Filtered by vendor Emc
Subscribe
Total
412 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-2293 | 1 Emc | 2 Rsa Archer Egrc, Rsa Archer Smartsuite | 2013-02-06 | 6.5 MEDIUM | N/A |
| Directory traversal vulnerability in EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 allows remote authenticated users to upload files, and consequently execute arbitrary code, via a relative path. | |||||
| CVE-2012-1064 | 1 Emc | 2 Rsa Archer Egrc, Rsa Archer Smartsuite | 2013-02-06 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2012-2294 | 1 Emc | 2 Rsa Archer Egrc, Rsa Archer Smartsuite | 2013-02-06 | 6.8 MEDIUM | N/A |
| EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 allow remote attackers to conduct clickjacking attacks via a crafted web page. | |||||
| CVE-2012-2292 | 1 Emc | 2 Rsa Archer Egrc, Rsa Archer Smartsuite | 2013-02-06 | 7.5 HIGH | N/A |
| The Silverlight cross-domain policy in EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 does not restrict access to the Archer application, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors. | |||||
| CVE-2012-2291 | 3 Apple, Emc, Hp | 4 Mac Os X, Avamar, Avamar Plugin and 1 more | 2013-01-21 | 7.2 HIGH | N/A |
| EMC Avamar Client 4.x, 5.x, and 6.x on HP-UX and Mac OS X, and the EMC Avamar plugin 4.x, 5.x, and 6.x for Oracle, uses world-writable permissions for cache directories, which allows local users to gain privileges via an unspecified symlink attack. | |||||
| CVE-2012-4607 | 1 Emc | 1 Networker | 2013-01-20 | 9.3 HIGH | N/A |
| Buffer overflow in nsrindexd in EMC NetWorker 7.5.x and 7.6.x before 7.6.5, and 8.x before 8.0.0.6, allows remote attackers to execute arbitrary code via crafted SunRPC data. | |||||
| CVE-2012-4616 | 1 Emc | 1 Data Protection Advisor | 2012-12-27 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the Web UI in EMC Data Protection Advisor (DPA) 5.6 through SP1, 5.7 through SP1, and 5.8 through SP4 allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2012-4609 | 1 Emc | 1 Rsa Netwitness Informer | 2012-12-05 | 4.3 MEDIUM | N/A |
| The web interface in EMC RSA NetWitness Informer before 2.0.5.6 allows remote attackers to conduct clickjacking attacks via unspecified vectors. | |||||
| CVE-2012-4608 | 1 Emc | 1 Rsa Netwitness Informer | 2012-12-05 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in the web interface in EMC RSA NetWitness Informer before 2.0.5.6 allows remote attackers to hijack the authentication of arbitrary users. | |||||
| CVE-2012-0409 | 1 Emc | 1 Autostart | 2012-10-29 | 7.5 HIGH | N/A |
| Multiple buffer overflows in EMC AutoStart 5.3.x and 5.4.x before 5.4.3 allow remote attackers to cause a denial of service (agent crash) or possibly execute arbitrary code via crafted packets. | |||||
| CVE-2012-0407 | 1 Emc | 1 Data Protection Advisor | 2012-08-13 | 5.0 MEDIUM | N/A |
| Integer overflow in the DPA_Utilities library in EMC Data Protection Advisor (DPA) 5.5 through 5.8 SP1 allows remote attackers to cause a denial of service (infinite loop) via a negative 64-bit value in a certain size field. | |||||
| CVE-2012-0406 | 1 Emc | 1 Data Protection Advisor | 2012-08-13 | 7.8 HIGH | N/A |
| The DPA_Utilities.cProcessAuthenticationData function in EMC Data Protection Advisor (DPA) 5.5 through 5.8 SP1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an AUTHENTICATECONNECTION command that (1) lacks a password field or (2) has an empty password. | |||||
| CVE-2012-2515 | 2 Emc, Ge | 7 Captiva Quickscan Pro, Documentum Applicationxtender Desktop, Intelligent Platforms Proficy Batch Execution and 4 more | 2012-07-16 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in the KeyHelp.KeyCtrl.1 ActiveX control in KeyHelp.ocx 1.2.312 in KeyWorks KeyHelp Module (aka the HTML Help component), as used in EMC Documentum ApplicationXtender Desktop 5.4; EMC Captiva Quickscan Pro 4.6 SP1; GE Intelligent Platforms Proficy Historian 3.1, 3.5, 4.0, and 4.5; GE Intelligent Platforms Proficy HMI/SCADA iFIX 5.0 and 5.1; GE Intelligent Platforms Proficy Pulse 1.0; GE Intelligent Platforms Proficy Batch Execution 5.6; GE Intelligent Platforms SI7 I/O Driver 7.20 through 7.42; and other products, allow remote attackers to execute arbitrary code via a long string in the second argument to the (1) JumpMappedID or (2) JumpURL method. | |||||
| CVE-2002-0113 | 1 Emc | 1 Networker | 2012-03-29 | 4.6 MEDIUM | N/A |
| EMC NetWorker (formerly Legato NetWorker) before 7.0 stores log files in the /nsr/logs/ directory with world-readable permissions, which allows local users to read sensitive information and possibly gain privileges. NOTE: this was originally reported for Legato NetWorker 6.1 on the Solaris 7 platform. | |||||
| CVE-2002-0114 | 1 Emc | 1 Networker | 2012-03-29 | 4.6 MEDIUM | N/A |
| EMC NetWorker (formerly Legato NetWorker) before 7.0 stores passwords in plaintext in the daemon.log file, which allows local users to gain privileges by reading the password from the file. NOTE: this was originally reported for Legato NetWorker 6.1 on the Solaris 7 platform. | |||||
| CVE-2012-0404 | 1 Emc | 1 Documentum Eroom | 2012-03-14 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in EMC Documentum eRoom before 7.4.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2012-0398 | 1 Emc | 1 Documentum Eroom | 2012-03-14 | 7.5 HIGH | N/A |
| EMC Documentum eRoom before 7.4.4 does not properly validate session cookies, which allows remote attackers to hijack or replay sessions via unspecified vectors. | |||||
| CVE-2011-2740 | 2 Emc, Mozilla | 2 Rsa Key Manager Appliance, Firefox | 2012-02-16 | 9.3 HIGH | N/A |
| EMC RSA Key Manager (RKM) Appliance 2.7 SP1 before 2.7.1.6, when Firefox 4.x or 5.0 is used, does not properly terminate a user session upon a logout action, which makes it easier for remote attackers to execute arbitrary code by leveraging an unattended workstation. | |||||
| CVE-2011-4144 | 2 Centos, Emc | 2 Centos, Documentum Content Server | 2012-02-15 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in EMC Documentum Content Server 6.0, 6.5 before SP2 P02, 6.5 SP3 before SP3 P02, and 6.6 before P02 allows local users to obtain "highest super user privileges" by leveraging system administrator privileges. | |||||
| CVE-2011-2739 | 1 Emc | 1 Documentum Eroom | 2012-02-13 | 8.5 HIGH | N/A |
| The file-blocking feature in EMC Documentum eRoom 7.3.x and 7.4.x before 7.4.3.g does not properly restrict the uploading and opening of files with dangerous file types, which allows remote authenticated users to execute arbitrary code via an uploaded file. | |||||