Filtered by vendor Emc
Subscriptions
Total
414 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-4546 | 1 Emc | 2 Rsa Certificate Manager, Rsa Onestep | 2025-04-12 | N/A |
| Directory traversal vulnerability in EMC RSA OneStep 6.9 before build 559, as used in RSA Certificate Manager and RSA Registration Manager through 6.9 build 558 and other products, allows remote attackers to read arbitrary files via a crafted KCSOSC_ERROR_PAGE parameter. | ||||
| CVE-2015-4525 | 1 Emc | 1 Isilon Onefs | 2025-04-12 | N/A |
| The log-gather implementation in the web administration interface in EMC Isilon OneFS 6.5.x.x through 7.1.1.x before 7.1.1.5 and 7.2.0.x before 7.2.0.2 allows remote authenticated users to execute arbitrary commands with root privileges via unspecified vectors. | ||||
| CVE-2014-2511 | 1 Emc | 8 Digital Assets Manager, Documentum Administrator, Documentum Capital Projects and 5 more | 2025-04-12 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum WebTop before 6.7 SP1 P28 and 6.7 SP2 before P14 allow remote attackers to inject arbitrary web script or HTML via the (1) startat or (2) entryId parameter. | ||||
| CVE-2015-6846 | 1 Emc | 1 Sourceone Email Supervisor | 2025-04-12 | N/A |
| EMC SourceOne Email Supervisor before 7.2 uses hardcoded encryption keys, which makes it easier for attackers to obtain access by examining how a program's code conducts cryptographic operations. | ||||
| CVE-2015-6843 | 1 Emc | 1 Sourceone Email Supervisor | 2025-04-12 | N/A |
| Reviewer in EMC SourceOne Email Supervisor before 7.2 does not properly limit attempts to authenticate, which makes it easier for remote attackers to obtain access via a brute-force approach. | ||||
| CVE-2015-6844 | 1 Emc | 1 Sourceone Email Supervisor | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in Reviewer in EMC SourceOne Email Supervisor before 7.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2014-2509 | 1 Emc | 1 Smarts Network Configuration Manager | 2025-04-12 | N/A |
| Session fixation vulnerability in the Report Advisor (RA) component in EMC Network Configuration Manager (NCM) before 9.3 allows remote attackers to hijack web sessions via a session cookie. | ||||
| CVE-2015-6849 | 1 Emc | 1 Networker | 2025-04-12 | N/A |
| EMC NetWorker before 8.0.4.5, 8.1.x before 8.1.3.6, 8.2.x before 8.2.2.2, and 9.0 before build 407 allows remote attackers to cause a denial of service (process outage) via malformed RPC authentication messages. | ||||
| CVE-2016-0881 | 1 Emc | 1 Documentum Xcp | 2025-04-12 | N/A |
| EMC Documentum xCP 2.1 before patch 23 and 2.2 before patch 11 allows remote authenticated users to conduct Documentum Query Language (DQL) injection attacks and obtain sensitive repository information by appending a query to a REST request. | ||||
| CVE-2016-0882 | 1 Emc | 1 Documentum Xcp | 2025-04-12 | N/A |
| EMC Documentum xCP 2.1 before patch 23 and 2.2 before patch 11 allows remote authenticated users to read arbitrary files via a POST request containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | ||||
| CVE-2014-2504 | 1 Emc | 1 Documentum D2 | 2025-04-12 | N/A |
| EMC Documentum D2 3.1 before P20, 3.1 SP1 before P02, 4.0 before P10, 4.1 before P13, and 4.2 before P01 allows remote authenticated users to bypass intended access restrictions and execute arbitrary Documentum Query Language (DQL) queries by calling (1) a core method or (2) a D2FS web-service method. | ||||
| CVE-2014-2503 | 1 Emc | 1 Documentum Digital Asset Manager | 2025-04-12 | N/A |
| The thumbnail proxy server in EMC Documentum Digital Asset Manager (DAM) 6.5 SP3, 6.5 SP4, 6.5 SP5, and 6.5 SP6 before P13 allows remote attackers to conduct Documentum Query Language (DQL) injection attacks and bypass intended restrictions on querying objects via a crafted parameter in a query string. | ||||
| CVE-2016-6642 | 1 Emc | 1 Vipr Srm | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in EMC ViPR SRM before 3.7.2 allows remote attackers to hijack the authentication of administrators for requests that upload files. | ||||
| CVE-2016-0895 | 1 Emc | 1 Rsa Data Loss Prevention | 2025-04-12 | N/A |
| EMC RSA Data Loss Prevention 9.6 before SP2 P5 allows remote attackers to conduct clickjacking attacks via web-site elements with crafted transparency or opacity. | ||||
| CVE-2014-2502 | 1 Emc | 1 Rsa Adaptive Authentication Hosted | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in rsa_fso.swf in EMC RSA Adaptive Authentication (Hosted) 11.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2014-2505 | 1 Emc | 1 Rsa Archer Egrc | 2025-04-12 | N/A |
| EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote attackers to trigger the download of arbitrary code, and consequently change the product's functionality, via unspecified vectors. | ||||
| CVE-2014-2276 | 1 Emc | 1 Connectrix Manager | 2025-04-12 | N/A |
| The FileUploadController servlet in EMC Connectrix Manager Converged Network Edition (CMCNE) before 12.1.5 does not properly restrict additions to the Connectrix Manager repository, which allows remote attackers to obtain sensitive information by importing a crafted firmware file. | ||||
| CVE-2016-0910 | 1 Emc | 1 Data Domain Os | 2025-04-12 | N/A |
| EMC Data Domain OS 5.5 before 5.5.4.0, 5.6 before 5.6.1.004, and 5.7 before 5.7.2.0 stores session identifiers of GUI users in a world-readable file, which allows local users to hijack arbitrary accounts via unspecified vectors. | ||||
| CVE-2016-0914 | 1 Emc | 4 Documentum Administrator, Documentum Capital Projects, Documentum Taskspace and 1 more | 2025-04-12 | N/A |
| EMC Documentum WebTop 6.8 before Patch 13 and 6.8.1 before Patch 02, Documentum Administrator 7.x before 7.2 Patch 13, Documentum Capital Projects 1.9 before Patch 23 and 1.10 before Patch 10, and Documentum TaskSpace 6.7 SP3 allow remote authenticated users to bypass intended access restrictions and execute arbitrary IAPI/IDQL commands via the IAPI/IDQL interface. | ||||
| CVE-2014-0645 | 1 Emc | 4 Cloud Tiering Appliance, Cloud Tiering Appliance Software, File Management Appliance and 1 more | 2025-04-12 | N/A |
| EMC Cloud Tiering Appliance (CTA) 9.x through 10 SP1 and File Management Appliance (FMA) 7.x store DES password hashes for the root, super, and admin accounts, which makes it easier for context-dependent attackers to obtain sensitive information via a brute-force attack. | ||||