Filtered by vendor Emc
Subscriptions
Total
414 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-2521 | 1 Emc | 1 Documentum Content Server | 2025-04-12 | N/A |
| EMC Documentum Content Server before 6.7 SP2 P16 and 7.x before 7.1 P07 allows remote authenticated users to read sensitive object metadata via an RPC command. | ||||
| CVE-2016-0893 | 1 Emc | 1 Rsa Data Loss Prevention | 2025-04-12 | N/A |
| EMC RSA Data Loss Prevention 9.6 before SP2 P5 allows remote authenticated users to obtain sensitive information by reading error messages. | ||||
| CVE-2015-0516 | 1 Emc | 2 Vipr Srm, Watch4net | 2025-04-12 | N/A |
| Directory traversal vulnerability in EMC M&R (aka Watch4Net) before 6.5u1 and ViPR SRM before 3.6.1 allows remote authenticated users to read arbitrary files via a crafted URL. | ||||
| CVE-2016-0901 | 1 Emc | 1 Rsa Authentication Manager | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in EMC RSA Authentication Manager before 8.1 SP1 P14 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-0900. | ||||
| CVE-2016-0905 | 1 Emc | 1 Avamar Server | 2025-04-12 | N/A |
| Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 allow local users to obtain root privileges by leveraging admin access and entering a sudo command. | ||||
| CVE-2016-0909 | 1 Emc | 2 Avamar Data Store, Avamar Server Virtual Edition | 2025-04-12 | N/A |
| EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) versions 7.3 and older contain a vulnerability that may expose the Avamar servers to potentially be compromised by malicious users. | ||||
| CVE-2014-2520 | 1 Emc | 1 Documentum Content Server | 2025-04-12 | N/A |
| EMC Documentum Content Server before 6.7 SP2 P16 and 7.x before 7.1 P07, when Oracle Database is used, does not properly restrict DQL hints, which allows remote authenticated users to conduct DQL injection attacks and read sensitive database content via a crafted request. | ||||
| CVE-2014-2517 | 1 Emc | 1 Rsa Archer Egrc | 2025-04-12 | N/A |
| Unspecified vulnerability in EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote authenticated users to gain privileges via unknown vectors. | ||||
| CVE-2016-0900 | 1 Emc | 1 Rsa Authentication Manager | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in EMC RSA Authentication Manager before 8.1 SP1 P14 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-0901. | ||||
| CVE-2016-0902 | 1 Emc | 1 Rsa Authentication Manager | 2025-04-12 | N/A |
| CRLF injection vulnerability in EMC RSA Authentication Manager before 8.1 SP1 P14 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. | ||||
| CVE-2014-2513 | 1 Emc | 1 Documentum Content Server | 2025-04-12 | N/A |
| EMC Documentum Content Server before 6.7 SP1 P28, 6.7 SP2 before P15, 7.0 before P15, and 7.1 before P06 does not properly check authorization after creation of an object, which allows remote authenticated users to execute arbitrary code with super-user privileges via a custom script. | ||||
| CVE-2014-2504 | 1 Emc | 1 Documentum D2 | 2025-04-12 | N/A |
| EMC Documentum D2 3.1 before P20, 3.1 SP1 before P02, 4.0 before P10, 4.1 before P13, and 4.2 before P01 allows remote authenticated users to bypass intended access restrictions and execute arbitrary Documentum Query Language (DQL) queries by calling (1) a core method or (2) a D2FS web-service method. | ||||
| CVE-2015-4525 | 1 Emc | 1 Isilon Onefs | 2025-04-12 | N/A |
| The log-gather implementation in the web administration interface in EMC Isilon OneFS 6.5.x.x through 7.1.1.x before 7.1.1.5 and 7.2.0.x before 7.2.0.2 allows remote authenticated users to execute arbitrary commands with root privileges via unspecified vectors. | ||||
| CVE-2014-2503 | 1 Emc | 1 Documentum Digital Asset Manager | 2025-04-12 | N/A |
| The thumbnail proxy server in EMC Documentum Digital Asset Manager (DAM) 6.5 SP3, 6.5 SP4, 6.5 SP5, and 6.5 SP6 before P13 allows remote attackers to conduct Documentum Query Language (DQL) injection attacks and bypass intended restrictions on querying objects via a crafted parameter in a query string. | ||||
| CVE-2014-2502 | 1 Emc | 1 Rsa Adaptive Authentication Hosted | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in rsa_fso.swf in EMC RSA Adaptive Authentication (Hosted) 11.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2014-2505 | 1 Emc | 1 Rsa Archer Egrc | 2025-04-12 | N/A |
| EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote attackers to trigger the download of arbitrary code, and consequently change the product's functionality, via unspecified vectors. | ||||
| CVE-2014-0624 | 1 Emc | 1 Rsa Data Loss Prevention | 2025-04-12 | N/A |
| EMC RSA Data Loss Prevention (DLP) 9.x before 9.6-SP2 does not properly manage sessions, which allows remote authenticated users to gain privileges and bypass intended content-reading restrictions via unspecified vectors. | ||||
| CVE-2014-2509 | 1 Emc | 1 Smarts Network Configuration Manager | 2025-04-12 | N/A |
| Session fixation vulnerability in the Report Advisor (RA) component in EMC Network Configuration Manager (NCM) before 9.3 allows remote attackers to hijack web sessions via a session cookie. | ||||
| CVE-2014-2512 | 1 Emc | 1 Documentum Eroom | 2025-04-12 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum eRoom 7.4.3, 7.4.4 before P19, and 7.4.4 SP1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2015-0538 | 1 Emc | 1 Autostart | 2025-04-12 | N/A |
| ftagent.exe in EMC AutoStart 5.4.x and 5.5.x before 5.5.0.508 HF4 allows remote attackers to execute arbitrary commands via crafted packets. | ||||