Export limit exceeded: 353032 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (655 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-4338 | 1 Broadcom | 1 Raid Controller Web Interface | 2025-11-04 | 9.8 Critical |
| Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not provide X-Content-Type-Options Headers | ||||
| CVE-2023-4337 | 1 Broadcom | 1 Raid Controller Web Interface | 2025-11-04 | 9.8 Critical |
| Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation | ||||
| CVE-2023-4336 | 1 Broadcom | 1 Raid Controller Web Interface | 2025-11-04 | 9.8 Critical |
| Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard cookies with Secure attribute | ||||
| CVE-2023-4334 | 1 Broadcom | 1 Raid Controller Web Interface | 2025-11-04 | 7.5 High |
| Broadcom RAID Controller Web server (nginx) is serving private files without any authentication | ||||
| CVE-2023-4333 | 2 Broadcom, Microsoft | 2 Raid Controller Web Interface, Windows | 2025-11-04 | 5.5 Medium |
| Broadcom RAID Controller web interface doesn’t enforce SSL cipher ordering by server | ||||
| CVE-2023-4332 | 2 Broadcom, Intel | 3 Lsi Storage Authority, Raid Controller Web Interface, Raid Web Console 3 | 2025-11-04 | 7.5 High |
| Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file | ||||
| CVE-2023-4331 | 2 Broadcom, Intel | 3 Lsi Storage Authority, Raid Controller Web Interface, Raid Web Console 3 | 2025-11-04 | 7.5 High |
| Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that support obsolete and vulnerable TLS protocols | ||||
| CVE-2023-4329 | 2 Broadcom, Intel | 3 Lsi Storage Authority, Raid Controller Web Interface, Raid Web Console 3 | 2025-11-04 | 9.8 Critical |
| Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard SESSIONID cookie with SameSite attribute | ||||
| CVE-2023-4328 | 2 Broadcom, Linux | 2 Raid Controller Web Interface, Linux Kernel | 2025-11-04 | 5.5 Medium |
| Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Windows | ||||
| CVE-2023-4327 | 2 Broadcom, Linux | 2 Raid Controller Web Interface, Linux Kernel | 2025-11-04 | 5.5 Medium |
| Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux | ||||
| CVE-2023-4326 | 1 Broadcom | 2 Lsi Storage Authority, Raid Controller Web Interface | 2025-11-04 | 7.5 High |
| Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that supports obsolete SHA1-based ciphersuites | ||||
| CVE-2023-4325 | 2 Broadcom, Intel | 3 Lsi Storage Authority, Raid Controller Web Interface, Raid Web Console 3 | 2025-11-04 | 9.8 Critical |
| Broadcom RAID Controller web interface is vulnerable due to usage of Libcurl with LSA has known vulnerabilities | ||||
| CVE-2023-4324 | 2 Broadcom, Intel | 3 Lsi Storage Authority, Raid Controller Web Interface, Raid Web Console 3 | 2025-11-04 | 9.8 Critical |
| Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers | ||||
| CVE-2023-4323 | 1 Broadcom | 1 Raid Controller Web Interface | 2025-11-04 | 9.8 Critical |
| Broadcom RAID Controller web interface is vulnerable to improper session management of active sessions on Gateway setup | ||||
| CVE-2024-38812 | 2 Broadcom, Vmware | 4 Vmware Cloud Foundation, Vmware Vcenter Server, Cloud Foundation and 1 more | 2025-10-31 | 9.8 Critical |
| The vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution. | ||||
| CVE-2024-38813 | 2 Broadcom, Vmware | 4 Vmware Center Server, Vmware Cloud Foundation, Cloud Foundation and 1 more | 2025-10-31 | 7.5 High |
| The vCenter Server contains a privilege escalation vulnerability. A malicious actor with network access to vCenter Server may trigger this vulnerability to escalate privileges to root by sending a specially crafted network packet. | ||||
| CVE-2021-40438 | 11 Apache, Broadcom, Debian and 8 more | 45 Http Server, Brocade Fabric Operating System Firmware, Debian Linux and 42 more | 2025-10-27 | 9 Critical |
| A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier. | ||||
| CVE-2025-51006 | 2 Appneta, Broadcom | 2 Tcpreplay, Tcpreplay | 2025-10-14 | 7.8 High |
| Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the dlt_linuxsll2_cleanup() function in plugins/dlt_linuxsll2/linuxsll2.c. This vulnerability is triggered when tcpedit_dlt_cleanup() indirectly invokes the cleanup routine multiple times on the same memory region. By supplying a specifically crafted pcap file to the tcprewrite binary, a local attacker can exploit this flaw to cause a Denial of Service (DoS) via memory corruption. | ||||
| CVE-2025-9649 | 2 Appneta, Broadcom | 2 Tcpreplay, Tcpreplay | 2025-10-09 | 3.3 Low |
| A security vulnerability has been detected in appneta tcpreplay 4.5.1. Impacted is the function calc_sleep_time of the file send_packets.c. Such manipulation leads to divide by zero. An attack has to be approached locally. The exploit has been disclosed publicly and may be used. Upgrading to version 4.5.3-beta3 is recommended to address this issue. It is advisable to upgrade the affected component. The vendor confirms in a GitHub issue reply: "Was able to reproduce in 6fcbf03 but NOT 4.5.3-beta3." | ||||
| CVE-2025-51005 | 2 Appneta, Broadcom | 2 Tcpreplay, Tcpreplay | 2025-10-08 | 7.5 High |
| A heap-buffer-overflow vulnerability exists in the tcpliveplay utility of the tcpreplay-4.5.1. When a crafted pcap file is processed, the program incorrectly handles memory in the checksum calculation logic at do_checksum_math_liveplay in tcpliveplay.c, leading to a possible denial of service. | ||||