Filtered by vendor Emc
Subscribe
Total
414 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-14379 | 1 Emc | 1 Rsa Authentication Manager | 2025-04-20 | 3.5 LOW | 5.4 MEDIUM |
| EMC RSA Authentication Manager before 8.2 SP1 P6 has a cross-site scripting vulnerability that could potentially be exploited by malicious users to compromise the affected system. | |||||
| CVE-2016-9870 | 1 Emc | 1 Isilon Onefs | 2025-04-20 | 7.2 HIGH | 6.7 MEDIUM |
| EMC Isilon OneFS 8.0.0.0, EMC Isilon OneFS 7.2.1.0 - 7.2.1.2, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, and EMC Isilon OneFS 7.1.0.x is affected by an LDAP injection vulnerability that could potentially be exploited by a malicious user to compromise the system. | |||||
| CVE-2015-4527 | 1 Emc | 2 Avamar Server, Avamar Server Virtual Edition | 2025-04-12 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in EMC Avamar Server 7.x before 7.1.2 and Avamar Virtual Addition (AVE) 7.x before 7.1.2 allows remote attackers to read arbitrary files by using the Avamar Desktop/Laptop client interface to send crafted parameters. | |||||
| CVE-2016-0905 | 1 Emc | 1 Avamar Server | 2025-04-12 | 7.2 HIGH | 6.7 MEDIUM |
| Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 allow local users to obtain root privileges by leveraging admin access and entering a sudo command. | |||||
| CVE-2014-4619 | 1 Emc | 1 Rsa Identity Management And Governance | 2025-04-12 | 9.3 HIGH | N/A |
| EMC RSA Identity Management and Governance (IMG) 6.5.x before 6.5.1 P11, 6.5.2 before P02HF01, and 6.8.x before 6.8.1 P07, when Novell Identity Manager (aka NovellIM) is used, allows remote attackers to bypass authentication via an arbitrary valid username. | |||||
| CVE-2016-0909 | 1 Emc | 2 Avamar Data Store, Avamar Server Virtual Edition | 2025-04-12 | 7.2 HIGH | 8.4 HIGH |
| EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) versions 7.3 and older contain a vulnerability that may expose the Avamar servers to potentially be compromised by malicious users. | |||||
| CVE-2016-0893 | 1 Emc | 1 Rsa Data Loss Prevention | 2025-04-12 | 4.0 MEDIUM | 4.3 MEDIUM |
| EMC RSA Data Loss Prevention 9.6 before SP2 P5 allows remote authenticated users to obtain sensitive information by reading error messages. | |||||
| CVE-2015-0543 | 1 Emc | 1 Secure Remote Services | 2025-04-12 | 5.8 MEDIUM | N/A |
| EMC Secure Remote Services Virtual Edition (ESRS VE) 3.x before 3.06 does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-2504 | 1 Emc | 1 Documentum D2 | 2025-04-12 | 9.0 HIGH | N/A |
| EMC Documentum D2 3.1 before P20, 3.1 SP1 before P02, 4.0 before P10, 4.1 before P13, and 4.2 before P01 allows remote authenticated users to bypass intended access restrictions and execute arbitrary Documentum Query Language (DQL) queries by calling (1) a core method or (2) a D2FS web-service method. | |||||
| CVE-2015-4546 | 1 Emc | 2 Rsa Certificate Manager, Rsa Onestep | 2025-04-12 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in EMC RSA OneStep 6.9 before build 559, as used in RSA Certificate Manager and RSA Registration Manager through 6.9 build 558 and other products, allows remote attackers to read arbitrary files via a crafted KCSOSC_ERROR_PAGE parameter. | |||||
| CVE-2015-0530 | 1 Emc | 1 Networker | 2025-04-12 | 7.2 HIGH | N/A |
| Buffer overflow in an unspecified function in nsr_render_log in EMC NetWorker before 8.0.4.3, 8.1.x before 8.1.2.6, and 8.2.x before 8.2.1.2 allows local users to gain privileges via unknown vectors. | |||||
| CVE-2015-4545 | 1 Emc | 1 Isilon Onefs | 2025-04-12 | 9.0 HIGH | 8.0 HIGH |
| EMC Isilon OneFS 7.1 before 7.1.1.8, 7.2.0 before 7.2.0.4, and 7.2.1 before 7.2.1.1 allows remote authenticated administrators to bypass a SmartLock root-login restriction by creating a root account and establishing a login session. | |||||
| CVE-2016-0913 | 1 Emc | 2 Networker Module For Microsoft Applications, Replication Manager | 2025-04-12 | 7.5 HIGH | 9.8 CRITICAL |
| The client in EMC Replication Manager (RM) before 5.5.3.0_01-PatchHotfix, EMC Network Module for Microsoft 3.x, and EMC Networker Module for Microsoft 8.2.x before 8.2.3.6 allows remote RM servers to execute arbitrary commands by placing a crafted script in an SMB share. | |||||
| CVE-2015-0524 | 1 Emc | 1 Secure Remote Services | 2025-04-12 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Gateway Provisioning service in EMC Secure Remote Services Virtual Edition (ESRS VE) 3.02 and 3.03 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2015-4530 | 1 Emc | 5 Documentum Administrator, Documentum Digital Asset Manager, Documentum Taskspace and 2 more | 2025-04-12 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in EMC Documentum WebTop before 6.8P01, Documentum Administrator through 7.2, Documentum Digital Assets Manager through 6.5SP6, Documentum Web Publishers through 6.5SP7, and Documentum Task Space through 6.7SP2 allows remote attackers to hijack the authentication of arbitrary users. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2518. | |||||
| CVE-2016-0908 | 1 Emc | 1 Isilon Onefs | 2025-04-12 | 6.8 MEDIUM | 6.7 MEDIUM |
| EMC Isilon OneFS 7.1.x before 7.1.1.9 and 7.2.x before 7.2.1.2 allows local users to obtain root shell access by leveraging administrative privileges. | |||||
| CVE-2016-0904 | 1 Emc | 1 Avamar Server | 2025-04-12 | 5.0 MEDIUM | 8.6 HIGH |
| Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 use the same encryption key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms and obtain sensitive client-server traffic information by leveraging knowledge of this key from another installation. | |||||
| CVE-2015-0523 | 1 Emc | 2 Rsa Certificate Manager, Rsa Registration Manager | 2025-04-12 | 7.8 HIGH | N/A |
| EMC RSA Certificate Manager (RCM) before 6.9 build 558 and RSA Registration Manager (RRM) before 6.9 build 558 allow remote attackers to cause an Administration Server denial of service via an invalid MIME e-mail message with a multipart/* Content-Type header. | |||||
| CVE-2014-0638 | 1 Emc | 1 Rsa Adaptive Authentication On-premise | 2025-04-12 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in RSA Adaptive Authentication (On-Premise) 6.x and 7.x before 7.1 SP0 P2 allows remote attackers to inject arbitrary web script or HTML via vectors involving FRAME elements, related to a "cross-frame scripting" issue. | |||||
| CVE-2014-0629 | 1 Emc | 1 Documentum Taskspace | 2025-04-12 | 8.5 HIGH | N/A |
| EMC Documentum TaskSpace (TSP) 6.7SP1 before P25 and 6.7SP2 before P11 does not properly handle the interaction between the dm_world group and the dm_superusers_dynamic group, which allows remote authenticated users to obtain sensitive information and gain privileges in opportunistic circumstances by leveraging an incorrect group-addition implementation. | |||||