ReportizFlow
Filtered by vendor Emc
Subscriptions
Total
414 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-3286 | 1 Emc | 1 Documentum Eroom | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum eRoom before 7.4.4 P11 allow remote attackers to inject arbitrary web script or HTML via a crafted URL. | ||||
| CVE-2013-3285 | 1 Emc | 1 Networker | 2025-04-11 | N/A |
| The NetWorker Management Console (NMC) in EMC NetWorker 8.0.x before 8.0.2.3, when using Active Directory/LDAP for authentication, allows remote authenticated users to discover cleartext administrator passwords via (1) unspecified NMC audit reports or (2) requests to RAP resources. | ||||
| CVE-2013-0937 | 1 Emc | 4 Documentum Records Manager, Documentum Taskspace, Documentum Wdk and 1 more | 2025-04-11 | N/A |
| Session fixation vulnerability in EMC Documentum Webtop before 6.7 SP2, Documentum WDK before 6.7 SP2, Documentum Taskspace before 6.7 SP2, and Documentum Records Manager before 6.7 SP2 allows remote attackers to hijack web sessions via unspecified vectors. | ||||
| CVE-2013-3274 | 1 Emc | 2 Avamar Server, Avamar Server Virtual Edition | 2025-04-11 | N/A |
| EMC Avamar Server and Avamar Virtual Edition before 7.0 on Data Store Gen3, Gen4, and Gen4s platforms do not properly determine authorization for calls to Java RMI methods, which allows remote authenticated users to execute arbitrary code via unspecified vectors. | ||||
| CVE-2013-3271 | 1 Emc | 1 Rsa Authentication Agent | 2025-04-11 | N/A |
| EMC RSA Authentication Agent for PAM 7.0 before 7.0.2.1 enforces the maximum number of login attempts within the PAM-enabled application codebase, instead of within the Agent codebase, which makes it easier for remote attackers to discover correct login credentials via a brute-force attack. | ||||
| CVE-2012-4608 | 1 Emc | 1 Rsa Netwitness Informer | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the web interface in EMC RSA NetWitness Informer before 2.0.5.6 allows remote attackers to hijack the authentication of arbitrary users. | ||||
| CVE-2012-4609 | 1 Emc | 1 Rsa Netwitness Informer | 2025-04-11 | N/A |
| The web interface in EMC RSA NetWitness Informer before 2.0.5.6 allows remote attackers to conduct clickjacking attacks via unspecified vectors. | ||||
| CVE-2012-0409 | 1 Emc | 1 Autostart | 2025-04-11 | N/A |
| Multiple buffer overflows in EMC AutoStart 5.3.x and 5.4.x before 5.4.3 allow remote attackers to cause a denial of service (agent crash) or possibly execute arbitrary code via crafted packets. | ||||
| CVE-2013-6173 | 1 Emc | 1 Document Sciences Xpression | 2025-04-11 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allow remote attackers to hijack the authentication of administrators for requests that perform administrative actions in (1) xAdmin or (2) xDashboard. | ||||
| CVE-2013-6175 | 1 Emc | 1 Document Sciences Xpression | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allow remote attackers to inject arbitrary web script or HTML via unspecified input to a (1) xAdmin or (2) xDashboard form. | ||||
| CVE-2012-0398 | 1 Emc | 1 Documentum Eroom | 2025-04-11 | N/A |
| EMC Documentum eRoom before 7.4.4 does not properly validate session cookies, which allows remote attackers to hijack or replay sessions via unspecified vectors. | ||||
| CVE-2013-6176 | 1 Emc | 1 Document Sciences Xpression | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allow remote authenticated users to execute arbitrary SQL commands via unspecified input to a (1) xAdmin or (2) xDashboard form. | ||||
| CVE-2013-6180 | 1 Emc | 2 Rsa Netwitness Nextgen, Rsa Security Analytics | 2025-04-11 | N/A |
| EMC RSA Security Analytics (SA) 10.x before 10.3, and RSA NetWitness NextGen 9.8, does not ensure that SA Core requests originate from the SA REST UI, which allows remote attackers to bypass intended access restrictions by sending a Core request from a web browser or other unintended user agent. | ||||
| CVE-2011-2733 | 1 Emc | 1 Rsa Adaptive Authentication On-premise | 2025-04-11 | N/A |
| EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, SP1 Patch 3, SP2, SP2 Patch 1, and SP3 does not prevent reuse of authentication information during a session, which allows remote authenticated users to bypass intended access restrictions via vectors related to knowledge of the originally used authentication information and unspecified other session information. | ||||
| CVE-2012-4610 | 1 Emc | 1 Avamar | 2025-04-11 | N/A |
| EMC Avamar Client for VMware 6.1 stores the cleartext server root password on the proxy client, which might allow remote attackers to obtain sensitive information by leveraging "network access" to the proxy client. | ||||
| CVE-2011-2735 | 1 Emc | 1 Autostart | 2025-04-11 | N/A |
| Multiple buffer overflows in EMC AutoStart 5.3.x and 5.4.x before 5.4.1 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by sending a crafted message over TCP. | ||||
| CVE-2012-4611 | 1 Emc | 1 Rsa Adaptive Authentication On-premise | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Adaptive Authentication On-Premise (AAOP) before 7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-4612 | 1 Emc | 2 Rsa Data Protection Manager Appliance, Rsa Data Protection Manager Software Server | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in EMC RSA Data Protection Manager Appliance and Software Server 2.7.x and 3.x before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-4613 | 1 Emc | 1 Rsa Data Protection Manager Appliance | 2025-04-11 | N/A |
| EMC RSA Data Protection Manager Appliance 2.7.x and 3.x before 3.2.1 does not properly restrict the number of authentication attempts by a user account, which makes it easier for local users to bypass intended access restrictions via a brute-force attack. | ||||
| CVE-2012-0395 | 1 Emc | 1 Networker | 2025-04-11 | N/A |
| Buffer overflow in the server in EMC NetWorker 7.5.x and 7.6.x before 7.6.3 SP1 Cumulative Release build 851 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors. | ||||