Broadcom Security Vulnerabilities (CVEs)
Track 115 security vulnerabilities affecting Broadcom products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
An information disclosure vulnerability in Brocade SANnav allows authenticated users to access database structure and contents when configured in disa...
Apr 19, 2024CVE-2024-29966 is a vulnerability in Brocade SANnav OVA appliances where hard-coded root credentials are documented, allowing unauthenticated attacker...
Apr 19, 2024This vulnerability in Brocade SANnav management software exposes encrypted switch passwords in support save files from standby nodes. Attackers with a...
Apr 19, 2024This vulnerability affects Brocade SANnav management software versions before v2.3.1 and v2.3.0a. It allows unauthenticated remote attackers to detect...
Apr 19, 2024Brocade SANnav servers configured in Disaster Recovery mode store encryption keys in DR log files, creating an additional attack surface. Attackers wh...
Apr 19, 2024CVE-2024-29950 is a cryptographic vulnerability in Brocade SANnav's FileTransfer class that uses the deprecated ssh-rsa signature scheme with SHA-1 ha...
Apr 17, 2024CVE-2023-38709 is an input validation vulnerability in Apache HTTP Server that allows malicious backend applications or content generators to split HT...
Apr 4, 2024This CVE describes a remote code execution vulnerability in Brocade Fabric OS that allows attackers to execute arbitrary code and gain root access to ...
Apr 4, 2024A buffer overflow vulnerability in Symantec Data Loss Prevention allows remote, unauthenticated attackers to execute arbitrary code by tricking users ...
Jan 26, 2024A critical buffer overflow vulnerability in Symantec Deployment Solution 7.9 allows remote, unauthenticated attackers to execute arbitrary code with S...
Jan 26, 2024A critical buffer overflow vulnerability in Symantec Messaging Gateway allows remote unauthenticated attackers to execute arbitrary code with root pri...
Jan 26, 2024This vulnerability allows local attackers to escalate privileges from medium-integrity processes to SYSTEM via a stack overflow in the Broadcom LSI PC...
Oct 10, 2023This vulnerability allows authenticated privileged users on Brocade Fabric OS switches to cause a segmentation fault (crash) by executing a specific C...
Aug 31, 2023This vulnerability allows remote unauthenticated attackers to bypass authentication and authorization mechanisms in Brocade SANnav's web interface. Af...
Aug 31, 2023This vulnerability exposes FTP/SFTP/SCP server passwords in clear text within SupportSave files when downgrading from Brocade Fabric OS v9.2.0 to earl...
Aug 31, 2023CVE-2023-4329 is a critical vulnerability in Broadcom RAID Controller web interfaces where the SESSIONID cookie lacks SameSite protection due to insec...
Aug 15, 2023Broadcom RAID Controller web interface uses insecure default TLS configurations that support obsolete and vulnerable TLS protocols. This allows attack...
Aug 15, 2023The Broadcom RAID Controller Web server (nginx) exposes private files without requiring authentication. This vulnerability allows unauthorized users t...
Aug 15, 2023CVE-2023-4336 exposes Broadcom RAID Controller web interfaces to session hijacking attacks because HTTP cookies lack the Secure attribute, allowing th...
Aug 15, 2023CVE-2023-4338 is a critical vulnerability in Broadcom RAID Controller web interfaces where insecure HTTP configurations lack X-Content-Type-Options he...
Aug 15, 2023CVE-2023-4340 is a privilege escalation vulnerability in Broadcom RAID Controller software where session information printed in log files can be explo...
Aug 15, 2023CVE-2023-4342 is a vulnerability in Broadcom RAID Controller web interfaces where insecure default configurations lack HTTP Strict Transport Security ...
Aug 15, 2023This vulnerability in Broadcom RAID Controller web interface allows attackers to predict SSL/TLS session keys due to insufficient randomness when esta...
Aug 15, 2023CVE-2023-4323 is a critical vulnerability in Broadcom RAID Controller web interfaces that allows improper session management, potentially enabling att...
Aug 15, 2023This vulnerability affects Broadcom RAID Controller web interfaces using a vulnerable version of Libcurl library. Attackers could potentially execute ...
Aug 15, 2023This vulnerability in Brocade Fabric OS allows local users to overwrite system files using the 'less' command. It affects Brocade SAN switches running...
Aug 2, 2023This vulnerability allows non-privileged users to escalate their privileges to root by manipulating passwords or other variables through specific comm...
Aug 2, 2023This vulnerability allows authenticated local users on Brocade Fabric OS to execute arbitrary commands regardless of their assigned privileges by expl...
Aug 1, 2023This CVE describes a command injection vulnerability in Broadcom's Advanced Secure Gateway and Content Analysis products. Attackers can execute arbitr...
Jun 1, 2023This Server-Side Request Forgery vulnerability in Broadcom's Advanced Secure Gateway and Content Analysis allows attackers to make the vulnerable serv...
Jun 1, 2023A path traversal vulnerability in curl's SFTP implementation allows attackers to bypass path filtering by using specially crafted paths containing til...
Mar 30, 2023A vulnerability in TCPprep v.4.4.3 allows remote attackers to cause denial of service via the cidr2cidr function. This affects systems running vulnera...
Mar 16, 2023A denial-of-service vulnerability in TCPreplay's tcprewrite utility allows remote attackers to crash the application via a crafted packet. This affect...
Mar 16, 2023CVE-2023-27785 is a NULL pointer dereference vulnerability in TCPreplay's tcprep utility that allows remote attackers to cause denial of service throu...
Mar 16, 2023A NULL pointer dereference vulnerability in TCPprep v.4.4.3 allows remote attackers to cause denial of service by sending specially crafted input to t...
Mar 16, 2023This critical vulnerability in Brocade Fabric OS allows remote unauthenticated attackers to execute arbitrary commands on affected switches. Attackers...
Dec 8, 2022This HTTP desync vulnerability in Symantec ASG and ProxySG allows remote unauthenticated attackers to send crafted HTTP requests through the proxy, ca...
Jul 7, 2022Brocade SANnav versions before v2.2.0.2 and v2.1.1.8 store SCP server passwords in log files using only Base64 encoding, which provides no real securi...
Jun 27, 2022CVE-2022-33739 is an XML External Entity (XXE) vulnerability in CA Clarity PPM that allows remote attackers to read arbitrary files on the server. Thi...
Jun 16, 2022CVE-2022-33750 is an authentication bypass vulnerability in CA Automic Automation agents that allows remote attackers to execute arbitrary commands wi...
Jun 16, 2022CVE-2022-33752 is a critical remote code execution vulnerability in CA Automic Automation agents due to insufficient input validation. Attackers can e...
Jun 16, 2022CVE-2022-33754 is a critical remote code execution vulnerability in CA Automic Automation agents due to insufficient input validation. Attackers can e...
Jun 16, 2022CVE-2022-33756 is an entropy weakness vulnerability in CA Automic Automation Engine that could allow remote attackers to potentially access sensitive ...
Jun 16, 2022This vulnerability allows authenticated remote attackers to bypass role-based access controls in Brocade SANNav, enabling unauthorized access to resou...
May 6, 2022This SQL injection vulnerability in Brocade SANnav allows attackers to execute arbitrary SQL commands through multiple Zone management endpoints. It a...
May 6, 2022CVE-2022-28487 is a memory leak vulnerability in Tcpreplay 4.4.1's fix_ipv6_checksums() function that can lead to resource exhaustion and potential da...
May 4, 2022CVE-2022-27416 is a double-free vulnerability in Tcpreplay v4.4.1 that allows attackers to execute arbitrary code or cause denial of service by exploi...
Apr 12, 2022CVE-2022-27940 is a heap-based buffer over-read vulnerability in tcprewrite component of Tcpreplay 4.4.1. This allows attackers to read sensitive memo...
Mar 26, 2022CVE-2022-27942 is a heap-based buffer over-read vulnerability in tcpprep utility of Tcpreplay 4.4.1. This allows attackers to read sensitive memory co...
Mar 26, 2022This Linux kernel vulnerability allows a local unprivileged user to write to file handlers in the cgroups subsystem, potentially leading to system cra...
Mar 23, 2022Why Monitor Broadcom Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 115+ known vulnerabilities affecting Broadcom products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Broadcom packages in under 60 seconds. No agents required - completely agentless scanning that works across Broadcom deployments.
Free vulnerability database: Access detailed information about every Broadcom CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Broadcom CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
