Filtered by vendor Emc
Subscriptions
Total
414 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-6852 | 1 Emc | 1 Secure Remote Services | 2025-04-12 | N/A |
| Directory traversal vulnerability in the API in EMC Secure Remote Services Virtual Edition 3.x before 3.10 allows remote authenticated users to read log files via a crafted parameter. | ||||
| CVE-2012-2290 | 1 Emc | 1 Networker Module For Microsoft Applications | 2025-04-11 | N/A |
| The client in EMC NetWorker Module for Microsoft Applications (NMM) 2.2.1, 2.3 before build 122, and 2.4 before build 375 allows remote attackers to execute arbitrary code by sending a crafted message over a TCP communication channel. | ||||
| CVE-2011-0442 | 1 Emc | 1 Avamar | 2025-04-11 | N/A |
| The service utility in EMC Avamar 5.x before 5.0.4 uses cleartext to transmit event details in (1) service requests and (2) e-mail messages, which might allow remote attackers to obtain sensitive information by sniffing the network. | ||||
| CVE-2013-3271 | 1 Emc | 1 Rsa Authentication Agent | 2025-04-11 | N/A |
| EMC RSA Authentication Agent for PAM 7.0 before 7.0.2.1 enforces the maximum number of login attempts within the PAM-enabled application codebase, instead of within the Agent codebase, which makes it easier for remote attackers to discover correct login credentials via a brute-force attack. | ||||
| CVE-2013-3273 | 2 Emc, Rsa | 2 Rsa Authentication Manager, Authentication Manager | 2025-04-11 | N/A |
| EMC RSA Authentication Manager 8.0 before P2 and 7.1 before SP4 P26, as used in Appliance 3.0, does not omit the cleartext administrative password from trace logging in custom SDK applications, which allows local users to obtain sensitive information by reading the trace log file. | ||||
| CVE-2013-3274 | 1 Emc | 2 Avamar Server, Avamar Server Virtual Edition | 2025-04-11 | N/A |
| EMC Avamar Server and Avamar Virtual Edition before 7.0 on Data Store Gen3, Gen4, and Gen4s platforms do not properly determine authorization for calls to Java RMI methods, which allows remote authenticated users to execute arbitrary code via unspecified vectors. | ||||
| CVE-2013-3277 | 1 Emc | 1 Rsa Archer Egrc | 2025-04-11 | N/A |
| Open redirect vulnerability in EMC RSA Archer GRC 5.x before 5.4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | ||||
| CVE-2013-3286 | 1 Emc | 1 Documentum Eroom | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum eRoom before 7.4.4 P11 allow remote attackers to inject arbitrary web script or HTML via a crafted URL. | ||||
| CVE-2013-3288 | 1 Emc | 1 Rsa Data Protection Manager Appliance | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability on the EMC RSA Data Protection Manager (DPM) appliance 3.2.x before 3.2.4.2 and 3.5.x before 3.5.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | ||||
| CVE-2013-0935 | 1 Emc | 1 Smarts Network Configuration Manager | 2025-04-11 | N/A |
| EMC Smarts Network Configuration Manager (NCM) before 9.2 does not require authentication for all Java RMI method calls, which allows remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2013-0943 | 1 Emc | 1 Networker | 2025-04-11 | N/A |
| EMC NetWorker 7.6.x and 8.x before 8.1 allows local users to obtain sensitive configuration information by leveraging operating-system privileges to perform decryption with nsradmin. | ||||
| CVE-2013-6181 | 1 Emc | 1 Watch4net | 2025-04-11 | N/A |
| EMC Watch4Net before 6.3 stores cleartext polled-device passwords in the installation repository, which allows local users to obtain sensitive information by leveraging repository privileges. | ||||
| CVE-2011-1740 | 1 Emc | 1 Avamar | 2025-04-11 | N/A |
| EMC Avamar 4.x, 5.0.x, and 6.0.x before 6.0.0-592 allows remote authenticated users to modify client data or obtain sensitive information about product activities by leveraging privileged access to a different domain. | ||||
| CVE-2011-1742 | 1 Emc | 1 Data Protection Advisor | 2025-04-11 | N/A |
| EMC Data Protection Advisor before 5.8.1 places cleartext account credentials in the DPA configuration file in unspecified circumstances, which might allow local users to obtain sensitive information by reading this file. | ||||
| CVE-2011-1744 | 1 Emc | 1 Captiva Einput | 2025-04-11 | N/A |
| EMC Captiva eInput 2.1.1 before 2.1.1.37 does not restrict the origin of calls to ActiveX functions, which allows remote attackers to read arbitrary files or cause a denial of service via a crafted web site. | ||||
| CVE-2013-3276 | 1 Emc | 1 Rsa Archer Egrc | 2025-04-11 | N/A |
| EMC RSA Archer GRC 5.x before 5.4 allows remote authenticated users to bypass intended access restrictions and complete a login by leveraging a deactivated account. | ||||
| CVE-2010-2633 | 1 Emc | 4 Disk Library, Disk Library 4100, Disk Library 4200 and 1 more | 2025-04-11 | N/A |
| Unspecified vulnerability in EMC Disk Library (EDL) before 3.2.7, 3.3.x before 3.3.2 epatch 8, and 4.0.x before 4.0.1 epatch 4 allows remote attackers to cause a denial of service (communication-module crash) by sending a crafted message through TCP. | ||||
| CVE-2011-1422 | 1 Emc | 1 Rsa Adaptive Authentication On-premise | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in an unspecified Shockwave Flash file in EMC RSA Adaptive Authentication On-Premise (AAOP) 2.x, 5.7.x, and 6.x allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2011-1424 | 3 Emc, Ibm, Microsoft | 4 Sourceone Email Management, Lotus Domino, Lotus Notes and 1 more | 2025-04-11 | N/A |
| The default configuration of ExShortcut\Web.config in EMC SourceOne Email Management before 6.6 SP1, when the Mobile Services component is used, does not properly set the localOnly attribute of the trace element, which allows remote authenticated users to obtain sensitive information via ASP.NET Application Tracing. | ||||
| CVE-2011-1420 | 2 Emc, Oracle | 2 Data Protection Advisor Collector, Solaris Sparc | 2025-04-11 | N/A |
| EMC Data Protection Advisor Collector 5.7 and 5.7.1 on Solaris SPARC platforms uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors. | ||||