| CVE-2012-2279 |
medium |
— |
6.4 |
|
|
emcrsa |
14y ago |
Open redirect vulnerability in the Security Console in EMC RSA Authentication Manager 7.1 before SP4 P14 and RSA SecurID Appliance 3.0 before SP4 P14 allows remote attackers to redirect users to arbi… |
| CVE-2012-2278 |
medium |
— |
4.3 |
|
|
emcrsa |
14y ago |
Multiple cross-site scripting (XSS) vulnerabilities in the (1) Self-Service Console and (2) Security Console in EMC RSA Authentication Manager 7.1 before SP4 P14 and RSA SecurID Appliance 3.0 before … |
| CVE-2012-0409 |
high |
— |
7.5 |
|
|
emc |
14y ago |
Multiple buffer overflows in EMC AutoStart 5.3.x and 5.4.x before 5.4.3 allow remote attackers to cause a denial of service (agent crash) or possibly execute arbitrary code via crafted packets. |
| CVE-2012-2277 |
high |
— |
8.8 |
EXP |
|
emc |
14y ago |
The IRM Server in EMC Documentum Information Rights Management 4.x before 4.7.0100 and 5.x before 5.0.1030 allows remote attackers to cause a denial of service (pvcontrol.exe process hang) via \n (li… |
| CVE-2012-2276 |
high |
— |
8.8 |
EXP |
|
emc |
14y ago |
The IRM Server in EMC Documentum Information Rights Management 4.x before 4.7.0100 and 5.x before 5.0.1030 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon cr… |
| CVE-2012-0407 |
medium |
— |
6.0 |
EXP |
|
emc |
14y ago |
Integer overflow in the DPA_Utilities library in EMC Data Protection Advisor (DPA) 5.5 through 5.8 SP1 allows remote attackers to cause a denial of service (infinite loop) via a negative 64-bit value… |
| CVE-2012-0406 |
high |
— |
8.8 |
EXP |
|
emc |
14y ago |
The DPA_Utilities.cProcessAuthenticationData function in EMC Data Protection Advisor (DPA) 5.5 through 5.8 SP1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemo… |
| CVE-2012-0404 |
medium |
— |
4.3 |
|
|
emc |
14y ago |
Cross-site scripting (XSS) vulnerability in EMC Documentum eRoom before 7.4.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
| CVE-2012-0398 |
high |
— |
7.5 |
|
|
emc |
14y ago |
EMC Documentum eRoom before 7.4.4 does not properly validate session cookies, which allows remote attackers to hijack or replay sessions via unspecified vectors. |
| CVE-2012-0396 |
medium |
— |
4.0 |
|
|
emc |
15y ago |
EMC Documentum xPlore 1.0, 1.1 before P07, and 1.2 does not properly enforce the requirement for BROWSE permission, which allows remote authenticated users to determine the existence of an object, or… |
| CVE-2011-4144 |
medium |
— |
6.8 |
|
|
emc |
15y ago |
Unspecified vulnerability in EMC Documentum Content Server 6.0, 6.5 before SP2 P02, 6.5 SP3 before SP3 P02, and 6.6 before P02 allows local users to obtain "highest super user privileges" by leveragi… |
| CVE-2011-2742 |
medium |
— |
6.8 |
|
|
emc |
15y ago |
EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, SP1 Patch 3, SP2, SP2 Patch 1, and SP3 does not properly perform forensic evaluation upon receipt of device tokens from mobile a… |
| CVE-2011-2741 |
medium |
— |
6.8 |
|
|
emc |
15y ago |
EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, SP1 Patch 3, SP2, SP2 Patch 1, and SP3 does not properly implement Device Recovery and Device Identification, which might allow … |
| CVE-2011-2739 |
high |
— |
8.5 |
|
|
emc |
15y ago |
The file-blocking feature in EMC Documentum eRoom 7.3.x and 7.4.x before 7.4.3.g does not properly restrict the uploading and opening of files with dangerous file types, which allows remote authentic… |
| CVE-2011-1740 |
high |
— |
7.7 |
|
|
emc |
15y ago |
EMC Avamar 4.x, 5.0.x, and 6.0.x before 6.0.0-592 allows remote authenticated users to modify client data or obtain sensitive information about product activities by leveraging privileged access to a… |
| CVE-2011-2735 |
high |
— |
7.9 |
|
|
emc |
15y ago |
Multiple buffer overflows in EMC AutoStart 5.3.x and 5.4.x before 5.4.1 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by sending a crafted mess… |
| CVE-2011-2733 |
high |
— |
7.5 |
|
|
emc |
15y ago |
EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, SP1 Patch 3, SP2, SP2 Patch 1, and SP3 does not prevent reuse of authentication information during a session, which allows remot… |
| CVE-2011-1744 |
medium |
— |
5.8 |
|
|
emc |
15y ago |
EMC Captiva eInput 2.1.1 before 2.1.1.37 does not restrict the origin of calls to ActiveX functions, which allows remote attackers to read arbitrary files or cause a denial of service via a crafted w… |
| CVE-2011-1743 |
medium |
— |
4.3 |
|
|
emc |
15y ago |
Cross-site scripting (XSS) vulnerability in EMC Captiva eInput 2.1.1 before 2.1.1.37 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
| CVE-2011-1423 |
medium |
— |
4.3 |
|
|
emc |
15y ago |
Cross-site scripting (XSS) vulnerability in RSA Data Loss Prevention (DLP) Enterprise Manager 8.x before 8.5 SP1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
| CVE-2011-1422 |
medium |
— |
4.3 |
|
|
emc |
15y ago |
Cross-site scripting (XSS) vulnerability in an unspecified Shockwave Flash file in EMC RSA Adaptive Authentication On-Premise (AAOP) 2.x, 5.7.x, and 6.x allows remote attackers to inject arbitrary we… |
| CVE-2011-1421 |
medium |
— |
6.9 |
|
|
emc |
15y ago |
EMC NetWorker 7.5.x before 7.5.4.3 and 7.6.x before 7.6.1.5, when the client push feature is enabled, uses weak permissions for an unspecified file, which allows local users to gain privileges via un… |
| CVE-2011-1420 |
high |
— |
7.2 |
|
|
emc |
15y ago |
EMC Data Protection Advisor Collector 5.7 and 5.7.1 on Solaris SPARC platforms uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors. |
| CVE-2011-0648 |
high |
— |
8.5 |
|
|
emc |
15y ago |
Unspecified vulnerability in EMC Avamar before 5.0.4-30 allows remote authenticated users to gain privileges via unknown vectors. |
| CVE-2011-0321 |
medium |
— |
6.4 |
|
|
emc |
16y ago |
librpc.dll in nsrexecd in EMC NetWorker before 7.5 SP4, 7.5.3.x before 7.5.3.5, and 7.6.x before 7.6.1.2 does not properly mitigate the possibility of a spoofed localhost source IP address, which all… |
| CVE-2010-2633 |
high |
— |
7.8 |
|
|
emc |
16y ago |
Unspecified vulnerability in EMC Disk Library (EDL) before 3.2.7, 3.3.x before 3.3.2 epatch 8, and 4.0.x before 4.0.1 epatch 4 allows remote attackers to cause a denial of service (communication-modu… |
| CVE-2010-1904 |
medium |
— |
6.8 |
|
|
emc |
16y ago |
SQL injection vulnerability in EMC RSA Key Manager (RKM) C Client 1.5.x allows user-assisted remote attackers to execute arbitrary SQL commands via the metadata section of encrypted key data. |
| CVE-2010-1919 |
high |
— |
7.1 |
|
|
emc |
16y ago |
Unspecified vulnerability in EMC Avamar 4.1.x and 5.0 before SP1 allows remote attackers to cause a denial of service (gsan service hang) by sending a crafted message using TCP. |
