Filtered by vendor Emc
Subscriptions
Total
416 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2012-2292 | 1 Emc | 2 Rsa Archer Egrc, Rsa Archer Smartsuite | 2024-11-21 | N/A |
The Silverlight cross-domain policy in EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 does not restrict access to the Archer application, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors. | ||||
CVE-2012-2291 | 3 Apple, Emc, Hp | 4 Mac Os X, Avamar, Avamar Plugin and 1 more | 2024-11-21 | N/A |
EMC Avamar Client 4.x, 5.x, and 6.x on HP-UX and Mac OS X, and the EMC Avamar plugin 4.x, 5.x, and 6.x for Oracle, uses world-writable permissions for cache directories, which allows local users to gain privileges via an unspecified symlink attack. | ||||
CVE-2012-2290 | 1 Emc | 1 Networker Module For Microsoft Applications | 2024-11-21 | N/A |
The client in EMC NetWorker Module for Microsoft Applications (NMM) 2.2.1, 2.3 before build 122, and 2.4 before build 375 allows remote attackers to execute arbitrary code by sending a crafted message over a TCP communication channel. | ||||
CVE-2012-2289 | 1 Emc | 2 Applicationxtender Desktop, Applicationxtender Web Access .net | 2024-11-21 | N/A |
EMC ApplicationXtender Desktop before 6.5 SP2 and ApplicationXtender Web Access .NET before 6.5 SP2 allow remote attackers to upload files to any location, and possibly execute arbitrary code, via unspecified vectors. | ||||
CVE-2012-2288 | 1 Emc | 1 Networker | 2024-11-21 | N/A |
Format string vulnerability in the nsrd RPC service in EMC NetWorker 7.6.3 and 7.6.4 before 7.6.4.1, and 8.0 before 8.0.0.1, allows remote attackers to execute arbitrary code via format string specifiers in a message. | ||||
CVE-2012-2287 | 2 Emc, Microsoft | 4 Rsa Authentication Agent, Rsa Authentication Client, Windows Server 2003 and 1 more | 2024-11-21 | N/A |
The authentication functionality in EMC RSA Authentication Agent 7.1 and RSA Authentication Client 3.5 on Windows XP and Windows Server 2003, when an unspecified configuration exists, allows remote authenticated users to bypass an intended token-authentication step, and establish a login session to a remote host, by leveraging Windows credentials for that host. | ||||
CVE-2012-2286 | 1 Emc | 1 Rsa Adaptive Authentication On-premise | 2024-11-21 | N/A |
Unspecified vulnerability in EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 before SP3 P3 allows remote attackers to obtain sensitive information via unknown vectors. | ||||
CVE-2012-2285 | 1 Emc | 2 Cloud Tiering Appliance, Cloud Tiering Appliance Virtual Edition | 2024-11-21 | N/A |
EMC Cloud Tiering Appliance (aka CTA, formerly FMA) 9.0 and earlier, and Cloud Tiering Appliance Virtual Edition (CTA/VE) 9.0 and earlier, allows remote attackers to obtain GUI administrative access by sending a crafted file during the authentication phase. | ||||
CVE-2012-2284 | 2 Emc, Microsoft | 2 Networker Module For Microsoft Applications, Exchange Server | 2024-11-21 | N/A |
The (1) install and (2) upgrade processes in EMC NetWorker Module for Microsoft Applications (NMM) 2.2.1, 2.3 before build 122, and 2.4 before build 375, when Exchange Server is used, allow local users to read cleartext administrator credentials via unspecified vectors. | ||||
CVE-2012-2283 | 2 Emc, Iomega | 4 Lifeline, Home Media Network Hard Drive, Iconnect and 1 more | 2024-11-21 | N/A |
The Iomega Home Media Network Hard Drive with EMC Lifeline firmware before 2.104, Home Media Network Hard Drive Cloud Edition with EMC Lifeline firmware before 3.2.3.15290, iConnect with EMC Lifeline firmware before 2.5.26.18966, and StorCenter with EMC Lifeline firmware before 2.0.18.23122, 2.1.x before 2.1.42.18967, and 3.x before 3.2.3.15290 allow remote authenticated users to read or modify data on arbitrary remote shares via unspecified vectors. | ||||
CVE-2012-2282 | 1 Emc | 3 Celerra Network Server, Vnx, Vnxe | 2024-11-21 | N/A |
EMC Celerra Network Server 6.x before 6.0.61.0, VNX 7.x before 7.0.53.2, and VNXe 2.0 and 2.1 before 2.1.3.19077 (aka MR1 SP3.2) and 2.2 before 2.2.0.19078 (aka MR2 SP0.2) do not properly implement NFS access control, which allows remote authenticated users to read or modify files via a (1) NFSv2, (2) NFSv3, or (3) NFSv4 request. | ||||
CVE-2012-2280 | 2 Emc, Rsa | 3 Rsa Authentication Manager, Authentication Manager, Securid Appliance | 2024-11-21 | N/A |
EMC RSA Authentication Manager 7.1 before SP4 P14 and RSA SecurID Appliance 3.0 before SP4 P14 do not properly use frames, which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a "Cross frame scripting vulnerability." | ||||
CVE-2012-2279 | 2 Emc, Rsa | 3 Rsa Authentication Manager, Authentication Manager, Securid Appliance | 2024-11-21 | N/A |
Open redirect vulnerability in the Security Console in EMC RSA Authentication Manager 7.1 before SP4 P14 and RSA SecurID Appliance 3.0 before SP4 P14 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | ||||
CVE-2012-2278 | 2 Emc, Rsa | 3 Rsa Authentication Manager, Authentication Manager, Securid Appliance | 2024-11-21 | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in the (1) Self-Service Console and (2) Security Console in EMC RSA Authentication Manager 7.1 before SP4 P14 and RSA SecurID Appliance 3.0 before SP4 P14 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
CVE-2012-2277 | 1 Emc | 1 Documentum Information Rights Management | 2024-11-21 | N/A |
The IRM Server in EMC Documentum Information Rights Management 4.x before 4.7.0100 and 5.x before 5.0.1030 allows remote attackers to cause a denial of service (pvcontrol.exe process hang) via \n (line feed) characters in the Id fields of many "batch begin untethered" commands. | ||||
CVE-2012-2276 | 1 Emc | 1 Documentum Information Rights Management | 2024-11-21 | N/A |
The IRM Server in EMC Documentum Information Rights Management 4.x before 4.7.0100 and 5.x before 5.0.1030 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via input data that (1) lacks FIPS fields or (2) has an invalid version number. | ||||
CVE-2012-1064 | 1 Emc | 2 Rsa Archer Egrc, Rsa Archer Smartsuite | 2024-11-21 | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
CVE-2012-0409 | 1 Emc | 1 Autostart | 2024-11-21 | N/A |
Multiple buffer overflows in EMC AutoStart 5.3.x and 5.4.x before 5.4.3 allow remote attackers to cause a denial of service (agent crash) or possibly execute arbitrary code via crafted packets. | ||||
CVE-2012-0407 | 1 Emc | 1 Data Protection Advisor | 2024-11-21 | N/A |
Integer overflow in the DPA_Utilities library in EMC Data Protection Advisor (DPA) 5.5 through 5.8 SP1 allows remote attackers to cause a denial of service (infinite loop) via a negative 64-bit value in a certain size field. | ||||
CVE-2012-0406 | 1 Emc | 1 Data Protection Advisor | 2024-11-21 | N/A |
The DPA_Utilities.cProcessAuthenticationData function in EMC Data Protection Advisor (DPA) 5.5 through 5.8 SP1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an AUTHENTICATECONNECTION command that (1) lacks a password field or (2) has an empty password. |