Filtered by vendor Broadcom
Subscribe
Total
444 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-2863 | 2 Broadcom, Ca | 6 Anti-virus For The Enterprise, Brightstor Arcserve Backup, Brightstor Enterprise Backup and 3 more | 2021-04-08 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a long filename in a .CAB file. | |||||
| CVE-2005-4150 | 1 Broadcom | 1 Cleverpath Portal | 2021-04-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the portal login page in Computer Associates CleverPath 4.7 allows remote attackers to execute Javascript via unknown vectors. | |||||
| CVE-2007-2230 | 1 Broadcom | 1 Cleverpath Portal | 2021-04-07 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in CA Clever Path Portal allows remote authenticated users to execute limited SQL commands and retrieve arbitrary database contents via (1) the ofinterest parameter in a light search query, (2) description parameter in the advanced search query, and possibly other vectors. | |||||
| CVE-2006-6641 | 5 Arcserve, Broadcom, Cleverpath and 2 more | 11 Brightstor, Cleverpath Portal, Aion Bpm and 8 more | 2021-04-07 | 7.5 HIGH | N/A |
| Unspecified vulnerability in CA CleverPath Portal before maintenance version 4.71.001_179_060830, as used in multiple products including BrightStor Portal r11.1, CleverPath Aion BPM r10 through r10.2, eTrust Security Command Center r1 and r8, and Unicenter, does not properly handle when multiple Portal servers are started at the same time and share the same data store, which might cause a Portal user to inherit the session and credentials of a user who is on another Portal server. | |||||
| CVE-2001-0382 | 1 Broadcom | 1 Ccc Harvest | 2021-04-07 | 7.5 HIGH | N/A |
| Computer Associates CCC\Harvest 5.0 for Windows NT/2000 uses weak encryption for passwords, which allows a remote attacker to gain privileges on the application. | |||||
| CVE-2007-0169 | 1 Broadcom | 3 Brightstor Arcserve Backup, Brightstor Enterprise Backup, Business Protection Suite | 2021-04-07 | 7.5 HIGH | N/A |
| Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Server/Business Protection Suite r2 allow remote attackers to execute arbitrary code via RPC requests with crafted data for opnums (1) 0x2F and (2) 0x75 in the (a) Message Engine RPC service, or opnum (3) 0xCF in the Tape Engine service. | |||||
| CVE-2007-0168 | 1 Broadcom | 3 Brightstor Arcserve Backup, Brightstor Enterprise Backup, Business Protection Suite | 2021-04-07 | 7.5 HIGH | N/A |
| The Tape Engine service in Computer Associates (CA) BrightStor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Server/Business Protection Suite r2 allows remote attackers to execute arbitrary code via certain data in opnum 0xBF in an RPC request, which is directly executed. | |||||
| CVE-2007-3216 | 1 Broadcom | 1 Brightstor Arcserve Backup Laptops Desktops | 2021-04-07 | 10.0 HIGH | N/A |
| Multiple buffer overflows in the LGServer component of CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.1 allow remote attackers to execute arbitrary code via crafted arguments to the (1) rxsAddNewUser, (2) rxsSetUserInfo, (3) rxsRenameUser, (4) rxsSetMessageLogSettings, (5) rxsExportData, (6) rxsSetServerOptions, (7) rxsRenameFile, (8) rxsACIManageSend, (9) rxsExportUser, (10) rxsImportUser, (11) rxsMoveUserData, (12) rxsUseLicenseIni, (13) rxsLicGetSiteId, (14) rxsGetLogFileNames, (15) rxsGetBackupLog, (16) rxsBackupComplete, (17) rxsSetDataProtectionSecurityData, (18) rxsSetDefaultConfigName, (19) rxsGetMessageLogSettings, (20) rxsHWDiskGetTotal, (21) rxsHWDiskGetFree, (22) rxsGetSubDirs, (23) rxsGetServerDBPathName, (24) rxsSetServerOptions, (25) rxsDeleteFile, (26) rxsACIManageSend, (27) rxcReadBackupSetList, (28) rxcWriteConfigInfo, (29) rxcSetAssetManagement, (30) rxcWriteFileListForRestore, (31) rxcReadSaveSetProfile, (32) rxcInitSaveSetProfile, (33) rxcAddSaveSetNextAppList, (34) rxcAddSaveSetNextFilesPathList, (35) rxcAddNextBackupSetIncWildCard, (36) rxcGetRevisions, (37) rxrAddMovedUser, (38) rxrSetClientVersion, or (39) rxsSetDataGrowthScheduleAndFilter commands. | |||||
| CVE-2005-1272 | 2 Broadcom, Ca | 4 Brightstor Enterprise Backup, Brightstor Arcserve Backup, Brightstor Arcserve Backup Agent and 1 more | 2021-04-07 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the Backup Agent for Microsoft SQL Server in BrightStor ARCserve Backup Agent for SQL Server 11.0 allows remote attackers to execute arbitrary code via a long string sent to port (1) 6070 or (2) 6050. | |||||
| CVE-2007-3825 | 2 Broadcom, Ca | 8 Alert Notification Server, Brightstor Arcserve Backup, Brightstor Enterprise Backup and 5 more | 2021-04-07 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in the RPC implementation in alert.exe before 8.0.255.0 in CA (formerly Computer Associates) Alert Notification Server, as used in Threat Manager for the Enterprise, Protection Suites, certain BrightStor ARCserve products, and BrightStor Enterprise Backup, allow remote attackers to execute arbitrary code by sending certain data to unspecified RPC procedures. | |||||
| CVE-2007-5328 | 1 Broadcom | 2 Brightstor Arcserve Backup, Brightstor Enterprise Backup | 2021-04-07 | 10.0 HIGH | N/A |
| The Message Engine RPC service in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows attackers to execute arbitrary code by using certain "insecure method calls" to modify the file system and registry, aka "Privileged function exposure." | |||||
| CVE-2007-5327 | 1 Broadcom | 2 Brightstor Arcserve Backup, Brightstor Enterprise Backup | 2021-04-07 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the RPC interface for the Message Engine (mediasvr.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a long argument in the 0x10d opnum. | |||||
| CVE-2007-5330 | 1 Broadcom | 2 Brightstor Arcserve Backup, Brightstor Enterprise Backup | 2021-04-07 | 10.0 HIGH | N/A |
| The cadbd RPC service in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to (1) execute arbitrary code via stack-based buffer overflows in unspecified RPC procedures, and (2) trigger memory corruption related to the use of "handle" RPC arguments as pointers. | |||||
| CVE-2007-5083 | 1 Broadcom | 1 Brightstor Hierarchical Storage Manager | 2021-04-07 | 10.0 HIGH | N/A |
| Multiple integer overflows in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary code via unspecified CsAgent service commands that trigger a heap-based buffer overflow. | |||||
| CVE-2007-5332 | 1 Broadcom | 2 Brightstor Arcserve Backup, Brightstor Enterprise Backup | 2021-04-07 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in (1) mediasvr and (2) caloggerd in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, have unknown impact and attack vectors related to memory corruption. | |||||
| CVE-2006-5171 | 2 Broadcom, Ca | 3 Brightstor Arcserve Backup, Brightstor Enterprise Backup, Protection Suites | 2021-04-07 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the RPC interface in Mediasvr.exe in Computer Associates (CA) Brightstor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Protection Suites r2 allows remote attackers to execute arbitrary code via crafted SUNRPC packets, aka the "Mediasvr.exe Overflow," a different vulnerability than CVE-2006-5172. | |||||
| CVE-2007-5082 | 1 Broadcom | 1 Brightstor Hierarchical Storage Manager | 2021-04-07 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary code via unspecified CsAgent service commands with certain opcodes, related to missing validation of a length parameter. | |||||
| CVE-2007-5325 | 1 Broadcom | 2 Brightstor Arcserve Backup, Brightstor Enterprise Backup | 2021-04-07 | 10.0 HIGH | N/A |
| Multiple buffer overflows in (1) the Message Engine and (2) AScore.dll in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allow remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2006-5172 | 2 Broadcom, Ca | 3 Brightstor Arcserve Backup, Brightstor Enterprise Backup, Protection Suites | 2021-04-07 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the RPC interface in Mediasvr.exe in Computer Associates (CA) Brightstor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Protection Suites r2 allows remote attackers to execute arbitrary code via crafted SUNRPC packets, aka the "Mediasvr.exe String Handling Overflow," a different vulnerability than CVE-2006-5171. | |||||
| CVE-2007-5084 | 1 Broadcom | 1 Brightstor Hierarchical Storage Manager | 2021-04-07 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary SQL commands via CsAgent service commands with opcodes (1) 0x07, (2) 0x08, (3) 0x09, (4) 0x1E, (5) 0x32, (6) 0x36, (7) 0x40, and possibly others. | |||||