Filtered by vendor Emc
Subscribe
Total
412 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-0939 | 1 Emc | 4 Documentum Records Manager, Documentum Taskspace, Documentum Wdk and 1 more | 2013-05-10 | 5.8 MEDIUM | N/A |
| EMC Documentum Webtop before 6.7 SP2, Documentum WDK before 6.7 SP2, Documentum Taskspace before 6.7 SP2, and Documentum Records Manager before 6.7 SP2 allow remote attackers to obtain sensitive information via vectors involving cross-origin frame navigation, related to a "Cross Frame Scripting" issue. | |||||
| CVE-2013-0938 | 1 Emc | 4 Documentum Records Manager, Documentum Taskspace, Documentum Wdk and 1 more | 2013-05-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in EMC Documentum Webtop before 6.7 SP2, Documentum WDK before 6.7 SP2, Documentum Taskspace before 6.7 SP2, and Documentum Records Manager before 6.7 SP2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2013-0937 | 1 Emc | 4 Documentum Records Manager, Documentum Taskspace, Documentum Wdk and 1 more | 2013-05-10 | 5.8 MEDIUM | N/A |
| Session fixation vulnerability in EMC Documentum Webtop before 6.7 SP2, Documentum WDK before 6.7 SP2, Documentum Taskspace before 6.7 SP2, and Documentum Records Manager before 6.7 SP2 allows remote attackers to hijack web sessions via unspecified vectors. | |||||
| CVE-2013-0934 | 1 Emc | 2 Rsa Archer Egrc, Rsa Archer Smartsuite | 2013-05-07 | 4.0 MEDIUM | N/A |
| EMC RSA Archer 5.x before GRC 5.3SP1, and Archer Smart Suite Framework 4.x, allows remote authenticated users to bypass intended access restrictions and modify global reports via unspecified vectors. | |||||
| CVE-2013-0933 | 1 Emc | 2 Rsa Archer Egrc, Rsa Archer Smartsuite | 2013-05-07 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer 5.x before GRC 5.3SP1, and Archer Smart Suite Framework 4.x, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2013-0932 | 1 Emc | 2 Rsa Archer Egrc, Rsa Archer Smartsuite | 2013-05-07 | 4.0 MEDIUM | N/A |
| EMC RSA Archer 5.x before GRC 5.3SP1, and Archer Smart Suite Framework 4.x, allows remote authenticated users to bypass intended access restrictions and upload arbitrary files via unspecified vectors. | |||||
| CVE-2013-0945 | 1 Emc | 1 Avamar | 2013-05-03 | 9.3 HIGH | N/A |
| EMC Avamar Client before 6.1.101-89 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | |||||
| CVE-2013-0940 | 1 Emc | 1 Networker | 2013-05-03 | 7.2 HIGH | N/A |
| The nsrpush process in the client in EMC NetWorker before 7.6.5.3 and 8.x before 8.0.1.4 sets weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors. | |||||
| CVE-2013-0944 | 1 Emc | 1 Avamar | 2013-05-03 | 3.5 LOW | N/A |
| The web-based file-restore interface in EMC Avamar Server before 6.1.0 allows remote authenticated users to read arbitrary files via a crafted URL. | |||||
| CVE-2012-2284 | 2 Emc, Microsoft | 2 Networker Module For Microsoft Applications, Exchange Server | 2013-04-18 | 2.1 LOW | N/A |
| The (1) install and (2) upgrade processes in EMC NetWorker Module for Microsoft Applications (NMM) 2.2.1, 2.3 before build 122, and 2.4 before build 375, when Exchange Server is used, allow local users to read cleartext administrator credentials via unspecified vectors. | |||||
| CVE-2012-2290 | 1 Emc | 1 Networker Module For Microsoft Applications | 2013-04-18 | 9.3 HIGH | N/A |
| The client in EMC NetWorker Module for Microsoft Applications (NMM) 2.2.1, 2.3 before build 122, and 2.4 before build 375 allows remote attackers to execute arbitrary code by sending a crafted message over a TCP communication channel. | |||||
| CVE-2013-0935 | 1 Emc | 1 Smarts Network Configuration Manager | 2013-04-02 | 9.3 HIGH | N/A |
| EMC Smarts Network Configuration Manager (NCM) before 9.2 does not require authentication for all Java RMI method calls, which allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2013-0936 | 1 Emc | 6 Smarts Ip Manager, Smarts Mpls Manager, Smarts Network Protocol Manager and 3 more | 2013-03-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in EMC Smarts IP Manager, Smarts Service Assurance Manager, Smarts Server Manager, Smarts VoIP Availability Manager, Smarts Network Protocol Manager, and Smarts MPLS Manager before 9.2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | |||||
| CVE-2013-2717 | 1 Emc | 1 Smarts Network Configuration Manager | 2013-03-28 | 9.3 HIGH | N/A |
| Multiple unspecified vulnerabilities in the System Management (aka SysAdmin) Console in EMC Smarts Network Configuration Manager (NCM) through 9.2 have unknown impact and attack vectors, a different issue than CVE-2013-0935. NOTE: this might overlap CVEs for open-source server components or other third-party components. | |||||
| CVE-2012-2282 | 1 Emc | 3 Celerra Network Server, Vnx, Vnxe | 2013-03-21 | 6.5 MEDIUM | N/A |
| EMC Celerra Network Server 6.x before 6.0.61.0, VNX 7.x before 7.0.53.2, and VNXe 2.0 and 2.1 before 2.1.3.19077 (aka MR1 SP3.2) and 2.2 before 2.2.0.19078 (aka MR2 SP0.2) do not properly implement NFS access control, which allows remote authenticated users to read or modify files via a (1) NFSv2, (2) NFSv3, or (3) NFSv4 request. | |||||
| CVE-2012-2288 | 1 Emc | 1 Networker | 2013-03-05 | 9.3 HIGH | N/A |
| Format string vulnerability in the nsrd RPC service in EMC NetWorker 7.6.3 and 7.6.4 before 7.6.4.1, and 8.0 before 8.0.0.1, allows remote attackers to execute arbitrary code via format string specifiers in a message. | |||||
| CVE-2012-4613 | 1 Emc | 1 Rsa Data Protection Manager Appliance | 2013-02-25 | 6.9 MEDIUM | N/A |
| EMC RSA Data Protection Manager Appliance 2.7.x and 3.x before 3.2.1 does not properly restrict the number of authentication attempts by a user account, which makes it easier for local users to bypass intended access restrictions via a brute-force attack. | |||||
| CVE-2012-4612 | 1 Emc | 2 Rsa Data Protection Manager Appliance, Rsa Data Protection Manager Software Server | 2013-02-25 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in EMC RSA Data Protection Manager Appliance and Software Server 2.7.x and 3.x before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2012-2289 | 1 Emc | 2 Applicationxtender Desktop, Applicationxtender Web Access .net | 2013-02-13 | 7.5 HIGH | N/A |
| EMC ApplicationXtender Desktop before 6.5 SP2 and ApplicationXtender Web Access .NET before 6.5 SP2 allow remote attackers to upload files to any location, and possibly execute arbitrary code, via unspecified vectors. | |||||
| CVE-2012-2286 | 1 Emc | 1 Rsa Adaptive Authentication On-premise | 2013-02-11 | 2.9 LOW | N/A |
| Unspecified vulnerability in EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 before SP3 P3 allows remote attackers to obtain sensitive information via unknown vectors. | |||||