The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Broadcom Content and Malware Analysis

Apache httpd: information disclosure via URL Normalization Consecutive Slashes
An attacker can bypass access restrictions to data via URL Normalization Consecutive Slashes of Apache httpd, in order to obtain sensitive information...
CERTFR-2019-AVI-141, cpuapr2020, CVE-2019-0220, DLA-1748-1, DSA-4422-1, FEDORA-2019-a4ed7400f4, HPESBUX03950, ibm10880413, ibm10883380, ibm10885680, openSUSE-SU-2019:1190-1, openSUSE-SU-2019:1209-1, openSUSE-SU-2019:1258-1, RHSA-2019:2343-01, RHSA-2019:3436-01, RHSA-2019:4126-01, SUSE-SU-2019:0873-1, SUSE-SU-2019:0878-1, SUSE-SU-2019:0888-1, SUSE-SU-2019:0888-2, SUSE-SU-2019:0889-1, SYMSA16056, USN-3937-1, VIGILANCE-VUL-28917
Apache httpd: privilege escalation via Scoreboard
An attacker can bypass restrictions via Scoreboard of Apache httpd, in order to escalate his privileges...
CERTFR-2019-AVI-141, cpuapr2020, cpujul2019, CVE-2019-0211, DSA-4422-1, FEDORA-2019-a4ed7400f4, HPESBUX03950, ibm10880413, ibm10885680, JSA11023, openSUSE-SU-2019:1190-1, openSUSE-SU-2019:1209-1, openSUSE-SU-2019:1258-1, RHSA-2019:0746-01, SSA:2019-096-01, SUSE-SU-2019:0873-1, SUSE-SU-2019:0878-1, SUSE-SU-2019:0888-1, SUSE-SU-2019:0888-2, SUSE-SU-2019:0889-1, SYMSA16056, Synology-SA-19:14, USN-3937-1, VIGILANCE-VUL-28914
OpenSSL 1.0.2: information disclosure via 0-byte Record Padding Oracle
An attacker can bypass access restrictions to data via 0-byte Record Padding Oracle of OpenSSL 1.0.2, in order to obtain sensitive information...
1170328, bulletinapr2019, bulletinjul2019, CERTFR-2019-AVI-080, CERTFR-2019-AVI-132, CERTFR-2019-AVI-214, CERTFR-2019-AVI-325, cpuapr2019, cpujan2020, cpujul2019, cpuoct2019, CVE-2019-1559, DLA-1701-1, DSA-2019-201, DSA-2020-062, DSA-2020-072, DSA-4400-1, FEDORA-2019-00c25b9379, ibm10876638, ibm10886237, ibm10886659, JSA10949, JSA10993, JSA11074, openSUSE-SU-2019:1076-1, openSUSE-SU-2019:1105-1, openSUSE-SU-2019:1173-1, openSUSE-SU-2019:1175-1, openSUSE-SU-2019:1432-1, openSUSE-SU-2019:1637-1, PAN-SA-2019-0039, RHBUG-1683804, RHBUG-1683807, RHSA-2019:2304-01, RHSA-2019:2471-01, SB10282, SSA:2019-057-01, SSB-439005, STORM-2019-001, SUSE-SU-2019:0572-1, SUSE-SU-2019:0600-1, SUSE-SU-2019:0658-1, SUSE-SU-2019:0803-1, SUSE-SU-2019:0818-1, SUSE-SU-2019:1362-1, SUSE-SU-2019:14091-1, SUSE-SU-2019:14092-1, SUSE-SU-2019:1553-1, SUSE-SU-2019:1608-1, SYMSA1490, TNS-2019-02, USN-3899-1, VIGILANCE-VUL-28600
OpenSSL: information disclosure via ECC Scalar Multiplication
On an Intel processor (VIGILANCE-VUL-27667), an attacker can measure the execution time of the ECC Scalar Multiplication of OpenSSL, in order to obtain the used key...
bulletinjan2019, CERTFR-2018-AVI-607, CERTFR-2019-AVI-242, cpuapr2019, cpuapr2020, cpujan2019, cpujan2020, cpujul2019, CVE-2018-5407, DLA-1586-1, DSA-2019-197, DSA-2020-030, DSA-4348-1, DSA-4355-1, ibm10794537, ibm10875298, ibm10886313, K49711130, openSUSE-SU-2018:3903-1, openSUSE-SU-2018:4050-1, openSUSE-SU-2018:4104-1, openSUSE-SU-2019:0088-1, openSUSE-SU-2019:0234-1, RHSA-2019:0483-01, RHSA-2019:2125-01, SSA:2018-325-01, SUSE-SU-2018:3864-1, SUSE-SU-2018:3864-2, SUSE-SU-2018:3866-1, SUSE-SU-2018:3964-1, SUSE-SU-2018:3989-1, SUSE-SU-2018:4001-1, SUSE-SU-2018:4068-1, SUSE-SU-2018:4274-1, SUSE-SU-2019:0117-1, SUSE-SU-2019:0395-1, SUSE-SU-2019:1553-1, SYMSA1490, TNS-2018-16, TNS-2018-17, USN-3840-1, VIGILANCE-VUL-27760
OpenSSL: information disclosure via ECDSA Signature Generation
An attacker can bypass access restrictions to data via ECDSA Signature Generation of OpenSSL, in order to obtain sensitive information...
bulletinjan2019, cpuapr2019, cpujan2020, cpujul2019, CVE-2018-0735, DLA-1586-1, DSA-4348-1, ibm10794537, openSUSE-SU-2018:3890-1, RHSA-2019:3700-01, SUSE-SU-2018:3863-1, SYMSA1490, USN-3840-1, VIGILANCE-VUL-27631
Apache Tomcat: open redirect via Directory Redirect
An attacker can deceive the user via Directory Redirect of Apache Tomcat, in order to redirect him to a malicious site...
bulletinoct2018, CERTFR-2020-AVI-278, cpuapr2019, cpuapr2020, cpujan2020, cpuoct2019, CVE-2018-11784, DLA-1544-1, DLA-1545-1, DSA-4596-1, FEDORA-2018-b18f9dd65b, FEDORA-2018-b89746cb9b, HPESBUX04015, ibm10874888, NTAP-20181014-0002, openSUSE-SU-2018:3453-1, openSUSE-SU-2018:4042-1, openSUSE-SU-2019:0084-1, openSUSE-SU-2019:1547-1, openSUSE-SU-2019:1814-1, RHSA-2019:0130-01, RHSA-2019:0131-01, RHSA-2019:0485-01, RHSA-2019:1529-01, SB10257, SB10264, SUSE-SU-2018:3261-1, SUSE-SU-2018:3388-1, SUSE-SU-2018:3393-1, SUSE-SU-2018:3935-1, SUSE-SU-2018:3968-1, SYMSA1765, USN-3787-1, VIGILANCE-VUL-27396
Apache Tomcat Native: privilege escalation via Revoked Client Certificates
An attacker can bypass restrictions via Revoked Client Certificates of Apache Tomcat Native, in order to escalate his privileges...
CVE-2018-8020, DLA-1475-1, RHSA-2018:2469-01, RHSA-2018:2470-01, SUSE-SU-2019:14014-1, SYMSA1463, VIGILANCE-VUL-27026
Apache Tomcat Native: privilege escalation via Revoked Client Certificates
An attacker can bypass restrictions via Revoked Client Certificates of Apache Tomcat Native, in order to escalate his privileges...
CVE-2018-8019, DLA-1475-1, RHSA-2018:2469-01, RHSA-2018:2470-01, SUSE-SU-2019:14014-1, SYMSA1463, VIGILANCE-VUL-27025
OpenSSH: information disclosure via Username Enumeration
An attacker can bypass access restrictions to data via Username Enumeration of OpenSSH, in order to obtain sensitive information...
1170352, bulletinjan2019, CERTFR-2018-AVI-410, CERTFR-2020-AVI-259, CTX272237, CVE-2018-15473, DLA-1474-1, DSA-2019-131, DSA-4280-1, FEDORA-2018-065a7722ee, FEDORA-2018-f56ded11c4, NTAP-20181101-0001, openSUSE-SU-2018:3801-1, openSUSE-SU-2018:3946-1, RHSA-2019:0711-01, RHSA-2019:2143-01, SB10267, SSB-439005, SUSE-SU-2018:3540-1, SUSE-SU-2018:3686-1, SUSE-SU-2018:3768-1, SUSE-SU-2018:3776-1, SUSE-SU-2018:3781-1, SUSE-SU-2018:3910-1, SYMSA1469, USN-3809-1, VIGILANCE-VUL-27016
Linux kernel: denial of service via FragmentSmack
An attacker can generate a fatal error via FragmentSmack of the Linux kernel, in order to trigger a denial of service...
ADV180022, CERTFR-2018-AVI-390, CERTFR-2018-AVI-392, CERTFR-2018-AVI-419, CERTFR-2018-AVI-457, CERTFR-2018-AVI-478, CERTFR-2018-AVI-533, CERTFR-2019-AVI-233, CERTFR-2019-AVI-242, CERTFR-2020-AVI-207, cisco-sa-20180824-linux-ip-fragment, CVE-2018-5391, DLA-1466-1, DLA-1529-1, DSA-2019-062, DSA-4272-1, FragmentSmack, JSA10917, K74374841, openSUSE-SU-2018:2404-1, openSUSE-SU-2018:2407-1, openSUSE-SU-2019:0274-1, PAN-SA-2018-0012, RHSA-2018:2785-01, RHSA-2018:2791-01, RHSA-2018:2846-01, RHSA-2018:2924-01, RHSA-2018:2925-01, RHSA-2018:2933-01, RHSA-2018:2948-01, RHSA-2018:3083-01, RHSA-2018:3096-01, RHSA-2018:3459-01, RHSA-2018:3540-01, RHSA-2018:3586-01, RHSA-2018:3590-01, sk134253, SSA-377115, SUSE-SU-2018:2344-1, SUSE-SU-2018:2374-1, SUSE-SU-2018:2380-1, SUSE-SU-2018:2381-1, SUSE-SU-2018:2596-1, SUSE-SU-2019:0541-1, SUSE-SU-2019:1289-1, SYMSA1467, Synology-SA-18:44, USN-3740-1, USN-3740-2, USN-3741-1, USN-3741-2, USN-3741-3, USN-3742-1, USN-3742-2, USN-3742-3, VIGILANCE-VUL-27009, VU#641765
Our database contains other pages. You can request a free trial to read them.

Display information about Broadcom Content and Malware Analysis: