Broadcom Latest High & Critical Vulnerabilities

Latest High & Critical vulnerabilities published by broadcom

JSON RSS CSV

30 January 2025

Boot-Time Compromise Vulnerability in Broadcom Appliances
CVE-2025-24507
BroadcomSymantec Privileged Ac...8.9HIGH
Remote Command Execution Vulnerability in Broadcom PAM Systems
CVE-2025-24505
BroadcomSymantec Privileged Ac...8.8HIGH
Session Fixation Vulnerability in PAM Server by Broadcom
CVE-2025-24503
BroadcomSymantec Privileged Ac...9.3CRITICAL
Unauthenticated Information Disclosure in PAM Database by Broadcom's Software
CVE-2025-24500
BroadcomSymantec Privileged Ac...8.7HIGH

10 October 2023

Local Privilege Escalation Vulnerability in Broadcom LSI Soft Modem Driver
CVE-2023-31096
BroadcomLsi Pci-sv92ex Firmware7.8HIGH

15 August 2023

Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that support obsolete and vulnerable TLS protocols
CVE-2023-4331
BroadcomLsi Storage Authority ...7.5HIGH
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard cookies with Secure attribute
CVE-2023-4336
BroadcomLsi Storage Authority ...9.8CRITICAL
Broadcom RAID Controller Web server (nginx) is serving private files without any authentication
CVE-2023-4334
BroadcomLsi Storage Authority ...7.5HIGH
Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP strict-transport-security policy
CVE-2023-4342
BroadcomLsi Storage Authority ...9.8CRITICAL
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not provide X-Content-Type-Options Headers
CVE-2023-4338
BroadcomLsi Storage Authority ...9.8CRITICAL
Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that supports obsolete SHA1-based ciphersuites
CVE-2023-4326
BroadcomLsi Storage Authority ...7.5HIGH
Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file
CVE-2023-4332
BroadcomLsi Storage Authority ...7.5HIGH
Broadcom RAID Controller web interface is vulnerable due to exposure of sensitive password information in the URL as a URL search parameter
CVE-2023-4343
BroadcomLsi Storage Authority ...7.5HIGH
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard SESSIONID cookie with SameSite attribute
CVE-2023-4329
BroadcomLsi Storage Authority ...9.8CRITICAL
Broadcom RAID Controller is vulnerable to Privilege escalation by taking advantage of the Session prints in the log file
CVE-2023-4340
BroadcomLsi Storage Authority ...9.8CRITICAL
Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation
CVE-2023-4337
BroadcomLsi Storage Authority ...9.8CRITICAL
Broadcom RAID Controller web interface is vulnerable to improper session management of active sessions on Gateway setup
CVE-2023-4323
BroadcomLsi Storage Authority ...9.8CRITICAL
Broadcom RAID Controller web interface is vulnerable to exposure of private keys used for CIM stored with insecure file permissions
CVE-2023-4339
BroadcomLsi Storage Authority ...7.5HIGH
Broadcom RAID Controller Web server (nginx) is serving private server-side files without any authentication on Linux
CVE-2023-4335
BroadcomLsi Storage Authority ...7.5HIGH
Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers
CVE-2023-4324
BroadcomLsi Storage Authority ...9.8CRITICAL
Broadcom RAID Controller web interface is vulnerable due to usage of Libcurl with LSA has known vulnerabilities
CVE-2023-4325
BroadcomLsi Storage Authority ...9.8CRITICAL
Broadcom RAID Controller is vulnerable to Privilege escalation to root due to creation of insecure folders by Web GUI
CVE-2023-4341
BroadcomLsi Storage Authority ...9.8CRITICAL
Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connection
CVE-2023-4344
BroadcomLsi Storage Authority ...9.8CRITICAL

1 June 2023

Elevation of Privilege Vulnerability in Broadcom Advanced Secure Gateway and Content Analysis
CVE-2023-23953
BroadcomAdvanced Secure Gatewa...7.8HIGH
Command Injection Vulnerability in Advanced Secure Gateway by Broadcom
CVE-2023-23952
BroadcomAdvanced Secure Gatewa...9.8CRITICAL

Broadcom Latest High & Critical Vulnerabilities

Vulnerability Published:

Sort By:

30 January 2025

Boot-Time Compromise Vulnerability in Broadcom Appliances

Remote Command Execution Vulnerability in Broadcom PAM Systems

Session Fixation Vulnerability in PAM Server by Broadcom

Unauthenticated Information Disclosure in PAM Database by Broadcom's Software

10 October 2023

Local Privilege Escalation Vulnerability in Broadcom LSI Soft Modem Driver

15 August 2023

Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that support obsolete and vulnerable TLS protocols

Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard cookies with Secure attribute

Broadcom RAID Controller Web server (nginx) is serving private files without any authentication

Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP strict-transport-security policy

Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not provide X-Content-Type-Options Headers

Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that supports obsolete SHA1-based ciphersuites

Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file

Broadcom RAID Controller web interface is vulnerable due to exposure of sensitive password information in the URL as a URL search parameter

Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard SESSIONID cookie with SameSite attribute

Broadcom RAID Controller is vulnerable to Privilege escalation by taking advantage of the Session prints in the log file

Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation

Broadcom RAID Controller web interface is vulnerable to improper session management of active sessions on Gateway setup

Broadcom RAID Controller web interface is vulnerable to exposure of private keys used for CIM stored with insecure file permissions

Broadcom RAID Controller Web server (nginx) is serving private server-side files without any authentication on Linux

Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers

Broadcom RAID Controller web interface is vulnerable due to usage of Libcurl with LSA has known vulnerabilities

Broadcom RAID Controller is vulnerable to Privilege escalation to root due to creation of insecure folders by Web GUI

Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connection

1 June 2023

Elevation of Privilege Vulnerability in Broadcom Advanced Secure Gateway and Content Analysis

Command Injection Vulnerability in Advanced Secure Gateway by Broadcom