Vulnerabilities (CVE)

Filtered by vendor Emc Subscribe
Total 416 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2011-1421 1 Emc 1 Networker 2024-11-21 6.9 MEDIUM N/A
EMC NetWorker 7.5.x before 7.5.4.3 and 7.6.x before 7.6.1.5, when the client push feature is enabled, uses weak permissions for an unspecified file, which allows local users to gain privileges via unknown vectors.
CVE-2011-1420 2 Emc, Oracle 2 Data Protection Advisor Collector, Solaris Sparc 2024-11-21 7.2 HIGH N/A
EMC Data Protection Advisor Collector 5.7 and 5.7.1 on Solaris SPARC platforms uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors.
CVE-2011-0648 1 Emc 1 Avamar 2024-11-21 8.5 HIGH N/A
Unspecified vulnerability in EMC Avamar before 5.0.4-30 allows remote authenticated users to gain privileges via unknown vectors.
CVE-2011-0647 1 Emc 2 Networker Module, Replication Manager 2024-11-21 10.0 HIGH N/A
The irccd.exe service in EMC Replication Manager Client before 5.3 and NetWorker Module for Microsoft Applications 2.1.x and 2.2.x allows remote attackers to execute arbitrary commands via the RunProgram function to TCP port 6542.
CVE-2011-0442 1 Emc 1 Avamar 2024-11-21 3.5 LOW N/A
The service utility in EMC Avamar 5.x before 5.0.4 uses cleartext to transmit event details in (1) service requests and (2) e-mail messages, which might allow remote attackers to obtain sensitive information by sniffing the network.
CVE-2011-0321 1 Emc 1 Networker 2024-11-21 6.4 MEDIUM N/A
librpc.dll in nsrexecd in EMC NetWorker before 7.5 SP4, 7.5.3.x before 7.5.3.5, and 7.6.x before 7.6.1.2 does not properly mitigate the possibility of a spoofed localhost source IP address, which allows remote attackers to (1) register or (2) unregister RPC services, and consequently cause a denial of service or obtain sensitive information from interprocess communication, via crafted UDP packets containing service commands.
CVE-2010-2860 1 Emc 1 Celerra Network Attached Storage 2024-11-21 9.3 HIGH N/A
The EMC Celerra Network Attached Storage (NAS) appliance accepts external network traffic to IP addresses intended for an intranet network within the appliance, which allows remote attackers to read, create, or modify arbitrary files in the user data directory via NFS requests.
CVE-2010-2633 1 Emc 4 Disk Library, Disk Library 4100, Disk Library 4200 and 1 more 2024-11-21 7.8 HIGH N/A
Unspecified vulnerability in EMC Disk Library (EDL) before 3.2.7, 3.3.x before 3.3.2 epatch 8, and 4.0.x before 4.0.1 epatch 4 allows remote attackers to cause a denial of service (communication-module crash) by sending a crafted message through TCP.
CVE-2010-1919 1 Emc 1 Avamar 2024-11-21 7.1 HIGH N/A
Unspecified vulnerability in EMC Avamar 4.1.x and 5.0 before SP1 allows remote attackers to cause a denial of service (gsan service hang) by sending a crafted message using TCP.
CVE-2010-1904 1 Emc 1 Rsa Key Manager Client 2024-11-21 6.8 MEDIUM N/A
SQL injection vulnerability in EMC RSA Key Manager (RKM) C Client 1.5.x allows user-assisted remote attackers to execute arbitrary SQL commands via the metadata section of encrypted key data.
CVE-2010-0620 1 Emc 1 Homebase Server 2024-11-21 9.3 HIGH N/A
Directory traversal vulnerability in the SSL Service in EMC HomeBase Server 6.2.x before 6.2.3 and 6.3.x before 6.3.2 allows remote attackers to overwrite arbitrary files with any content, and consequently execute arbitrary code, via a .. (dot dot) in an unspecified parameter.
CVE-2009-3744 1 Emc 1 Replistor 2024-11-21 5.0 MEDIUM N/A
rep_serv.exe 6.3.1.3 in the server in EMC RepliStor allows remote attackers to cause a denial of service via a crafted packet to TCP port 7144.
CVE-2009-3573 1 Emc 1 Captiva Pixtools Distributed Imaging 2024-11-21 9.3 HIGH N/A
Multiple insecure method vulnerabilities in the PDIControl.PDI.1 ActiveX control (PDIControl.dll) 2.2.3160.0 in EMC Captiva PixTools Distributed Imaging 2.2 allow remote attackers to create or overwrite arbitrary files via the (1) SetLogFileName and (2) WriteToLog methods.
CVE-2009-2754 2 Emc, Ibm 2 Legato Networker, Informix Dynamic Server 2024-11-21 10.0 HIGH N/A
Integer signedness error in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), as used in IBM Informix Dynamic Server (IDS) 10.x before 10.00.TC9 and 11.x before 11.10.TC3 and EMC Legato NetWorker, allows remote attackers to execute arbitrary code via a crafted parameter size that triggers a stack-based buffer overflow.
CVE-2009-1119 1 Emc 1 Replistor 2024-11-21 10.0 HIGH N/A
Multiple heap-based buffer overflows in EMC RepliStor 6.2 before SP5 and 6.3 before SP2 allow remote attackers to execute arbitrary code via a crafted message to (1) ctrlservice.exe or (2) rep_srv.exe, possibly related to an integer overflow.
CVE-2009-0311 1 Emc 1 Autostart 2024-11-21 10.0 HIGH N/A
The Backbone service (ftbackbone.exe) in EMC AutoStart before 5.3 SP2 allows remote attackers to execute arbitrary code via a packet with a crafted value that is dereferenced as a function pointer.
CVE-2008-6219 1 Emc 5 Networker Client, Networker Module, Networker Powersnap and 2 more 2024-11-21 7.8 HIGH N/A
nsrexecd.exe in multiple EMC Networker products including EMC NetWorker Server, Storage Node, and Client 7.3.x and 7.4, 7.4.1, 7.4.2, Client and Storage Node for Open VMS 7.3.2 ECO6 and earlier, Module for Microsoft Exchange 5.1 and earlier, Module for Microsoft Applications 2.0 and earlier, Module for Meditech 2.0 and earlier, and PowerSnap 2.4 SP1 and earlier does not properly control the allocation of memory, which allows remote attackers to cause a denial of service (memory exhaustion) via multiple crafted RPC requests.
CVE-2008-5420 1 Emc 1 Control Center 2024-11-21 7.8 HIGH N/A
The SAN Manager Master Agent service (aka msragent.exe) in EMC Control Center before 6.1 does not properly authenticate SST_SENDFILE requests, which allows remote attackers to read arbitrary files.
CVE-2008-5419 1 Emc 1 Control Center 2024-11-21 10.0 HIGH N/A
Stack-based buffer overflow in SAN Manager Master Agent service (aka msragent.exe) in EMC Control Center 5.2 SP5 and 6.0 allows remote attackers to execute arbitrary code via multiple SST_CTGTRANS requests.
CVE-2008-4916 2 Emc, Vmware 7 Vmware Player, Vmware Ace, Vmware Esx and 4 more 2024-11-21 4.6 MEDIUM N/A
Unspecified vulnerability in a guest virtual device driver in VMware Workstation before 5.5.9 build 126128, and 6.5.1 and earlier 6.x versions; VMware Player before 1.0.9 build 126128, and 2.5.1 and earlier 2.x versions; VMware ACE before 1.0.8 build 125922, and 2.5.1 and earlier 2.x versions; VMware Server 1.x before 1.0.8 build 126538 and 2.0.x before 2.0.1 build 156745; VMware Fusion before 2.0.1; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to cause a denial of service (host OS crash) via unknown vectors.