Filtered by vendor Emc
Subscriptions
Total
414 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2011-1424 | 3 Emc, Ibm, Microsoft | 4 Sourceone Email Management, Lotus Domino, Lotus Notes and 1 more | 2025-04-11 | N/A |
The default configuration of ExShortcut\Web.config in EMC SourceOne Email Management before 6.6 SP1, when the Mobile Services component is used, does not properly set the localOnly attribute of the trace element, which allows remote authenticated users to obtain sensitive information via ASP.NET Application Tracing. | ||||
CVE-2011-1741 | 1 Emc | 1 Documentum Eroom | 2025-04-11 | N/A |
Stack-based buffer overflow in ftserver.exe in the OpenText Hummingbird Client Connector, as used in the Indexing Server in EMC Documentum eRoom 7.x before 7.4.3.f and other products, allows remote attackers to execute arbitrary code by sending a crafted message over TCP. | ||||
CVE-2011-1742 | 1 Emc | 1 Data Protection Advisor | 2025-04-11 | N/A |
EMC Data Protection Advisor before 5.8.1 places cleartext account credentials in the DPA configuration file in unspecified circumstances, which might allow local users to obtain sensitive information by reading this file. | ||||
CVE-2011-2741 | 1 Emc | 1 Rsa Adaptive Authentication On-premise | 2025-04-11 | N/A |
EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, SP1 Patch 3, SP2, SP2 Patch 1, and SP3 does not properly implement Device Recovery and Device Identification, which might allow remote attackers to bypass intended security restrictions on a (1) previously non-registered device or (2) registered device by sending unspecified "data elements." | ||||
CVE-2011-2733 | 1 Emc | 1 Rsa Adaptive Authentication On-premise | 2025-04-11 | N/A |
EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, SP1 Patch 3, SP2, SP2 Patch 1, and SP3 does not prevent reuse of authentication information during a session, which allows remote authenticated users to bypass intended access restrictions via vectors related to knowledge of the originally used authentication information and unspecified other session information. | ||||
CVE-2011-2735 | 1 Emc | 1 Autostart | 2025-04-11 | N/A |
Multiple buffer overflows in EMC AutoStart 5.3.x and 5.4.x before 5.4.1 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by sending a crafted message over TCP. | ||||
CVE-2011-2738 | 2 Cisco, Emc | 6 Ciscoworks Lan Management Solution, Unified Operations Manager, Unified Service Monitor and 3 more | 2025-04-11 | N/A |
Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used in Unified Operations Manager before 8.6 and CiscoWorks LAN Management Solution 3.x and 4.x before 4.1; and multiple EMC Ionix products including Application Connectivity Monitor (Ionix ACM) 2.3 and earlier, Adapter for Alcatel-Lucent 5620 SAM EMS (Ionix ASAM) 3.2.0.2 and earlier, IP Management Suite (Ionix IP) 8.1.1.1 and earlier, and other Ionix products; allow remote attackers to execute arbitrary code via crafted packets to TCP port 9002, aka Bug IDs CSCtn42961 and CSCtn64922, related to a buffer overflow. | ||||
CVE-2011-2739 | 1 Emc | 1 Documentum Eroom | 2025-04-11 | N/A |
The file-blocking feature in EMC Documentum eRoom 7.3.x and 7.4.x before 7.4.3.g does not properly restrict the uploading and opening of files with dangerous file types, which allows remote authenticated users to execute arbitrary code via an uploaded file. | ||||
CVE-2011-2740 | 2 Emc, Mozilla | 2 Rsa Key Manager Appliance, Firefox | 2025-04-11 | N/A |
EMC RSA Key Manager (RKM) Appliance 2.7 SP1 before 2.7.1.6, when Firefox 4.x or 5.0 is used, does not properly terminate a user session upon a logout action, which makes it easier for remote attackers to execute arbitrary code by leveraging an unattended workstation. | ||||
CVE-2011-2742 | 1 Emc | 1 Rsa Adaptive Authentication On-premise | 2025-04-11 | N/A |
EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, SP1 Patch 3, SP2, SP2 Patch 1, and SP3 does not properly perform forensic evaluation upon receipt of device tokens from mobile apps, which might allow remote attackers to bypass intended application restrictions via a mobile device. | ||||
CVE-2011-4142 | 1 Emc | 1 Sourceone Email Management | 2025-04-11 | N/A |
The Web Search feature in EMC SourceOne Email Management 6.5 before 6.5.2.4033, 6.6 before 6.6.1.2194, and 6.7 before 6.7.2.2033 places cleartext credentials in log files, which allows local users to obtain sensitive information by reading these files. | ||||
CVE-2011-4144 | 2 Centos, Emc | 2 Centos, Documentum Content Server | 2025-04-11 | N/A |
Unspecified vulnerability in EMC Documentum Content Server 6.0, 6.5 before SP2 P02, 6.5 SP3 before SP3 P02, and 6.6 before P02 allows local users to obtain "highest super user privileges" by leveraging system administrator privileges. | ||||
CVE-2012-0396 | 1 Emc | 1 Documentum Xplore | 2025-04-11 | N/A |
EMC Documentum xPlore 1.0, 1.1 before P07, and 1.2 does not properly enforce the requirement for BROWSE permission, which allows remote authenticated users to determine the existence of an object, or read object metadata, via a search. | ||||
CVE-2012-0406 | 1 Emc | 1 Data Protection Advisor | 2025-04-11 | N/A |
The DPA_Utilities.cProcessAuthenticationData function in EMC Data Protection Advisor (DPA) 5.5 through 5.8 SP1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an AUTHENTICATECONNECTION command that (1) lacks a password field or (2) has an empty password. | ||||
CVE-2008-3684 | 1 Emc | 1 Documentum Applicationxtender | 2025-04-09 | N/A |
Heap-based buffer overflow in aws_tmxn.exe in the Admin Agent service in the server in EMC Documentum ApplicationXtender Workflow, possibly 5.40 SP1 and earlier, allows remote attackers to execute arbitrary code via crafted packet data to TCP port 2606. | ||||
CVE-2008-3288 | 1 Emc | 1 Dantz Retrospect Backup Server | 2025-04-09 | N/A |
The Server Authentication Module in EMC Dantz Retrospect Backup Server 7.5.508 uses a "weak hash algorithm," which makes it easier for context-dependent attackers to recover passwords. | ||||
CVE-2007-4058 | 1 Emc | 1 Vmware | 2025-04-09 | N/A |
Absolute path traversal vulnerability in a certain ActiveX control in vielib.dll 2.2.5.42958 in EMC VMware 6.0.0 allows remote attackers to execute arbitrary local programs via a full pathname in the first argument to the StartProcess method. | ||||
CVE-2007-6426 | 1 Emc | 1 Replistor | 2025-04-09 | N/A |
Multiple heap-based buffer overflows in EMC RepliStor 6.2 SP2, and possibly earlier versions, allow remote attackers to execute arbitrary code via crafted compressed data. | ||||
CVE-2007-3618 | 1 Emc | 1 Legato Networker | 2025-04-09 | N/A |
Stack-based buffer overflow in the NetWorker Remote Exec Service (nsrexecd.exe) in EMC Software NetWorker 7.x.x allows remote attackers to execute arbitrary code via a (1) poll or (2) kill request with a "long invalid subcmd." | ||||
CVE-2008-4916 | 2 Emc, Vmware | 7 Vmware Player, Vmware Ace, Vmware Esx and 4 more | 2025-04-09 | N/A |
Unspecified vulnerability in a guest virtual device driver in VMware Workstation before 5.5.9 build 126128, and 6.5.1 and earlier 6.x versions; VMware Player before 1.0.9 build 126128, and 2.5.1 and earlier 2.x versions; VMware ACE before 1.0.8 build 125922, and 2.5.1 and earlier 2.x versions; VMware Server 1.x before 1.0.8 build 126538 and 2.0.x before 2.0.1 build 156745; VMware Fusion before 2.0.1; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to cause a denial of service (host OS crash) via unknown vectors. |