Filtered by vendor Emc
Subscribe
Total
414 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-1744 | 1 Emc | 1 Captiva Einput | 2019-03-14 | 5.8 MEDIUM | N/A |
| EMC Captiva eInput 2.1.1 before 2.1.1.37 does not restrict the origin of calls to ActiveX functions, which allows remote attackers to read arbitrary files or cause a denial of service via a crafted web site. | |||||
| CVE-2011-1742 | 1 Emc | 1 Data Protection Advisor | 2019-03-14 | 2.1 LOW | N/A |
| EMC Data Protection Advisor before 5.8.1 places cleartext account credentials in the DPA configuration file in unspecified circumstances, which might allow local users to obtain sensitive information by reading this file. | |||||
| CVE-2011-1743 | 1 Emc | 1 Captiva Einput | 2019-03-12 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in EMC Captiva eInput 2.1.1 before 2.1.1.37 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2012-2287 | 2 Emc, Microsoft | 4 Rsa Authentication Agent, Rsa Authentication Client, Windows Server 2003 and 1 more | 2019-02-26 | 8.5 HIGH | N/A |
| The authentication functionality in EMC RSA Authentication Agent 7.1 and RSA Authentication Client 3.5 on Windows XP and Windows Server 2003, when an unspecified configuration exists, allows remote authenticated users to bypass an intended token-authentication step, and establish a login session to a remote host, by leveraging Windows credentials for that host. | |||||
| CVE-2016-0916 | 1 Emc | 1 Networker | 2019-02-20 | 10.0 HIGH | 9.8 CRITICAL |
| EMC NetWorker 8.2.1.x and 8.2.2.x before 8.2.2.6 and 9.x before 9.0.0.6 mishandles authentication, which allows remote attackers to execute arbitrary commands by leveraging access to a different NetWorker instance. | |||||
| CVE-2015-4540 | 1 Emc | 1 Rsa Identity Management And Governance | 2019-02-12 | 3.5 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Identity Management & Governance (IMG) before 6.8.1 P18 and 6.9.x before 6.9.1 P6 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2015-0525 | 1 Emc | 1 Secure Remote Services | 2019-02-01 | 7.5 HIGH | N/A |
| The Gateway Provisioning service in EMC Secure Remote Services Virtual Edition (ESRS VE) 3.02 and 3.03 allows remote attackers to execute arbitrary OS commands via unspecified vectors. | |||||
| CVE-2018-15771 | 1 Emc | 2 Recoverpoint, Recoverpoint For Virtual Machines | 2019-02-01 | 4.9 MEDIUM | 5.5 MEDIUM |
| Dell EMC RecoverPoint versions prior to 5.1.2.1 and RecoverPoint for VMs versions prior to 5.2.0.2 contain an information disclosure vulnerability. A malicious boxmgmt user may potentially be able to determine the existence of any system file via Boxmgmt CLI. | |||||
| CVE-2014-0643 | 1 Emc | 2 Rsa Netwitness, Rsa Security Analytics | 2018-12-12 | 7.6 HIGH | N/A |
| EMC RSA NetWitness before 9.8.5.19 and RSA Security Analytics before 10.2.4 and 10.3.x before 10.3.2, when Kerberos PAM is enabled, do not require a password, which allows remote attackers to bypass authentication by leveraging knowledge of a valid account name. | |||||
| CVE-2006-2391 | 1 Emc | 1 Retrospect Client | 2018-10-18 | 7.5 HIGH | N/A |
| Buffer overflow in EMC Retrospect Client 5.1 through 7.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet to port 497. | |||||
| CVE-2008-0656 | 1 Emc | 2 Documentum Administrator, Documentum Webtop | 2018-10-15 | 10.0 HIGH | N/A |
| Unrestricted file upload vulnerability in dmclTrace.jsp in EMC Documentum Administrator 5.3.0.313 and Webtop 5.3.0.317 allows remote attackers to overwrite arbitrary files via the filename attribute. | |||||
| CVE-2007-6426 | 1 Emc | 1 Replistor | 2018-10-15 | 7.8 HIGH | N/A |
| Multiple heap-based buffer overflows in EMC RepliStor 6.2 SP2, and possibly earlier versions, allow remote attackers to execute arbitrary code via crafted compressed data. | |||||
| CVE-2007-3618 | 1 Emc | 1 Legato Networker | 2018-10-15 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the NetWorker Remote Exec Service (nsrexecd.exe) in EMC Software NetWorker 7.x.x allows remote attackers to execute arbitrary code via a (1) poll or (2) kill request with a "long invalid subcmd." | |||||
| CVE-2009-0311 | 1 Emc | 1 Autostart | 2018-10-11 | 10.0 HIGH | N/A |
| The Backbone service (ftbackbone.exe) in EMC AutoStart before 5.3 SP2 allows remote attackers to execute arbitrary code via a packet with a crafted value that is dereferenced as a function pointer. | |||||
| CVE-2008-6219 | 1 Emc | 5 Networker Client, Networker Module, Networker Powersnap and 2 more | 2018-10-11 | 7.8 HIGH | N/A |
| nsrexecd.exe in multiple EMC Networker products including EMC NetWorker Server, Storage Node, and Client 7.3.x and 7.4, 7.4.1, 7.4.2, Client and Storage Node for Open VMS 7.3.2 ECO6 and earlier, Module for Microsoft Exchange 5.1 and earlier, Module for Microsoft Applications 2.0 and earlier, Module for Meditech 2.0 and earlier, and PowerSnap 2.4 SP1 and earlier does not properly control the allocation of memory, which allows remote attackers to cause a denial of service (memory exhaustion) via multiple crafted RPC requests. | |||||
| CVE-2008-5420 | 1 Emc | 1 Control Center | 2018-10-11 | 7.8 HIGH | N/A |
| The SAN Manager Master Agent service (aka msragent.exe) in EMC Control Center before 6.1 does not properly authenticate SST_SENDFILE requests, which allows remote attackers to read arbitrary files. | |||||
| CVE-2008-5419 | 1 Emc | 1 Control Center | 2018-10-11 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in SAN Manager Master Agent service (aka msragent.exe) in EMC Control Center 5.2 SP5 and 6.0 allows remote attackers to execute arbitrary code via multiple SST_CTGTRANS requests. | |||||
| CVE-2008-3288 | 1 Emc | 1 Dantz Retrospect Backup Server | 2018-10-11 | 5.0 MEDIUM | N/A |
| The Server Authentication Module in EMC Dantz Retrospect Backup Server 7.5.508 uses a "weak hash algorithm," which makes it easier for context-dependent attackers to recover passwords. | |||||
| CVE-2010-2860 | 1 Emc | 1 Celerra Network Attached Storage | 2018-10-10 | 9.3 HIGH | N/A |
| The EMC Celerra Network Attached Storage (NAS) appliance accepts external network traffic to IP addresses intended for an intranet network within the appliance, which allows remote attackers to read, create, or modify arbitrary files in the user data directory via NFS requests. | |||||
| CVE-2010-1904 | 1 Emc | 1 Rsa Key Manager Client | 2018-10-10 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in EMC RSA Key Manager (RKM) C Client 1.5.x allows user-assisted remote attackers to execute arbitrary SQL commands via the metadata section of encrypted key data. | |||||