Filtered by vendor Emc
Subscriptions
Total
414 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-2740 | 2 Emc, Mozilla | 2 Rsa Key Manager Appliance, Firefox | 2025-04-11 | N/A |
| EMC RSA Key Manager (RKM) Appliance 2.7 SP1 before 2.7.1.6, when Firefox 4.x or 5.0 is used, does not properly terminate a user session upon a logout action, which makes it easier for remote attackers to execute arbitrary code by leveraging an unattended workstation. | ||||
| CVE-2011-2741 | 1 Emc | 1 Rsa Adaptive Authentication On-premise | 2025-04-11 | N/A |
| EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, SP1 Patch 3, SP2, SP2 Patch 1, and SP3 does not properly implement Device Recovery and Device Identification, which might allow remote attackers to bypass intended security restrictions on a (1) previously non-registered device or (2) registered device by sending unspecified "data elements." | ||||
| CVE-2011-2742 | 1 Emc | 1 Rsa Adaptive Authentication On-premise | 2025-04-11 | N/A |
| EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, SP1 Patch 3, SP2, SP2 Patch 1, and SP3 does not properly perform forensic evaluation upon receipt of device tokens from mobile apps, which might allow remote attackers to bypass intended application restrictions via a mobile device. | ||||
| CVE-2011-4144 | 2 Centos, Emc | 2 Centos, Documentum Content Server | 2025-04-11 | N/A |
| Unspecified vulnerability in EMC Documentum Content Server 6.0, 6.5 before SP2 P02, 6.5 SP3 before SP3 P02, and 6.6 before P02 allows local users to obtain "highest super user privileges" by leveraging system administrator privileges. | ||||
| CVE-2012-2277 | 1 Emc | 1 Documentum Information Rights Management | 2025-04-11 | N/A |
| The IRM Server in EMC Documentum Information Rights Management 4.x before 4.7.0100 and 5.x before 5.0.1030 allows remote attackers to cause a denial of service (pvcontrol.exe process hang) via \n (line feed) characters in the Id fields of many "batch begin untethered" commands. | ||||
| CVE-2012-2283 | 2 Emc, Iomega | 4 Lifeline, Home Media Network Hard Drive, Iconnect and 1 more | 2025-04-11 | N/A |
| The Iomega Home Media Network Hard Drive with EMC Lifeline firmware before 2.104, Home Media Network Hard Drive Cloud Edition with EMC Lifeline firmware before 3.2.3.15290, iConnect with EMC Lifeline firmware before 2.5.26.18966, and StorCenter with EMC Lifeline firmware before 2.0.18.23122, 2.1.x before 2.1.42.18967, and 3.x before 3.2.3.15290 allow remote authenticated users to read or modify data on arbitrary remote shares via unspecified vectors. | ||||
| CVE-2012-2285 | 1 Emc | 2 Cloud Tiering Appliance, Cloud Tiering Appliance Virtual Edition | 2025-04-11 | N/A |
| EMC Cloud Tiering Appliance (aka CTA, formerly FMA) 9.0 and earlier, and Cloud Tiering Appliance Virtual Edition (CTA/VE) 9.0 and earlier, allows remote attackers to obtain GUI administrative access by sending a crafted file during the authentication phase. | ||||
| CVE-2012-2287 | 2 Emc, Microsoft | 4 Rsa Authentication Agent, Rsa Authentication Client, Windows Server 2003 and 1 more | 2025-04-11 | N/A |
| The authentication functionality in EMC RSA Authentication Agent 7.1 and RSA Authentication Client 3.5 on Windows XP and Windows Server 2003, when an unspecified configuration exists, allows remote authenticated users to bypass an intended token-authentication step, and establish a login session to a remote host, by leveraging Windows credentials for that host. | ||||
| CVE-2012-2289 | 1 Emc | 2 Applicationxtender Desktop, Applicationxtender Web Access .net | 2025-04-11 | N/A |
| EMC ApplicationXtender Desktop before 6.5 SP2 and ApplicationXtender Web Access .NET before 6.5 SP2 allow remote attackers to upload files to any location, and possibly execute arbitrary code, via unspecified vectors. | ||||
| CVE-2012-2290 | 1 Emc | 1 Networker Module For Microsoft Applications | 2025-04-11 | N/A |
| The client in EMC NetWorker Module for Microsoft Applications (NMM) 2.2.1, 2.3 before build 122, and 2.4 before build 375 allows remote attackers to execute arbitrary code by sending a crafted message over a TCP communication channel. | ||||
| CVE-2012-2515 | 2 Emc, Ge | 7 Captiva Quickscan Pro, Documentum Applicationxtender Desktop, Intelligent Platforms Proficy Batch Execution and 4 more | 2025-04-11 | N/A |
| Multiple stack-based buffer overflows in the KeyHelp.KeyCtrl.1 ActiveX control in KeyHelp.ocx 1.2.312 in KeyWorks KeyHelp Module (aka the HTML Help component), as used in EMC Documentum ApplicationXtender Desktop 5.4; EMC Captiva Quickscan Pro 4.6 SP1; GE Intelligent Platforms Proficy Historian 3.1, 3.5, 4.0, and 4.5; GE Intelligent Platforms Proficy HMI/SCADA iFIX 5.0 and 5.1; GE Intelligent Platforms Proficy Pulse 1.0; GE Intelligent Platforms Proficy Batch Execution 5.6; GE Intelligent Platforms SI7 I/O Driver 7.20 through 7.42; and other products, allow remote attackers to execute arbitrary code via a long string in the second argument to the (1) JumpMappedID or (2) JumpURL method. | ||||
| CVE-2013-0936 | 1 Emc | 6 Smarts Ip Manager, Smarts Mpls Manager, Smarts Network Protocol Manager and 3 more | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in EMC Smarts IP Manager, Smarts Service Assurance Manager, Smarts Server Manager, Smarts VoIP Availability Manager, Smarts Network Protocol Manager, and Smarts MPLS Manager before 9.2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | ||||
| CVE-2013-0939 | 1 Emc | 4 Documentum Records Manager, Documentum Taskspace, Documentum Wdk and 1 more | 2025-04-11 | N/A |
| EMC Documentum Webtop before 6.7 SP2, Documentum WDK before 6.7 SP2, Documentum Taskspace before 6.7 SP2, and Documentum Records Manager before 6.7 SP2 allow remote attackers to obtain sensitive information via vectors involving cross-origin frame navigation, related to a "Cross Frame Scripting" issue. | ||||
| CVE-2013-0945 | 1 Emc | 1 Avamar | 2025-04-11 | N/A |
| EMC Avamar Client before 6.1.101-89 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | ||||
| CVE-2006-7201 | 1 Emc | 1 Rsa Security Sitekey | 2025-04-09 | N/A |
| EMC RSA Security SiteKey does not set the secure qualifier on the SiteKey Flash token (aka the PassMark Flash shared object), which might allow remote attackers to obtain the token via HTTP. | ||||
| CVE-2006-7199 | 1 Emc | 1 Rsa Security Sitekey | 2025-04-09 | N/A |
| EMC RSA Security SiteKey allows remote attackers to display the correct image via a man-in-the-middle (MITM) attack in which an attacker-controlled server proxies authentication data to and from a legitimate SiteKey server. NOTE: the vendor disputes the severity of the issue, stating that it is easier to monitor this attack than "attacks against static web pages." | ||||
| CVE-2006-3892 | 1 Emc | 1 Networker | 2025-04-09 | N/A |
| The Management Console server in EMC NetWorker (formerly Legato NetWorker) 7.3.2 before Jumbo Update 1 uses weak authentication, which allows remote attackers to execute arbitrary commands. | ||||
| CVE-2007-4155 | 1 Emc | 1 Vmware | 2025-04-09 | N/A |
| Absolute path traversal vulnerability in a certain ActiveX control in vielib.dll in EMC VMware 6.0.0 allows remote attackers to execute arbitrary local programs via a full pathname in the first two arguments to the (1) CreateProcess or (2) CreateProcessEx method. | ||||
| CVE-2008-4916 | 2 Emc, Vmware | 7 Vmware Player, Vmware Ace, Vmware Esx and 4 more | 2025-04-09 | N/A |
| Unspecified vulnerability in a guest virtual device driver in VMware Workstation before 5.5.9 build 126128, and 6.5.1 and earlier 6.x versions; VMware Player before 1.0.9 build 126128, and 2.5.1 and earlier 2.x versions; VMware ACE before 1.0.8 build 125922, and 2.5.1 and earlier 2.x versions; VMware Server 1.x before 1.0.8 build 126538 and 2.0.x before 2.0.1 build 156745; VMware Fusion before 2.0.1; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to cause a denial of service (host OS crash) via unknown vectors. | ||||
| CVE-2008-3684 | 1 Emc | 1 Documentum Applicationxtender | 2025-04-09 | N/A |
| Heap-based buffer overflow in aws_tmxn.exe in the Admin Agent service in the server in EMC Documentum ApplicationXtender Workflow, possibly 5.40 SP1 and earlier, allows remote attackers to execute arbitrary code via crafted packet data to TCP port 2606. | ||||