Search Results (666 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0998 2 Broadcom, Ca 4 Unicenter Remote Control, Unicenter Remote Control Option, Controlit and 1 more 2026-04-16 N/A
Unknown "potential system security vulnerability" in Computer Associates (CA) Unicenter Remote Control 5.0 through 5.2, and ControlIT 5.0 and 5.1, may allow attackers to gain privileges to the local system account.
CVE-2024-36457 1 Broadcom 1 Symantec Privileged Access Management 2026-04-15 N/A
The vulnerability allows an attacker to bypass the authentication requirements for a specific PAM endpoint.
CVE-2024-38492 1 Broadcom 1 Symantec Privileged Access Management 2026-04-15 N/A
This vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file.
CVE-2025-32089 2 Broadcom, Dell 2 Bcm5820x, Controlvault3 2026-04-15 8.8 High
A buffer overflow vulnerability exists in the CvManager_SBI functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted ControlVault API call can lead to a arbitrary code execution. An attacker can issue an api call to trigger this vulnerability.
CVE-2025-13919 2 Broadcom, Symantec 2 Symantec Endpoint Protection, Endpoint Protection 2026-04-15 4.4 Medium
Symantec Endpoint Protection, prior to 14.3 RU10 Patch 1, RU9 Patch 2, and RU8 Patch 3, may be susceptible to a COM Hijacking vulnerability, which is a type of issue whereby an attacker attempts to establish persistence and evade detection by hijacking COM references in the Windows Registry.
CVE-2025-24502 1 Broadcom 1 Symantec Privileged Access Management 2026-04-15 N/A
An improper session validation allows an unauthenticated attacker to cause certain request notifications to be executed in the context of an incorrect user by spoofing the client IP address.
CVE-2025-36460 3 Broadcom, Dell, Microsoft 3 Bcm5820x, Controllvault3, Windows 2026-04-15 7.3 High
Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An attacker can issue an api call to trigger this vulnerability. This vulnerability is triggered when submitting a `WinBioControlUnit` call to the StorageAdapter with the ControlCode 2 (`WBIO_USH_GET_IDENTITY`) with an improper `ReceiveBuferSize` value.
CVE-2024-36459 1 Broadcom 1 Symantec Siteminder 2026-04-15 N/A
A CRLF cross-site scripting vulnerability has been identified in certain configurations of the SiteMinder Web Agent for IIS Web Server and SiteMinder Web Agent for Domino Web Server. As a result, an attacker can execute arbitrary Javascript code in a client browser.
CVE-2025-24504 1 Broadcom 1 Symantec Privileged Access Management 2026-04-15 N/A
An improper input validation the CSRF filter results in unsanitized user input written to the application logs.
CVE-2025-36462 2 Broadcom, Dell 2 Bcm5820x, Controlvault3 2026-04-15 7.3 High
Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An attacker can issue an api call to trigger this vulnerability. This vulnerability is triggered when submitting a `WinBioControlUnit` call to the StorageAdapter with the ControlCode 3 (`WBIO_USH_CREATE_CHALLENGE`) with an invalid `ReceiveBuferSize`.
CVE-2024-36455 1 Broadcom 1 Symantec Privileged Access Management 2026-04-15 N/A
An improper input validation allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by sending a specially crafted HTTP request.
CVE-2024-36458 1 Broadcom 1 Symantec Privileged Access Management 2026-04-15 N/A
The vulnerability allows a malicious low-privileged PAM user to perform server upgrade related actions.
CVE-2024-36456 1 Broadcom 1 Symantec Privileged Access Management 2026-04-15 N/A
This vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file.
CVE-2025-36461 2 Broadcom, Dell 2 Bcm5820x, Controlvault3 2026-04-15 7.3 High
Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An attacker can issue an api call to trigger this vulnerability. This vulnerability is triggered when submitting a `WinBioControlUnit` call to the StorageAdapter with the ControlCode 0 (`WBIO_USH_GET_TEMPLATE`) and with either and an invalid `ReceiveBuferSize` and/or an invalid `SendBufferSize`.
CVE-2025-36553 2 Broadcom, Dell 2 Bcm5820x, Controlvault3 2026-04-15 8.8 High
A buffer overflow vulnerability exists in the CvManager functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted ControlVault API call can lead to memory corruption. An attacker can issue an api call to trigger this vulnerability.
CVE-2025-24501 1 Broadcom 1 Symantec Privileged Access Management 2026-04-15 N/A
An improper input validation allows an unauthenticated attacker to alter PAM logs by sending a specially crafted HTTP request.
CVE-2025-31361 2 Broadcom, Dell 2 Bcm5820x, Controlvault3 2026-04-15 8.7 High
A privilege escalation vulnerability exists in the ControlVault WBDI Driver WBIO_USH_ADD_RECORD functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to privilege escalation. An attacker can issue an api call to trigger this vulnerability.
CVE-2024-38494 1 Broadcom 1 Symantec Privileged Access Management 2026-04-15 N/A
This vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by sending a specially crafted HTTP request.
CVE-2025-13917 2 Broadcom, Symantec 2 Web Security Services Agent, Web Security 2026-04-15 7 High
WSS Agent, prior to 9.8.5, may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
CVE-2025-31649 2 Broadcom, Dell 2 Bcm5820x, Controlvault3 2026-04-15 8.7 High
A hard-coded password vulnerability exists in the ControlVault WBDI Driver functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted ControlVault API call can lead to execute priviledged operation. An attacker can issue an api call to trigger this vulnerability.