broadcom

687 tracked vulnerabilities.

CVE-2026-57221 MEDIUM
RabbitMQ: Passive queue/exchange declaration bypasses authorization checks, leaking queue metadata to unprivileged users
Jul 10, 2026
CVSS 5.0
EPSS 0.00
CVE-2026-57220 HIGH
RabbitMQ Stream Listener < 4.2.6 - Unauthenticated Memory Exhaustion
Jul 10, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-57219 HIGH
RabbitMQ: Unauthenticated disclosure of OAuth client credentials via an HTTP API endpoint with certain less common OAuth 2 configurations
Jul 10, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-57218 MEDIUM
RabbitMQ AMQP 0-9-1 < 4.2.6 - Post-Revocation Message Disclosure
Jul 10, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-57217 MEDIUM
RabbitMQ: Topic authorization can lead to cross-tenant routing-key bypass
Jul 10, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-57216 MEDIUM
RabbitMQ PROXY Protocol Path - Remote Guest Session Authentication Bypass
Jul 10, 2026
CVSS 6.8
EPSS 0.00
CVE-2026-57215 HIGH
RabbitMQ Direct Reply-To - Unauthorized Reply-Channel Injection
Jul 10, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-57214 MEDIUM
RabbitMQ: Stored XSS in RabbitMQ management UI
Jul 10, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-57213 MEDIUM
RabbitMQ: Stored XSS federation management plugin via unsanitized consumer_tag rendering
Jul 10, 2026
CVSS 4.8
EPSS 0.00
CVE-2026-57212 HIGH
RabbitMQ management HTTP API accepts request bodies larger than configured max_http_body_size
Jul 10, 2026
CVSS 7.7
EPSS 0.00
CVE-2026-57211 MEDIUM
RabbitMQ: UNC SSRF affecting the management UI on Windows
Jul 10, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-41708 HIGH
Spring Cloud Sleuth instrumentation of Spring TX DoS vulnerability
Jun 15, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-11626 MEDIUM
Local Privilege Escalation in Symantec Endpoint Protection macOS CleanWipe Removal Tool
Jun 10, 2026
EPSS 0.00
CVE-2026-11815 MEDIUM
Insecure Deserialization via MITM in Layer 7 Policy Manager
Jun 10, 2026
EPSS 0.00
CVE-2026-41721 MEDIUM
Spring Data Commons Denial of Service via Data Binding
Jun 10, 2026
CVSS 5.9
EPSS 0.00
CVE-2026-41716 HIGH
Spring Data web support unbounded negative-result cache keyed on attacker-supplied property names
Jun 10, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-41711 MEDIUM
Spring Data Commons - Potential Denial of Service Through Crafted Sort Parameters
Jun 10, 2026
CVSS 5.9
EPSS 0.00
CVE-2026-41695 HIGH
Denial of Service in Spring Data Commons Property Path Resolution
Jun 10, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-41008 MEDIUM
Spring Security Authorization Server Open Redirect via request_uri
Jun 10, 2026
CVSS 6.1
EPSS 0.00
CVE-2026-44839 MEDIUM
RabbitMQ: Unsanitized vhost names allow for XSS in management UI
May 27, 2026
CVSS 4.8
EPSS 0.00
CVE-2026-44838 HIGH
RabbitMQ MQTT Topic Permission Authorization Bypass
May 27, 2026
CVSS 8.1
EPSS 0.00
CVE-2026-8370 HIGH
Automic Automation Agent Unix privilege escalation
May 19, 2026
EPSS 0.00
CVE-2026-3991 HIGH
Elevation of Privileges in Symantec Data Loss Prevention Windows Endpoint
Mar 30, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-3862 MEDIUM
Broadcom SiteMinder - Cross-Site Scripting
Mar 10, 2026
CVSS 4.8
EPSS 0.00
CVE-2026-0869 HIGH
Brocade Active Support Connectivity Gateway 3.4.0 - Unauthenticated Authentication Bypass
Mar 03, 2026
CVSS 8.8
EPSS 0.00