Filtered by vendor Emc
Subscriptions
Total
414 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-4611 | 1 Emc | 1 Rsa Adaptive Authentication On-premise | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Adaptive Authentication On-Premise (AAOP) before 7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-3280 | 1 Emc | 1 Rsa Authentication Agent | 2025-04-11 | N/A |
| EMC RSA Authentication Agent 7.1.x before 7.1.2 for Web for Internet Information Services has a fail-open design, which allows remote attackers to bypass intended access restrictions via vectors that trigger an agent crash. | ||||
| CVE-2013-3281 | 1 Emc | 7 Documentum Administrator, Documentum Capital Projects, Documentum Digital Asset Manager and 4 more | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in EMC Documentum Webtop before 6.7 SP2 P07, Documentum WDK before 6.7 SP2 P07, Documentum Taskspace before 6.7 SP2 P07, Documentum Records Manager before 6.7 SP2 P07, Documentum Web Publisher before 6.5 SP7, Documentum Digital Asset Manager before 6.5 SP6, Documentum Administrator before 6.7 SP2 P07, and Documentum Capital Projects before 1.8 P01 allows remote attackers to inject arbitrary web script or HTML via a crafted parameter in a URL. | ||||
| CVE-2009-2754 | 2 Emc, Ibm | 2 Legato Networker, Informix Dynamic Server | 2025-04-11 | N/A |
| Integer signedness error in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), as used in IBM Informix Dynamic Server (IDS) 10.x before 10.00.TC9 and 11.x before 11.10.TC3 and EMC Legato NetWorker, allows remote attackers to execute arbitrary code via a crafted parameter size that triggers a stack-based buffer overflow. | ||||
| CVE-2013-3285 | 1 Emc | 1 Networker | 2025-04-11 | N/A |
| The NetWorker Management Console (NMC) in EMC NetWorker 8.0.x before 8.0.2.3, when using Active Directory/LDAP for authentication, allows remote authenticated users to discover cleartext administrator passwords via (1) unspecified NMC audit reports or (2) requests to RAP resources. | ||||
| CVE-2012-4610 | 1 Emc | 1 Avamar | 2025-04-11 | N/A |
| EMC Avamar Client for VMware 6.1 stores the cleartext server root password on the proxy client, which might allow remote attackers to obtain sensitive information by leveraging "network access" to the proxy client. | ||||
| CVE-2011-1422 | 1 Emc | 1 Rsa Adaptive Authentication On-premise | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in an unspecified Shockwave Flash file in EMC RSA Adaptive Authentication On-Premise (AAOP) 2.x, 5.7.x, and 6.x allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2010-2860 | 1 Emc | 1 Celerra Network Attached Storage | 2025-04-11 | N/A |
| The EMC Celerra Network Attached Storage (NAS) appliance accepts external network traffic to IP addresses intended for an intranet network within the appliance, which allows remote attackers to read, create, or modify arbitrary files in the user data directory via NFS requests. | ||||
| CVE-2011-0647 | 1 Emc | 2 Networker Module, Replication Manager | 2025-04-11 | N/A |
| The irccd.exe service in EMC Replication Manager Client before 5.3 and NetWorker Module for Microsoft Applications 2.1.x and 2.2.x allows remote attackers to execute arbitrary commands via the RunProgram function to TCP port 6542. | ||||
| CVE-2012-4608 | 1 Emc | 1 Rsa Netwitness Informer | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the web interface in EMC RSA NetWitness Informer before 2.0.5.6 allows remote attackers to hijack the authentication of arbitrary users. | ||||
| CVE-2012-4615 | 1 Emc | 1 It Operations Intelligence | 2025-04-11 | N/A |
| EMC Smarts Network Configuration Manager (NCM) before 9.1 uses a hardcoded encryption key for the storage of credentials, which allows local users to obtain sensitive information via unspecified vectors. | ||||
| CVE-2013-0932 | 1 Emc | 2 Rsa Archer Egrc, Rsa Archer Smartsuite | 2025-04-11 | N/A |
| EMC RSA Archer 5.x before GRC 5.3SP1, and Archer Smart Suite Framework 4.x, allows remote authenticated users to bypass intended access restrictions and upload arbitrary files via unspecified vectors. | ||||
| CVE-2013-0933 | 1 Emc | 2 Rsa Archer Egrc, Rsa Archer Smartsuite | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer 5.x before GRC 5.3SP1, and Archer Smart Suite Framework 4.x, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2011-0321 | 1 Emc | 1 Networker | 2025-04-11 | N/A |
| librpc.dll in nsrexecd in EMC NetWorker before 7.5 SP4, 7.5.3.x before 7.5.3.5, and 7.6.x before 7.6.1.2 does not properly mitigate the possibility of a spoofed localhost source IP address, which allows remote attackers to (1) register or (2) unregister RPC services, and consequently cause a denial of service or obtain sensitive information from interprocess communication, via crafted UDP packets containing service commands. | ||||
| CVE-2013-6178 | 1 Emc | 1 Rsa Archer Egrc | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer GRC 5.x before 5.4 SP1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-0934 | 1 Emc | 2 Rsa Archer Egrc, Rsa Archer Smartsuite | 2025-04-11 | N/A |
| EMC RSA Archer 5.x before GRC 5.3SP1, and Archer Smart Suite Framework 4.x, allows remote authenticated users to bypass intended access restrictions and modify global reports via unspecified vectors. | ||||
| CVE-2014-0626 | 2 Dell, Emc | 2 Bsafe Ssl-j, Rsa Bsafe Ssl-j | 2025-04-11 | N/A |
| The (1) JSAFE and (2) JSSE APIs in EMC RSA BSAFE SSL-J 5.x before 5.1.3 and 6.x before 6.0.2 make it easier for remote attackers to bypass intended cryptographic protection mechanisms by triggering application-data processing during the TLS handshake, a time at which the data is both unencrypted and unauthenticated. | ||||
| CVE-2011-1421 | 1 Emc | 1 Networker | 2025-04-11 | N/A |
| EMC NetWorker 7.5.x before 7.5.4.3 and 7.6.x before 7.6.1.5, when the client push feature is enabled, uses weak permissions for an unspecified file, which allows local users to gain privileges via unknown vectors. | ||||
| CVE-2012-0404 | 1 Emc | 1 Documentum Eroom | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in EMC Documentum eRoom before 7.4.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-4616 | 1 Emc | 1 Data Protection Advisor | 2025-04-11 | N/A |
| Directory traversal vulnerability in the Web UI in EMC Data Protection Advisor (DPA) 5.6 through SP1, 5.7 through SP1, and 5.8 through SP4 allows remote attackers to read arbitrary files via unspecified vectors. | ||||