ReportizFlow
Filtered by vendor Emc
Subscriptions
Total
415 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-3274 | 1 Emc | 2 Avamar Server, Avamar Server Virtual Edition | 2025-04-11 | N/A |
| EMC Avamar Server and Avamar Virtual Edition before 7.0 on Data Store Gen3, Gen4, and Gen4s platforms do not properly determine authorization for calls to Java RMI methods, which allows remote authenticated users to execute arbitrary code via unspecified vectors. | ||||
| CVE-2013-3271 | 1 Emc | 1 Rsa Authentication Agent | 2025-04-11 | N/A |
| EMC RSA Authentication Agent for PAM 7.0 before 7.0.2.1 enforces the maximum number of login attempts within the PAM-enabled application codebase, instead of within the Agent codebase, which makes it easier for remote attackers to discover correct login credentials via a brute-force attack. | ||||
| CVE-2012-0407 | 1 Emc | 1 Data Protection Advisor | 2025-04-11 | N/A |
| Integer overflow in the DPA_Utilities library in EMC Data Protection Advisor (DPA) 5.5 through 5.8 SP1 allows remote attackers to cause a denial of service (infinite loop) via a negative 64-bit value in a certain size field. | ||||
| CVE-2012-0404 | 1 Emc | 1 Documentum Eroom | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in EMC Documentum eRoom before 7.4.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-0395 | 1 Emc | 1 Networker | 2025-04-11 | N/A |
| Buffer overflow in the server in EMC NetWorker 7.5.x and 7.6.x before 7.6.3 SP1 Cumulative Release build 851 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors. | ||||
| CVE-2011-0648 | 1 Emc | 1 Avamar | 2025-04-11 | N/A |
| Unspecified vulnerability in EMC Avamar before 5.0.4-30 allows remote authenticated users to gain privileges via unknown vectors. | ||||
| CVE-2012-2277 | 1 Emc | 1 Documentum Information Rights Management | 2025-04-11 | N/A |
| The IRM Server in EMC Documentum Information Rights Management 4.x before 4.7.0100 and 5.x before 5.0.1030 allows remote attackers to cause a denial of service (pvcontrol.exe process hang) via \n (line feed) characters in the Id fields of many "batch begin untethered" commands. | ||||
| CVE-2013-6173 | 1 Emc | 1 Document Sciences Xpression | 2025-04-11 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allow remote attackers to hijack the authentication of administrators for requests that perform administrative actions in (1) xAdmin or (2) xDashboard. | ||||
| CVE-2013-6175 | 1 Emc | 1 Document Sciences Xpression | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allow remote attackers to inject arbitrary web script or HTML via unspecified input to a (1) xAdmin or (2) xDashboard form. | ||||
| CVE-2013-6176 | 1 Emc | 1 Document Sciences Xpression | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allow remote authenticated users to execute arbitrary SQL commands via unspecified input to a (1) xAdmin or (2) xDashboard form. | ||||
| CVE-2013-6180 | 1 Emc | 2 Rsa Netwitness Nextgen, Rsa Security Analytics | 2025-04-11 | N/A |
| EMC RSA Security Analytics (SA) 10.x before 10.3, and RSA NetWitness NextGen 9.8, does not ensure that SA Core requests originate from the SA REST UI, which allows remote attackers to bypass intended access restrictions by sending a Core request from a web browser or other unintended user agent. | ||||
| CVE-2010-1919 | 1 Emc | 1 Avamar | 2025-04-11 | N/A |
| Unspecified vulnerability in EMC Avamar 4.1.x and 5.0 before SP1 allows remote attackers to cause a denial of service (gsan service hang) by sending a crafted message using TCP. | ||||
| CVE-2014-0625 | 2 Dell, Emc | 2 Bsafe Ssl-j, Rsa Bsafe Ssl-j | 2025-04-11 | N/A |
| The SSLSocket implementation in the (1) JSAFE and (2) JSSE APIs in EMC RSA BSAFE SSL-J 5.x before 5.1.3 and 6.x before 6.0.2 allows remote attackers to cause a denial of service (memory consumption) by triggering application-data processing during the TLS handshake, a time at which the data is internally buffered. | ||||
| CVE-2014-0626 | 2 Dell, Emc | 2 Bsafe Ssl-j, Rsa Bsafe Ssl-j | 2025-04-11 | N/A |
| The (1) JSAFE and (2) JSSE APIs in EMC RSA BSAFE SSL-J 5.x before 5.1.3 and 6.x before 6.0.2 make it easier for remote attackers to bypass intended cryptographic protection mechanisms by triggering application-data processing during the TLS handshake, a time at which the data is both unencrypted and unauthenticated. | ||||
| CVE-2011-2733 | 1 Emc | 1 Rsa Adaptive Authentication On-premise | 2025-04-11 | N/A |
| EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, SP1 Patch 3, SP2, SP2 Patch 1, and SP3 does not prevent reuse of authentication information during a session, which allows remote authenticated users to bypass intended access restrictions via vectors related to knowledge of the originally used authentication information and unspecified other session information. | ||||
| CVE-2008-3288 | 1 Emc | 1 Dantz Retrospect Backup Server | 2025-04-09 | N/A |
| The Server Authentication Module in EMC Dantz Retrospect Backup Server 7.5.508 uses a "weak hash algorithm," which makes it easier for context-dependent attackers to recover passwords. | ||||
| CVE-2007-4155 | 1 Emc | 1 Vmware | 2025-04-09 | N/A |
| Absolute path traversal vulnerability in a certain ActiveX control in vielib.dll in EMC VMware 6.0.0 allows remote attackers to execute arbitrary local programs via a full pathname in the first two arguments to the (1) CreateProcess or (2) CreateProcessEx method. | ||||
| CVE-2007-5323 | 1 Emc | 1 Replistor | 2025-04-09 | N/A |
| The RepliStor Server Service in EMC Replistor 6.1.3 allows remote attackers to execute arbitrary code via a size value that causes RepliStor to create a smaller buffer than expected, which triggers a buffer overflow when that buffer is used in a recv function call. | ||||
| CVE-2009-1119 | 1 Emc | 1 Replistor | 2025-04-09 | N/A |
| Multiple heap-based buffer overflows in EMC RepliStor 6.2 before SP5 and 6.3 before SP2 allow remote attackers to execute arbitrary code via a crafted message to (1) ctrlservice.exe or (2) rep_srv.exe, possibly related to an integer overflow. | ||||
| CVE-2009-3744 | 1 Emc | 1 Replistor | 2025-04-09 | N/A |
| rep_serv.exe 6.3.1.3 in the server in EMC RepliStor allows remote attackers to cause a denial of service via a crafted packet to TCP port 7144. | ||||