views

BSA-2017-408

Security Advisory ID : BSA-2017-408 Component : Java Revision : 2.0: Interim Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit:...

8.3CVSS8.6AI score0.03524EPSS
Exploits0
Broadcom
Broadcom
•added 2017/07/27 12:0 a.m.•11 views

BSA-2017-500

Security Advisory ID : BSA-2017-500 Component : Apache HTTPD Revision : 1.0: Final It was discovered that the modsessioncrypto module of httpd did not use any mechanisms to verify integrity of the encrypted session data stored in the user's browser. A remote attacker could use this flaw to decryp...

7.5CVSS7.7AI score0.49024EPSS
Exploits4
Broadcom
Broadcom
•added 2017/06/23 12:0 a.m.•20 views

BSA-2017-326

Security Advisory ID : BSA-2017-326 Component : Linux Kernel Revision : 2.0: Interim It was found that thepacketsetring function of the Linux kernel's networking implementation did not properly validate certain block-size data. A local attacker with CAPNETRAW capability could use this flaw to...

7.8CVSS8.2AI score0.17827EPSS
Exploits17
Broadcom
Broadcom
•added 2017/06/23 12:0 a.m.•8 views

BSA-2017-342

Security Advisory ID : BSA-2017-342 Component : Freeradius Revision : 2.0: Interim The TLS session cache inFreeRADIUS2.1.1 through 2.1.7, 3.0.x before 3.0.14, 3.1.x before 2017-02-04, and 4.0.x before 2017-02-04 fails to reliably prevent resumption of an unauthenticated session, which allows remo...

9.8CVSS7.3AI score0.03914EPSS
Exploits0
Broadcom
Broadcom
•added 2017/06/23 12:0 a.m.•9 views

BSA-2017-348

Security Advisory ID : BSA-2017-348 Component : StrongSwan Revision : 2.0: Interim A denial-of-service vulnerability in the x509 plugin was discovered instrongSwan. All versions are affected. Incorrect Handling of CHOICE types in ASN.1 parser and x509 plugin ASN.1 CHOICE types are not correctly...

7.5CVSS6.8AI score0.02222EPSS
Exploits0
Broadcom
Broadcom
•added 2017/06/23 12:0 a.m.•17 views

BSA-2017-337

Security Advisory ID : BSA-2017-337 Component : OpenVPN Revision : 2.0: Interim An authenticated client can do the 'three way handshake' PHARDRESET, PHARDRESET, PCONTROL, where the PCONTROL packet is the first that is allowed to carry payload. If that payload is too big, theOpenVPNserver process...

7.5CVSS6.8AI score0.13892EPSS
Exploits2
Broadcom
Broadcom
•added 2017/06/23 12:0 a.m.•17 views

BSA-2017-335

Security Advisory ID : BSA-2017-335 Component : zlib Revision : 2.0: Interim The C standard says that bit shifts of negative integers is undefined. This casts to unsigned values to assure a known result. Affected Products Product| Current Assessment ---|--- Brocade Virtual Web Application Firewal...

8.8CVSS8.9AI score0.05161EPSS
Exploits0
Broadcom
Broadcom
•added 2017/06/23 12:0 a.m.•9 views

BSA-2017-339

Security Advisory ID : BSA-2017-339 Component : OpenVPN Revision : 2.0: Interim An authenticated client can cause the server's the packet-id counter to roll over, which would lead the server process to hit anASSERT and stop running. To make the server hit theASSERT, the client must first cause th...

6.5CVSS6.8AI score0.01867EPSS
Exploits0
Broadcom
Broadcom
•added 2017/06/23 12:0 a.m.•17 views

BSA-2017-336

Security Advisory ID : BSA-2017-336 Component : zlib Revision : 2.0: Interim There was a small optimization for PowerPCs to pre-increment a pointer when accessing a word, instead of post-incrementing. This required prefacing the loop with a decrement of the pointer, possibly pointing before the...

9.8CVSS8.9AI score0.0595EPSS
Exploits0
Broadcom
Broadcom
•added 2017/06/23 12:0 a.m.•14 views

BSA-2017-349

Security Advisory ID : BSA-2017-349 Component : SUDO Revision : 2.0: Interim A flaw was found in the waysudoparsedttyinformation from the process status file in the proc filesystem. A local user with privileges to execute commands viasudocould use this flaw to escalate their privileges to root...

6.9CVSS8.5AI score0.08018EPSS
Exploits8
Broadcom
Broadcom
•added 2017/06/23 12:0 a.m.•6 views

BSA-2017-343

Security Advisory ID : BSA-2017-343 Component : Kernel Revision : 3.0: Final The ip6appenddata function in net/ipv6/ip6output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite ofanskbdata structure may occur, which allows local users to cause a denial of service...

5.5CVSS6.2AI score0.00405EPSS
Exploits0
Broadcom
Broadcom
•added 2017/06/23 12:0 a.m.•7 views

BSA-2017-320

Security Advisory ID : BSA-2017-320 Component : Intel Active Mgmt Technology Revision : 1.0: Interim There is an escalation of privilege vulnerability in Intel® Active Management Technology AMT, Intel® Standard Manageability ISM, and Intel® Small Business Technology versions firmware versions 6.x...

10CVSS9AI score0.92189EPSS
Exploits7
Broadcom
Broadcom
•added 2017/06/23 12:0 a.m.•14 views

BSA-2017-333

Security Advisory ID : BSA-2017-333 Component : zlib Revision : 1.0: Interim inftrees.cinzlib1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. Affected Products Product| Current Assessment ---|--- Brocade Virtual Web Application...

8.8CVSS9.1AI score0.04793EPSS
Exploits0
Broadcom
Broadcom
•added 2017/06/23 12:0 a.m.•7 views

BSA-2017-341

Security Advisory ID : BSA-2017-341 Component : Samba Revision : 1.0: Interim All versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute...

10CVSS8.4AI score0.99448EPSS
Exploits24
Broadcom
Broadcom
•added 2017/06/23 12:0 a.m.•10 views

BSA-2017-319

Security Advisory ID : BSA-2017-319 Component : SSH Revision : 1.0: Interim The SSH protocols 1 and 2 aka SSH-2 as implemented inOpenSSHand other packages have various weaknesses which can allow a remote attacker to obtain the following information via sniffing: 1 password lengths or ranges of...

7.5CVSS7.1AI score0.07032EPSS
Exploits1
Broadcom
Broadcom
•added 2017/06/23 12:0 a.m.•9 views

BSA-2017-316

Security Advisory ID : BSA-2017-316 Component : SNMP Revision : 1.0: Interim In SNMP version 1 & 2 authentication should only accept the value stored in the SNMP agent authentication mechanism. With this vulnerability an attacker can use any value string or integer in order to authenticate the SN...

9.1CVSS7.1AI score0.17534EPSS
Exploits3
Broadcom
Broadcom
•added 2017/06/23 12:0 a.m.•11 views

BSA-2017-318

Security Advisory ID : BSA-2017-318 Component : SSH1 Revision : 1.0: Interim The SSH-1 protocol allows remote servers to conduct man-in-the-middle attacks and replay a client challenge response to a target server by creating a Session ID that matches the Session ID of the target, but which uses a...

7.5CVSS6.9AI score0.06268EPSS
Exploits0
Broadcom
Broadcom
•added 2017/06/23 12:0 a.m.•19 views

BSA-2017-334

Security Advisory ID : BSA-2017-334 Component : zlib Revision : 2.0: Interim An oldinffast.coptimization turns out to not be optimal anymore with modern compilers, and furthermore was not compliant withtheCstandard, for which decrementing a pointer before its allocated memory is undefined. Affect...

9.8CVSS8.9AI score0.07489EPSS
Exploits0
Broadcom
Broadcom
•added 2017/06/23 12:0 a.m.•9 views

BSA-2017-317

Security Advisory ID : BSA-2017-317 Component : Apache Tomcat Revision : 2.0: Interim In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the refactoring of the HTTP connectors introduced a regression in the send file processing. If the send file processing completed quickly, it was...

9.8CVSS8.6AI score0.07752EPSS
Exploits0
Broadcom
Broadcom
•added 2017/06/23 12:0 a.m.•15 views

BSA-2017-321

Security Advisory ID : BSA-2017-321 Component : JAVA SE Revision : 3.0: Final Vulnerability in the Java SE component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121. Difficult to exploit vulnerability allows unauthenticated attacker wi...

8.3CVSS7AI score0.02487EPSS
Exploits0
Broadcom
Broadcom
•added 2017/06/23 12:0 a.m.•15 views

BSA-2017-322

Security Advisory ID : BSA-2017-322 Component : JAVA SE AWT Revision : 3.0: Final Vulnerability in the Java SE component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 7u131 and 8u121. Difficult to exploit vulnerability allows unauthenticated attacker with...

8.3CVSS7AI score0.028EPSS
Exploits0
Broadcom
Broadcom
•added 2017/06/23 12:0 a.m.•14 views

BSA-2017-328

Security Advisory ID : BSA-2017-328 Component : JAVA SE Networking Revision : 3.0: Final Vulnerability in the Java SE, Java SE Embedded,JRockitcomponent of Oracle Java SE subcomponent: Networking. Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded:...

4.3CVSS5.8AI score0.01686EPSS
Exploits0
Broadcom
Broadcom
•added 2017/06/23 12:0 a.m.•18 views

BSA-2017-314

Security Advisory ID : BSA-2017-314 Component : WildFly Revision : 5.0: Final Incomplete blacklist vulnerability in the servlet filter restriction mechanism inWildFlyformerlyJBossApplication Server before 10.0.0.Final on Windows allows remote unauthenticated attackers to read sensitive files...

7.5CVSS6.9AI score0.15572EPSS
Exploits3
Broadcom
Broadcom
•added 2017/06/23 12:0 a.m.•13 views

BSA-2017-330

Security Advisory ID : BSA-2017-330 Component : JAVA SE Networking Revision : 3.0: Final Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Networking. Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121;...

4.3CVSS5.7AI score0.0258EPSS
Exploits0
Total number of security vulnerabilities879