Vulnerabilities (CVE)

Filtered by vendor Broadcom Subscribe
Total 511 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2012-0691 1 Broadcom 1 License Software 2024-02-28 7.2 HIGH N/A
CA License (aka CA Licensing) before 1.90.03 does not properly restrict system commands, which allows local users to gain privileges via unspecified vectors.
CVE-2012-1662 2 Broadcom, Microsoft 2 Arcserve Backup, Windows 2024-02-28 5.0 MEDIUM N/A
CA ARCserve Backup r12.0 through SP2, r12.5 before SP2, r15 through SP1, and r16 before SP1 on Windows allows remote attackers to cause a denial of service (service shutdown) via a crafted network request.
CVE-2012-0692 1 Broadcom 1 License Software 2024-02-28 7.2 HIGH N/A
CA License (aka CA Licensing) before 1.90.03 allows local users to modify or create arbitrary files, and consequently gain privileges, via unspecified vectors.
CVE-2011-1719 1 Broadcom 1 Output Management Web Viewer 2024-02-28 9.3 HIGH N/A
Multiple stack-based buffer overflows in the Web Viewer ActiveX controls in CA Output Management Web Viewer 11.0 and 11.5 allow remote attackers to execute arbitrary code via (1) a long SRC property value to the PPSViewer ActiveX control in PPSView.ocx before 1.0.0.7 or (2) a long Title property value to the UOMWV_Helper ActiveX control in UOMWV_HelperActiveX.ocx before 11.5.0.1.
CVE-2011-2667 2 Broadcom, Ca 2 Total Defense, Gateway Security 2024-02-28 10.0 HIGH N/A
Icihttp.exe in CA Gateway Security for HTTP, as used in CA Gateway Security 8.1 before 8.1.0.69 and CA Total Defense r12, does not properly parse URLs, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and daemon crash) via a malformed request.
CVE-2011-1654 1 Broadcom 1 Total Defense 2024-02-28 7.5 HIGH N/A
Directory traversal vulnerability in the Heartbeat Web Service in CA.Itm.Server.ManagementWS.dll in the Management Server in CA Total Defense (TD) r12 before SE2 allows remote attackers to execute arbitrary code via directory traversal sequences in the GUID parameter in an upload request to FileUploadHandler.ashx.
CVE-2011-1718 2 Broadcom, Ca 2 Siteminder, Siteminder 2024-02-28 4.3 MEDIUM N/A
The Web Agents component in CA SiteMinder R6 before SP6 CR2 and R12 before SP3 CR2 does not properly handle multi-line headers, which allows remote authenticated users to conduct impersonation attacks and gain privileges via crafted data.
CVE-2011-3849 1 Broadcom 1 Directory 2024-02-28 5.0 MEDIUM N/A
Unspecified vulnerability in dxserver before 6279 in CA Directory 8.1 and CA Directory r12 before SP7 CR1 allows remote attackers to cause a denial of service (daemon crash) via a crafted SNMP packet.
CVE-2011-4503 2 Broadcom, Sitecom 2 Broadcom Linux, Wl-111 2024-02-28 7.5 HIGH N/A
The UPnP IGD implementation in Broadcom Linux on the Sitecom WL-111 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability.
CVE-2011-1653 1 Broadcom 1 Total Defense 2024-02-28 10.0 HIGH N/A
Multiple SQL injection vulnerabilities in the Unified Network Control (UNC) Server in CA Total Defense (TD) r12 before SE2 allow remote attackers to execute arbitrary SQL commands via vectors involving the (1) UnAssignFunctionalRoles, (2) UnassignAdminRoles, (3) DeleteFilter, (4) NonAssignedUserList, (5) DeleteReportLayout, (6) DeleteReports, and (7) RegenerateReport stored procedures.
CVE-2010-0104 2 Broadcom, Hp 16 Broadcom, Compaq 6005 Pro Microtower Pc, Compaq 6005 Small Form Factor Pc and 13 more 2024-02-28 10.0 HIGH N/A
Unspecified vulnerability in the Broadcom Integrated NIC Management Firmware 1.x before 1.40.0.0 and 8.x before 8.08 on the HP Small Form Factor and Microtower platforms allows remote attackers to execute arbitrary code via unknown vectors.
CVE-2011-1655 1 Broadcom 1 Total Defense 2024-02-28 7.5 HIGH N/A
The management.asmx module in the Management Web Service in the Unified Network Control (UNC) Server in CA Total Defense (TD) r12 before SE2 sends a cleartext response to unspecified getDBConfigSettings requests, which makes it easier for remote attackers to obtain database credentials, and subsequently execute arbitrary code, by sniffing the network, related to the UNCWS Web Service.
CVE-2009-2705 2 Broadcom, Sun 2 Siteminder, J2ee 2024-02-28 4.3 MEDIUM N/A
CA SiteMinder allows remote attackers to bypass cross-site scripting (XSS) protections for J2EE applications via a request containing non-canonical, "overlong Unicode" in place of blacklisted characters.
CVE-2008-4400 2 Broadcom, Ca 5 Arcserve Backup, Business Protection Suite, Server Protection Suite and 2 more 2024-02-28 5.0 MEDIUM N/A
Unspecified vulnerability in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash of multiple services) via crafted authentication credentials, related to "insufficient validation."
CVE-2008-5415 3 Broadcom, Ca, Microsoft 3 Arcserve Backup, Arcserve Backup, Windows 2024-02-28 10.0 HIGH N/A
The LDBserver service in the server in CA ARCserve Backup 11.1 through 12.0 on Windows allows remote attackers to execute arbitrary code via a handle_t argument to an RPC endpoint in which the argument refers to an incompatible procedure.
CVE-2007-4620 2 Broadcom, Ca 4 Anti-virus For The Enterprise, Brightstor Arcserve Backup, Brightstor Arcserve Backup and 1 more 2024-02-28 9.0 HIGH N/A
Multiple stack-based buffer overflows in Computer Associates (CA) Alert Notification Service (Alert.exe) 8.1.586.0, 8.0.450.0, and 7.1.758.0, as used in multiple CA products including Anti-Virus for the Enterprise 7.1 through r11.1 and Threat Manager for the Enterprise 8.1 and r8, allow remote authenticated users to execute arbitrary code via crafted RPC requests.
CVE-2008-1979 1 Broadcom 1 Brightstor Arcserve Backup 2024-02-28 5.0 MEDIUM N/A
The Discovery Service (casdscvc) in CA ARCserve Backup 12.0.5454.0 and earlier allows remote attackers to cause a denial of service (crash) via a packet with a large integer value used in an increment to TCP port 41523, which triggers a buffer over-read.
CVE-2008-1984 1 Broadcom 1 Secure Content Manager 2024-02-28 7.8 HIGH N/A
The eTrust Common Services (Transport) Daemon (eCSqdmn) in CA Secure Content Manager 8.0.28000.511 and earlier allows remote attackers to cause a denial of service (crash or CPU consumption) via a malformed packet to TCP port 1882.
CVE-2008-4397 2 Broadcom, Ca 5 Arcserve Backup, Business Protection Suite, Server Protection Suite and 2 more 2024-02-28 10.0 HIGH N/A
Directory traversal vulnerability in the RPC interface (asdbapi.dll) in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to execute arbitrary commands via a .. (dot dot) in an RPC call with opnum 0x10A.
CVE-2008-1328 2 Broadcom, Computer Associates 3 Desktop Management Suite, Arcserve Backup Laptops And Desktops, Desktop Management Suite 2024-02-28 9.3 HIGH N/A
Buffer overflow in the LGServer service in CA ARCserve Backup for Laptops and Desktops r11.0 through r11.5, and Suite 11.1 and 11.2, allows remote attackers to execute arbitrary code via unspecified "command arguments."