Search Results (666 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-3225 1 Broadcom 2 Etrust Antivirus, Etrust Antivirus Iris Engine 2026-04-16 N/A
Multiple interpretation error in unspecified versions of (1) eTrust-Iris and (2) eTrust-Vet Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.
CVE-2005-3190 1 Broadcom 1 Igateway 2026-04-16 N/A
Buffer overflow in Computer Associates (CA) iGateway 3.0 and 4.0 before 4.0.050623, when running in debug mode, allows remote attackers to execute arbitrary code via HTTP GET requests.
CVE-2005-1272 2 Broadcom, Ca 4 Brightstor Enterprise Backup, Brightstor Arcserve Backup, Brightstor Arcserve Backup Agent and 1 more 2026-04-16 N/A
Stack-based buffer overflow in the Backup Agent for Microsoft SQL Server in BrightStor ARCserve Backup Agent for SQL Server 11.0 allows remote attackers to execute arbitrary code via a long string sent to port (1) 6070 or (2) 6050.
CVE-2001-0382 1 Broadcom 1 Ccc Harvest 2026-04-16 N/A
Computer Associates CCC\Harvest 5.0 for Windows NT/2000 uses weak encryption for passwords, which allows a remote attacker to gain privileges on the application.
CVE-2006-3977 1 Broadcom 1 Etrust Antivirus Webscan 2026-04-16 N/A
Unspecified vulnerability in CA eTrust Antivirus WebScan before 1.1.0.1048 has unknown impact and remote attackers related to "improper processing of outdated WebScan components."
CVE-2005-2204 1 Broadcom 1 Etrust Siteminder 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Computer Associates (CA) eTrust SiteMinder 5.5, when the "CSSChecking" parameter is set to "NO," allows remote attackers to inject arbitrary web script or HTML via the (1) PASSWORD or (2) BUFFER parameters to smpwservicescgi.exe, (3) the TARGET parameter to login.fcc, and possibly other vectors.
CVE-2005-0642 1 Broadcom 1 Unicenter Asset Management 2026-04-16 N/A
SQL injection vulnerability in the Query Designer for Computer Associates (CA) Unicenter Asset Management (UAM) 4.0 allows remote attackers to execute arbitrary SQL via an imported file.
CVE-2006-3223 1 Broadcom 3 Etrust Antivirus, Etrust Pestpatrol, Integrated Threat Management 2026-04-16 N/A
Format string vulnerability in CA Integrated Threat Management (ITM), eTrust Antivirus (eAV), and eTrust PestPatrol (ePP) r8 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a scan job with format strings in the description field.
CVE-2005-0641 1 Broadcom 1 Unicenter Asset Management 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the Reporter for Computer Associates (CA) Unicenter Asset Management (UAM) 4.0 allows remote attackers to inject arbitrary HTML or web script via the (1) name or (2) description in a report template.
CVE-2002-2285 1 Broadcom 1 Inoculateit 2026-04-16 N/A
eTrust InoculateIT 6.0 with the "Incremental Scan" option enabled may certify that a file is free of viruses before the file has been completely downloaded, which allows remote attackers to bypass virus detection.
CVE-2005-0640 1 Broadcom 1 Unicenter Asset Management 2026-04-16 N/A
Computer Associates (CA) Unicenter Asset Management (UAM) 4.0 does not properly initialize the "Change Credentials for Database" window, which allows local users to recover the SQL Admin password via certain methods.
CVE-2005-0583 1 Broadcom 1 License Software 2026-04-16 N/A
Directory traversal vulnerability in Computer Associates (CA) License Client 0.1.0.15 allows remote attackers to create arbitrary files via .. (dot dot) sequences in a PUTOLF request.
CVE-2004-1663 5 Broadcom, Brocade, Engenio and 2 more 6 Fabric Operating System, Silkworm, Silkworm Fiber Channel Switch and 3 more 2026-04-16 N/A
Engenio/LSI Logic storage controllers, as used in products such as Storagetek D280, and IBM DS4100 (formerly FastT 100) and Brocade SilkWorm Switches, allow remote attackers to cause a denial of service (freeze and possible data corruption) via crafted TCP packets.
CVE-1999-1368 1 Broadcom 1 Inoculateit 2026-04-16 N/A
AV Option for MS Exchange Server option for InoculateIT 4.53, and possibly other versions, only scans the Inbox folder tree of a Microsoft Exchange server, which could allow viruses to escape detection if a user's rules cause the message to be moved to a different mailbox.
CVE-1999-0355 1 Broadcom 1 Controlit 2026-04-16 N/A
Local or remote users can force ControlIT 4.5 to reboot or force a user to log out, resulting in a denial of service.
CVE-2005-0581 1 Broadcom 1 License Software 2026-04-16 N/A
Multiple buffer overflows in Computer Associates (CA) License Client and Server 0.1.0.15 allow remote attackers to execute arbitrary code via (1) certain long fields in the Checksum item in a GCR request, (2) a long IP address, hostname, or netmask values in a GCR request, (3) a long last parameter in a GETCONFIG packet, or (4) long values in a request with an invalid format.
CVE-2001-0959 2 Broadcom, Ca 3 Arcserve Backup, Arcserve Backup 2000, Arcserve Backup 2000 2026-04-16 N/A
Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 creates a hidden share named ARCSERVE$, which allows remote attackers to obtain sensitive information and overwrite critical files.
CVE-2003-0998 2 Broadcom, Ca 4 Unicenter Remote Control, Unicenter Remote Control Option, Controlit and 1 more 2026-04-16 N/A
Unknown "potential system security vulnerability" in Computer Associates (CA) Unicenter Remote Control 5.0 through 5.2, and ControlIT 5.0 and 5.1, may allow attackers to gain privileges to the local system account.
CVE-2004-2436 1 Broadcom 3 Common Services, Unicenter Network And Systems Management, Unicenter Serviceplus Service Desk 2026-04-16 N/A
Computer Associates Unicenter Common Services 3.0 and earlier stores the database "SA" password in cleartext in the TndAddNspTmp.bat file, which could allow local users to gain privileges.
CVE-2006-4899 1 Broadcom 1 Etrust Security Command Center 2026-04-16 N/A
The ePPIServlet script in Computer Associates (CA) eTrust Security Command Center 1.0 and r8 up to SP1 CR2, when running on Windows, allows remote attackers to obtain the web server path via a "'" (single quote) in the PIProfile function, which leaks the path in an error message.