Search Results (666 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-1329 2 Broadcom, Computer Associates 3 Desktop Management Suite, Arcserve Backup Laptops And Desktops, Desktop Management Suite 2026-04-23 N/A
Unspecified vulnerability in the NetBackup service in CA ARCserve Backup for Laptops and Desktops r11.0 through r11.5, and Suite 11.1 and 11.2, allows remote attackers to execute arbitrary commands, related to "insufficient verification of file uploads."
CVE-2008-2241 2 Broadcom, Ca 4 Brightstor Arcserve Backup, Server Protection Suite, Brightstor Arcserve Backup and 1 more 2026-04-23 N/A
Directory traversal vulnerability in caloggerd in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allows remote attackers to append arbitrary data to arbitrary files via directory traversal sequences in unspecified input fields, which are used in log messages. NOTE: this can be leveraged for code execution in many installation environments by writing to a startup file or configuration file.
CVE-2006-5142 1 Broadcom 1 Brightstor Arcserve Backup 2026-04-23 N/A
Stack-based buffer overflow in CA BrightStor ARCserve Backup R11.5 client and server allows remote attackers to execute arbitrary code via long messages to the CheyenneDS Mailslot.
CVE-2007-1005 2 Broadcom, Ca 2 Etrust Intrusion Detection, Etrust Intrusion Detection 2026-04-23 N/A
Heap-based buffer overflow in SW3eng.exe in the eID Engine service in CA (formerly Computer Associates) eTrust Intrusion Detection 3.0.5.57 and earlier allows remote attackers to cause a denial of service (application crash) via a long key length value to the remote administration port (9191/tcp).
CVE-2006-6905 1 Broadcom 1 Widcomm Bluetooth 2026-04-23 N/A
Unspecified vulnerability in the Widcomm Bluetooth stack allows remote attackers to gain administrative access (aka Remote Root) via unspecified vectors.
CVE-2009-2705 2 Broadcom, Sun 2 Siteminder, J2ee 2026-04-23 N/A
CA SiteMinder allows remote attackers to bypass cross-site scripting (XSS) protections for J2EE applications via a request containing non-canonical, "overlong Unicode" in place of blacklisted characters.
CVE-2008-2242 2 Broadcom, Ca 2 Brightstor Arcserve Backup, Brightstor Arcserve Backup 2026-04-23 N/A
Multiple buffer overflows in xdr functions in the server in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allow remote attackers to execute arbitrary code, as demonstrated by a stack-based buffer overflow via a long parameter to the xdr_rwsstring function.
CVE-2007-0672 2 Broadcom, Ca 5 Brightstor Arcserve Backup Laptops Desktops, Business Protection Suite, Desktop Management Suite and 2 more 2026-04-23 N/A
LGSERVER.EXE in BrightStor Mobile Backup 4.0 allows remote attackers to cause a denial of service (disk consumption and daemon hang) via a value of 0xFFFFFF7F at a certain point in an authentication negotiation packet, which writes a large amount of data to a .USX file in CA_BABLDdata\Server\data\transfer\.
CVE-2008-1984 1 Broadcom 1 Secure Content Manager 2026-04-23 N/A
The eTrust Common Services (Transport) Daemon (eCSqdmn) in CA Secure Content Manager 8.0.28000.511 and earlier allows remote attackers to cause a denial of service (crash or CPU consumption) via a malformed packet to TCP port 1882.
CVE-2008-1979 1 Broadcom 1 Brightstor Arcserve Backup 2026-04-23 N/A
The Discovery Service (casdscvc) in CA ARCserve Backup 12.0.5454.0 and earlier allows remote attackers to cause a denial of service (crash) via a packet with a large integer value used in an increment to TCP port 41523, which triggers a buffer over-read.
CVE-2008-4397 2 Broadcom, Ca 5 Arcserve Backup, Business Protection Suite, Server Protection Suite and 2 more 2026-04-23 N/A
Directory traversal vulnerability in the RPC interface (asdbapi.dll) in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to execute arbitrary commands via a .. (dot dot) in an RPC call with opnum 0x10A.
CVE-2007-2863 2 Broadcom, Ca 6 Anti-virus For The Enterprise, Brightstor Arcserve Backup, Brightstor Enterprise Backup and 3 more 2026-04-23 N/A
Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a long filename in a .CAB file.
CVE-2008-4400 2 Broadcom, Ca 5 Arcserve Backup, Business Protection Suite, Server Protection Suite and 2 more 2026-04-23 N/A
Unspecified vulnerability in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash of multiple services) via crafted authentication credentials, related to "insufficient validation."
CVE-2007-5082 1 Broadcom 1 Brightstor Hierarchical Storage Manager 2026-04-23 N/A
Multiple stack-based buffer overflows in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary code via unspecified CsAgent service commands with certain opcodes, related to missing validation of a length parameter.
CVE-2007-5325 1 Broadcom 2 Brightstor Arcserve Backup, Brightstor Enterprise Backup 2026-04-23 N/A
Multiple buffer overflows in (1) the Message Engine and (2) AScore.dll in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allow remote attackers to execute arbitrary code via unspecified vectors.
CVE-2014-0160 13 Broadcom, Canonical, Debian and 10 more 37 Symantec Messaging Gateway, Ubuntu Linux, Debian Linux and 34 more 2026-04-21 7.5 High
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.
CVE-2026-0383 2 Broadcom, Brocade 2 Fabric Operating System, Fabric Os 2026-04-18 7.8 High
A vulnerability in Brocade Fabric OS could allow an authenticated, local attacker with privileges to access the Bash shell to access insecurely stored file contents including the history command.
CVE-2026-0869 2 Broadcom, Brocade 2 Brocade Active Support Connectivity Gateway, Ascg 2026-04-16 8.8 High
Authentication bypass in Brocade ASCG 3.4.0 Could allow an unauthorized user to perform ASCG operations related to Brocade Support Link(BSL) and streaming configuration. and could even disable the ASCG application or disable use of BSL data collection on Brocade switches within the fabric.
CVE-2006-4901 1 Broadcom 4 Etrust Audit Client, Etrust Audit Datatools, Etrust Audit Policy Manager and 1 more 2026-04-16 N/A
Computer Associates (CA) eTrust Security Command Center 1.0 and r8 up to SP1 CR2, and eTrust Audit 1.5 and r8, allows remote attackers to spoof alerts and conduct replay attacks by invoking eTSAPISend.exe with the desired arguments.
CVE-2006-4899 1 Broadcom 1 Etrust Security Command Center 2026-04-16 N/A
The ePPIServlet script in Computer Associates (CA) eTrust Security Command Center 1.0 and r8 up to SP1 CR2, when running on Windows, allows remote attackers to obtain the web server path via a "'" (single quote) in the PIProfile function, which leaks the path in an error message.