ReportizFlow
Filtered by vendor Emc
Subscriptions
Total
415 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-0648 | 1 Emc | 1 Avamar | 2025-04-11 | N/A |
| Unspecified vulnerability in EMC Avamar before 5.0.4-30 allows remote authenticated users to gain privileges via unknown vectors. | ||||
| CVE-2013-3275 | 1 Emc | 2 Avamar Server, Avamar Server Virtual Edition | 2025-04-11 | N/A |
| EMC Avamar Server and Avamar Virtual Edition before 7.0 on Data Store Gen3, Gen4, and Gen4s platforms do not properly restrict use of FRAME elements, which makes it easier for remote attackers to obtain sensitive information via a crafted web site, related to "cross frame scripting vulnerabilities." | ||||
| CVE-2013-3270 | 1 Emc | 3 Celerra Control Station, Vnx, Vnx Control Station | 2025-04-11 | N/A |
| EMC VNX Control Station before 7.1.70.2 and Celerra Control Station before 6.0.70.1 have an incorrect group ownership for unspecified script files, which allows local users to gain privileges by leveraging nasadmin group membership. | ||||
| CVE-2012-2276 | 1 Emc | 1 Documentum Information Rights Management | 2025-04-11 | N/A |
| The IRM Server in EMC Documentum Information Rights Management 4.x before 4.7.0100 and 5.x before 5.0.1030 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via input data that (1) lacks FIPS fields or (2) has an invalid version number. | ||||
| CVE-2012-2277 | 1 Emc | 1 Documentum Information Rights Management | 2025-04-11 | N/A |
| The IRM Server in EMC Documentum Information Rights Management 4.x before 4.7.0100 and 5.x before 5.0.1030 allows remote attackers to cause a denial of service (pvcontrol.exe process hang) via \n (line feed) characters in the Id fields of many "batch begin untethered" commands. | ||||
| CVE-2012-2279 | 2 Emc, Rsa | 3 Rsa Authentication Manager, Authentication Manager, Securid Appliance | 2025-04-11 | N/A |
| Open redirect vulnerability in the Security Console in EMC RSA Authentication Manager 7.1 before SP4 P14 and RSA SecurID Appliance 3.0 before SP4 P14 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | ||||
| CVE-2012-2282 | 1 Emc | 3 Celerra Network Server, Vnx, Vnxe | 2025-04-11 | N/A |
| EMC Celerra Network Server 6.x before 6.0.61.0, VNX 7.x before 7.0.53.2, and VNXe 2.0 and 2.1 before 2.1.3.19077 (aka MR1 SP3.2) and 2.2 before 2.2.0.19078 (aka MR2 SP0.2) do not properly implement NFS access control, which allows remote authenticated users to read or modify files via a (1) NFSv2, (2) NFSv3, or (3) NFSv4 request. | ||||
| CVE-2012-2515 | 2 Emc, Ge | 7 Captiva Quickscan Pro, Documentum Applicationxtender Desktop, Intelligent Platforms Proficy Batch Execution and 4 more | 2025-04-11 | N/A |
| Multiple stack-based buffer overflows in the KeyHelp.KeyCtrl.1 ActiveX control in KeyHelp.ocx 1.2.312 in KeyWorks KeyHelp Module (aka the HTML Help component), as used in EMC Documentum ApplicationXtender Desktop 5.4; EMC Captiva Quickscan Pro 4.6 SP1; GE Intelligent Platforms Proficy Historian 3.1, 3.5, 4.0, and 4.5; GE Intelligent Platforms Proficy HMI/SCADA iFIX 5.0 and 5.1; GE Intelligent Platforms Proficy Pulse 1.0; GE Intelligent Platforms Proficy Batch Execution 5.6; GE Intelligent Platforms SI7 I/O Driver 7.20 through 7.42; and other products, allow remote attackers to execute arbitrary code via a long string in the second argument to the (1) JumpMappedID or (2) JumpURL method. | ||||
| CVE-2010-2860 | 1 Emc | 1 Celerra Network Attached Storage | 2025-04-11 | N/A |
| The EMC Celerra Network Attached Storage (NAS) appliance accepts external network traffic to IP addresses intended for an intranet network within the appliance, which allows remote attackers to read, create, or modify arbitrary files in the user data directory via NFS requests. | ||||
| CVE-2011-2738 | 2 Cisco, Emc | 6 Ciscoworks Lan Management Solution, Unified Operations Manager, Unified Service Monitor and 3 more | 2025-04-11 | N/A |
| Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used in Unified Operations Manager before 8.6 and CiscoWorks LAN Management Solution 3.x and 4.x before 4.1; and multiple EMC Ionix products including Application Connectivity Monitor (Ionix ACM) 2.3 and earlier, Adapter for Alcatel-Lucent 5620 SAM EMS (Ionix ASAM) 3.2.0.2 and earlier, IP Management Suite (Ionix IP) 8.1.1.1 and earlier, and other Ionix products; allow remote attackers to execute arbitrary code via crafted packets to TCP port 9002, aka Bug IDs CSCtn42961 and CSCtn64922, related to a buffer overflow. | ||||
| CVE-2011-2742 | 1 Emc | 1 Rsa Adaptive Authentication On-premise | 2025-04-11 | N/A |
| EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, SP1 Patch 3, SP2, SP2 Patch 1, and SP3 does not properly perform forensic evaluation upon receipt of device tokens from mobile apps, which might allow remote attackers to bypass intended application restrictions via a mobile device. | ||||
| CVE-2011-1424 | 3 Emc, Ibm, Microsoft | 4 Sourceone Email Management, Lotus Domino, Lotus Notes and 1 more | 2025-04-11 | N/A |
| The default configuration of ExShortcut\Web.config in EMC SourceOne Email Management before 6.6 SP1, when the Mobile Services component is used, does not properly set the localOnly attribute of the trace element, which allows remote authenticated users to obtain sensitive information via ASP.NET Application Tracing. | ||||
| CVE-2012-0396 | 1 Emc | 1 Documentum Xplore | 2025-04-11 | N/A |
| EMC Documentum xPlore 1.0, 1.1 before P07, and 1.2 does not properly enforce the requirement for BROWSE permission, which allows remote authenticated users to determine the existence of an object, or read object metadata, via a search. | ||||
| CVE-2012-2292 | 1 Emc | 2 Rsa Archer Egrc, Rsa Archer Smartsuite | 2025-04-11 | N/A |
| The Silverlight cross-domain policy in EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 does not restrict access to the Archer application, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors. | ||||
| CVE-2012-4611 | 1 Emc | 1 Rsa Adaptive Authentication On-premise | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Adaptive Authentication On-Premise (AAOP) before 7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-4616 | 1 Emc | 1 Data Protection Advisor | 2025-04-11 | N/A |
| Directory traversal vulnerability in the Web UI in EMC Data Protection Advisor (DPA) 5.6 through SP1, 5.7 through SP1, and 5.8 through SP4 allows remote attackers to read arbitrary files via unspecified vectors. | ||||
| CVE-2012-0406 | 1 Emc | 1 Data Protection Advisor | 2025-04-11 | N/A |
| The DPA_Utilities.cProcessAuthenticationData function in EMC Data Protection Advisor (DPA) 5.5 through 5.8 SP1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an AUTHENTICATECONNECTION command that (1) lacks a password field or (2) has an empty password. | ||||
| CVE-2013-0929 | 1 Emc | 1 Alphastor | 2025-04-11 | N/A |
| Format string vulnerability in the _vsnsprintf function in rrobotd.exe in the Device Manager in EMC AlphaStor 4.0 before build 800 allows remote attackers to execute arbitrary code via format string specifiers in a command. | ||||
| CVE-2013-2717 | 1 Emc | 1 Smarts Network Configuration Manager | 2025-04-11 | N/A |
| Multiple unspecified vulnerabilities in the System Management (aka SysAdmin) Console in EMC Smarts Network Configuration Manager (NCM) through 9.2 have unknown impact and attack vectors, a different issue than CVE-2013-0935. NOTE: this might overlap CVEs for open-source server components or other third-party components. | ||||
| CVE-2010-0620 | 1 Emc | 1 Homebase Server | 2025-04-11 | N/A |
| Directory traversal vulnerability in the SSL Service in EMC HomeBase Server 6.2.x before 6.2.3 and 6.3.x before 6.3.2 allows remote attackers to overwrite arbitrary files with any content, and consequently execute arbitrary code, via a .. (dot dot) in an unspecified parameter. | ||||