Filtered by vendor Emc
Subscribe
Total
414 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-0893 | 1 Emc | 1 Rsa Data Loss Prevention | 2025-04-12 | 4.0 MEDIUM | 4.3 MEDIUM |
| EMC RSA Data Loss Prevention 9.6 before SP2 P5 allows remote authenticated users to obtain sensitive information by reading error messages. | |||||
| CVE-2015-0532 | 1 Emc | 1 Rsa Identity Management And Governance | 2025-04-12 | 7.5 HIGH | N/A |
| EMC RSA Identity Management and Governance (IMG) 6.9 before P04 and 6.9.1 before P01 does not properly restrict password resets, which allows remote attackers to obtain access via crafted use of the reset process for an arbitrary valid account name, as demonstrated by a privileged account. | |||||
| CVE-2015-6844 | 1 Emc | 1 Sourceone Email Supervisor | 2025-04-12 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Reviewer in EMC SourceOne Email Supervisor before 7.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2015-4529 | 1 Emc | 5 Documentum Administrator, Documentum Digital Asset Manager, Documentum Taskspace and 2 more | 2025-04-12 | 5.8 MEDIUM | N/A |
| Open redirect vulnerability in EMC Documentum WebTop before 6.8P02, Documentum Administrator before 7.2P01, Documentum Digital Assets Manager through 6.5SP6, Documentum Web Publishers through 6.5SP7, and Documentum Task Space through 6.7SP2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL. | |||||
| CVE-2014-0645 | 1 Emc | 4 Cloud Tiering Appliance, Cloud Tiering Appliance Software, File Management Appliance and 1 more | 2025-04-12 | 4.7 MEDIUM | N/A |
| EMC Cloud Tiering Appliance (CTA) 9.x through 10 SP1 and File Management Appliance (FMA) 7.x store DES password hashes for the root, super, and admin accounts, which makes it easier for context-dependent attackers to obtain sensitive information via a brute-force attack. | |||||
| CVE-2016-0892 | 1 Emc | 1 Rsa Data Loss Prevention | 2025-04-12 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in EMC RSA Data Loss Prevention 9.6 before SP2 P5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2015-0512 | 1 Emc | 1 Unisphere Central | 2025-04-12 | 5.8 MEDIUM | N/A |
| Open redirect vulnerability in EMC Unisphere Central before 4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via an unspecified parameter. | |||||
| CVE-2014-2513 | 1 Emc | 1 Documentum Content Server | 2025-04-12 | 8.2 HIGH | N/A |
| EMC Documentum Content Server before 6.7 SP1 P28, 6.7 SP2 before P15, 7.0 before P15, and 7.1 before P06 does not properly check authorization after creation of an object, which allows remote authenticated users to execute arbitrary code with super-user privileges via a custom script. | |||||
| CVE-2015-0528 | 1 Emc | 1 Isilon Onefs | 2025-04-12 | 7.2 HIGH | N/A |
| The RPC daemon in EMC Isilon OneFS 6.5.x and 7.0.x before 7.0.2.13, 7.1.0 before 7.1.0.6, 7.1.1 before 7.1.1.2, and 7.2.0 before 7.2.0.1 allows local users to gain privileges by leveraging an ability to modify system files. | |||||
| CVE-2014-0629 | 1 Emc | 1 Documentum Taskspace | 2025-04-12 | 8.5 HIGH | N/A |
| EMC Documentum TaskSpace (TSP) 6.7SP1 before P25 and 6.7SP2 before P11 does not properly handle the interaction between the dm_world group and the dm_superusers_dynamic group, which allows remote authenticated users to obtain sensitive information and gain privileges in opportunistic circumstances by leveraging an incorrect group-addition implementation. | |||||
| CVE-2014-2521 | 1 Emc | 1 Documentum Content Server | 2025-04-12 | 6.3 MEDIUM | N/A |
| EMC Documentum Content Server before 6.7 SP2 P16 and 7.x before 7.1 P07 allows remote authenticated users to read sensitive object metadata via an RPC command. | |||||
| CVE-2016-0916 | 1 Emc | 1 Networker | 2025-04-12 | 10.0 HIGH | 9.8 CRITICAL |
| EMC NetWorker 8.2.1.x and 8.2.2.x before 8.2.2.6 and 9.x before 9.0.0.6 mishandles authentication, which allows remote attackers to execute arbitrary commands by leveraging access to a different NetWorker instance. | |||||
| CVE-2015-4527 | 1 Emc | 2 Avamar Server, Avamar Server Virtual Edition | 2025-04-12 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in EMC Avamar Server 7.x before 7.1.2 and Avamar Virtual Addition (AVE) 7.x before 7.1.2 allows remote attackers to read arbitrary files by using the Avamar Desktop/Laptop client interface to send crafted parameters. | |||||
| CVE-2016-0907 | 1 Emc | 2 Isilon Onefs, Isilonsd Edge Onefs | 2025-04-12 | 4.3 MEDIUM | 5.9 MEDIUM |
| EMC Isilon OneFS 7.1.x and 7.2.x before 7.2.1.3 and 8.0.x before 8.0.0.1, and IsilonSD Edge OneFS 8.0.x before 8.0.0.1, does not require SMB signing within a DCERPC session over ncacn_np, which allows man-in-the-middle attackers to spoof SMB clients by modifying the client-server data stream, a similar issue to CVE-2016-2115. | |||||
| CVE-2016-0905 | 1 Emc | 1 Avamar Server | 2025-04-12 | 7.2 HIGH | 6.7 MEDIUM |
| Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 allow local users to obtain root privileges by leveraging admin access and entering a sudo command. | |||||
| CVE-2014-2517 | 1 Emc | 1 Rsa Archer Egrc | 2025-04-12 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote authenticated users to gain privileges via unknown vectors. | |||||
| CVE-2016-0922 | 1 Emc | 1 Vipr Srm | 2025-04-12 | 5.0 MEDIUM | 9.8 CRITICAL |
| EMC ViPR SRM before 3.7.2 does not restrict the number of password-authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force guessing attack. | |||||
| CVE-2014-0635 | 1 Emc | 1 Vplex Geosynchrony | 2025-04-12 | 7.5 HIGH | N/A |
| Session fixation vulnerability in EMC VPLEX GeoSynchrony 4.x and 5.x before 5.3 allows remote attackers to hijack web sessions via unspecified vectors. | |||||
| CVE-2015-6849 | 1 Emc | 1 Networker | 2025-04-12 | 7.8 HIGH | N/A |
| EMC NetWorker before 8.0.4.5, 8.1.x before 8.1.3.6, 8.2.x before 8.2.2.2, and 9.0 before build 407 allows remote attackers to cause a denial of service (process outage) via malformed RPC authentication messages. | |||||
| CVE-2015-4533 | 1 Emc | 1 Documentum Content Server | 2025-04-12 | 9.0 HIGH | N/A |
| EMC Documentum Content Server before 6.7SP1 P32, 6.7SP2 before P25, 7.0 before P19, 7.1 before P16, and 7.2 before P02 does not properly check authorization after creation of an object, which allows remote authenticated users to execute arbitrary code with super-user privileges via a custom script. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2513. | |||||