Filtered by vendor Emc
Subscribe
Total
416 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-0935 | 1 Emc | 1 Smarts Network Configuration Manager | 2024-11-21 | 9.3 HIGH | N/A |
| EMC Smarts Network Configuration Manager (NCM) before 9.2 does not require authentication for all Java RMI method calls, which allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2013-0934 | 1 Emc | 2 Rsa Archer Egrc, Rsa Archer Smartsuite | 2024-11-21 | 4.0 MEDIUM | N/A |
| EMC RSA Archer 5.x before GRC 5.3SP1, and Archer Smart Suite Framework 4.x, allows remote authenticated users to bypass intended access restrictions and modify global reports via unspecified vectors. | |||||
| CVE-2013-0933 | 1 Emc | 2 Rsa Archer Egrc, Rsa Archer Smartsuite | 2024-11-21 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer 5.x before GRC 5.3SP1, and Archer Smart Suite Framework 4.x, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2013-0932 | 1 Emc | 2 Rsa Archer Egrc, Rsa Archer Smartsuite | 2024-11-21 | 4.0 MEDIUM | N/A |
| EMC RSA Archer 5.x before GRC 5.3SP1, and Archer Smart Suite Framework 4.x, allows remote authenticated users to bypass intended access restrictions and upload arbitrary files via unspecified vectors. | |||||
| CVE-2013-0930 | 1 Emc | 1 Alphastor | 2024-11-21 | 7.6 HIGH | N/A |
| Buffer overflow in Drive Control Program (DCP) in EMC AlphaStor 4.0 before build 814 allows remote attackers to execute arbitrary code via vectors involving a new device name. | |||||
| CVE-2013-0929 | 1 Emc | 1 Alphastor | 2024-11-21 | 7.6 HIGH | N/A |
| Format string vulnerability in the _vsnsprintf function in rrobotd.exe in the Device Manager in EMC AlphaStor 4.0 before build 800 allows remote attackers to execute arbitrary code via format string specifiers in a command. | |||||
| CVE-2013-0928 | 1 Emc | 1 Alphastor | 2024-11-21 | 9.3 HIGH | N/A |
| The NetWorker command processor in rrobotd.exe in the Device Manager in EMC AlphaStor 4.0 before build 800 allows remote attackers to execute arbitrary commands via a DCP "run command" operation. | |||||
| CVE-2012-4616 | 1 Emc | 1 Data Protection Advisor | 2024-11-21 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the Web UI in EMC Data Protection Advisor (DPA) 5.6 through SP1, 5.7 through SP1, and 5.8 through SP4 allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2012-4615 | 1 Emc | 1 It Operations Intelligence | 2024-11-21 | 2.1 LOW | N/A |
| EMC Smarts Network Configuration Manager (NCM) before 9.1 uses a hardcoded encryption key for the storage of credentials, which allows local users to obtain sensitive information via unspecified vectors. | |||||
| CVE-2012-4614 | 1 Emc | 1 It Operations Intelligence | 2024-11-21 | 9.3 HIGH | N/A |
| The default configuration of EMC Smarts Network Configuration Manager (NCM) before 9.1 does not require authentication for database access, which allows remote attackers to have an unspecified impact via a network session. | |||||
| CVE-2012-4613 | 1 Emc | 1 Rsa Data Protection Manager Appliance | 2024-11-21 | 6.9 MEDIUM | N/A |
| EMC RSA Data Protection Manager Appliance 2.7.x and 3.x before 3.2.1 does not properly restrict the number of authentication attempts by a user account, which makes it easier for local users to bypass intended access restrictions via a brute-force attack. | |||||
| CVE-2012-4612 | 1 Emc | 2 Rsa Data Protection Manager Appliance, Rsa Data Protection Manager Software Server | 2024-11-21 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in EMC RSA Data Protection Manager Appliance and Software Server 2.7.x and 3.x before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2012-4611 | 1 Emc | 1 Rsa Adaptive Authentication On-premise | 2024-11-21 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Adaptive Authentication On-Premise (AAOP) before 7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2012-4610 | 1 Emc | 1 Avamar | 2024-11-21 | 3.3 LOW | N/A |
| EMC Avamar Client for VMware 6.1 stores the cleartext server root password on the proxy client, which might allow remote attackers to obtain sensitive information by leveraging "network access" to the proxy client. | |||||
| CVE-2012-4609 | 1 Emc | 1 Rsa Netwitness Informer | 2024-11-21 | 4.3 MEDIUM | N/A |
| The web interface in EMC RSA NetWitness Informer before 2.0.5.6 allows remote attackers to conduct clickjacking attacks via unspecified vectors. | |||||
| CVE-2012-4608 | 1 Emc | 1 Rsa Netwitness Informer | 2024-11-21 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in the web interface in EMC RSA NetWitness Informer before 2.0.5.6 allows remote attackers to hijack the authentication of arbitrary users. | |||||
| CVE-2012-4607 | 1 Emc | 1 Networker | 2024-11-21 | 9.3 HIGH | N/A |
| Buffer overflow in nsrindexd in EMC NetWorker 7.5.x and 7.6.x before 7.6.5, and 8.x before 8.0.0.6, allows remote attackers to execute arbitrary code via crafted SunRPC data. | |||||
| CVE-2012-2515 | 2 Emc, Ge | 7 Captiva Quickscan Pro, Documentum Applicationxtender Desktop, Intelligent Platforms Proficy Batch Execution and 4 more | 2024-11-21 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in the KeyHelp.KeyCtrl.1 ActiveX control in KeyHelp.ocx 1.2.312 in KeyWorks KeyHelp Module (aka the HTML Help component), as used in EMC Documentum ApplicationXtender Desktop 5.4; EMC Captiva Quickscan Pro 4.6 SP1; GE Intelligent Platforms Proficy Historian 3.1, 3.5, 4.0, and 4.5; GE Intelligent Platforms Proficy HMI/SCADA iFIX 5.0 and 5.1; GE Intelligent Platforms Proficy Pulse 1.0; GE Intelligent Platforms Proficy Batch Execution 5.6; GE Intelligent Platforms SI7 I/O Driver 7.20 through 7.42; and other products, allow remote attackers to execute arbitrary code via a long string in the second argument to the (1) JumpMappedID or (2) JumpURL method. | |||||
| CVE-2012-2294 | 1 Emc | 2 Rsa Archer Egrc, Rsa Archer Smartsuite | 2024-11-21 | 6.8 MEDIUM | N/A |
| EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 allow remote attackers to conduct clickjacking attacks via a crafted web page. | |||||
| CVE-2012-2293 | 1 Emc | 2 Rsa Archer Egrc, Rsa Archer Smartsuite | 2024-11-21 | 6.5 MEDIUM | N/A |
| Directory traversal vulnerability in EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 allows remote authenticated users to upload files, and consequently execute arbitrary code, via a relative path. | |||||