Filtered by vendor Emc Subscriptions
Total 416 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2015-6850 1 Emc 1 Vplex Geosynchrony 2024-11-21 N/A
EMC VPLEX GeoSynchrony 5.4 SP1 before P3 and 5.5 before Patch 1 has a default password for the root account, which allows local users to gain privileges by leveraging a login session.
CVE-2015-6849 1 Emc 1 Networker 2024-11-21 N/A
EMC NetWorker before 8.0.4.5, 8.1.x before 8.1.3.6, 8.2.x before 8.2.2.2, and 9.0 before build 407 allows remote attackers to cause a denial of service (process outage) via malformed RPC authentication messages.
CVE-2015-6848 1 Emc 1 Isilon Onefs 2024-11-21 N/A
EMC Isilon OneFS 7.1.x before 7.1.1.5, 7.2.0.x before 7.2.0.3, and 7.2.1.x before 7.2.1.1, when the RFC 2307 feature is configured but SFU is not universally present, allows remote authenticated AD users to obtain root privileges via unspecified vectors.
CVE-2015-6847 1 Emc 1 Vplex Geosynchrony 2024-11-21 N/A
The default configuration of EMC VPLEX GeoSynchrony 5.4 SP1 before P3 stores cleartext NAVISPHERE GUI passwords in a log file, which allows local users to obtain sensitive information by reading this file.
CVE-2015-6846 1 Emc 1 Sourceone Email Supervisor 2024-11-21 N/A
EMC SourceOne Email Supervisor before 7.2 uses hardcoded encryption keys, which makes it easier for attackers to obtain access by examining how a program's code conducts cryptographic operations.
CVE-2015-6845 1 Emc 1 Sourceone Email Supervisor 2024-11-21 N/A
EMC SourceOne Email Supervisor before 7.2 does not properly employ random values for session IDs, which makes it easier for remote attackers to obtain access by guessing an ID.
CVE-2015-6844 1 Emc 1 Sourceone Email Supervisor 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in Reviewer in EMC SourceOne Email Supervisor before 7.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2015-6843 1 Emc 1 Sourceone Email Supervisor 2024-11-21 N/A
Reviewer in EMC SourceOne Email Supervisor before 7.2 does not properly limit attempts to authenticate, which makes it easier for remote attackers to obtain access via a brute-force approach.
CVE-2015-4546 1 Emc 2 Rsa Certificate Manager, Rsa Onestep 2024-11-21 N/A
Directory traversal vulnerability in EMC RSA OneStep 6.9 before build 559, as used in RSA Certificate Manager and RSA Registration Manager through 6.9 build 558 and other products, allows remote attackers to read arbitrary files via a crafted KCSOSC_ERROR_PAGE parameter.
CVE-2015-4545 1 Emc 1 Isilon Onefs 2024-11-21 N/A
EMC Isilon OneFS 7.1 before 7.1.1.8, 7.2.0 before 7.2.0.4, and 7.2.1 before 7.2.1.1 allows remote authenticated administrators to bypass a SmartLock root-login restriction by creating a root account and establishing a login session.
CVE-2015-4544 1 Emc 1 Documentum Content Server 2024-11-21 N/A
EMC Documentum Content Server before 7.1P20 and 7.2.x before 7.2P04 does not properly verify authorization for dm_job object access, which allows remote authenticated users to obtain superuser privileges via crafted object operations. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-4626.
CVE-2015-4543 1 Emc 1 Rsa Archer Grc 2024-11-21 N/A
EMC RSA Archer GRC 5.x before 5.5.3 uses cleartext for stored passwords in unspecified circumstances, which allows remote authenticated users to obtain sensitive information by reading database fields.
CVE-2015-4542 1 Emc 1 Rsa Archer Grc 2024-11-21 N/A
EMC RSA Archer GRC 5.x before 5.5.3 allows remote authenticated users to bypass intended access restrictions, and read or modify Discussion Forum Fields messages, via unspecified vectors.
CVE-2015-4541 1 Emc 1 Rsa Archer Grc 2024-11-21 N/A
Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer GRC 5.x before 5.5.3 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2015-4540 1 Emc 1 Rsa Identity Management And Governance 2024-11-21 N/A
Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Identity Management & Governance (IMG) before 6.8.1 P18 and 6.9.x before 6.9.1 P6 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2015-4539 1 Emc 1 Rsa Identity Management And Governance 2024-11-21 N/A
Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Identity Management & Governance (IMG) before 7.0.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2015-4538 1 Emc 1 Atmos 2024-11-21 N/A
The XML parser in EMC Atmos before 2.2.3.426 and 2.3.x before 2.3.1.0 allows remote authenticated users to read arbitrary files or cause a denial of service (CPU and memory consumption) via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
CVE-2015-4537 1 Emc 1 Documentum D2 2024-11-21 N/A
Lockbox in EMC Documentum D2 before 4.5 uses a hardcoded passphrase when a server lacks a D2.Lockbox file, which makes it easier for remote authenticated users to decrypt admin tickets by locating this passphrase in a decompiled D2 JAR archive.
CVE-2015-4536 1 Emc 1 Documentum Content Server 2024-11-21 N/A
EMC Documentum Content Server before 7.0 P20, 7.1 before P18, and 7.2 before P02, when RPC tracing is configured, stores certain obfuscated password data in a log file, which allows remote authenticated users to obtain sensitive information by reading this file.
CVE-2015-4535 1 Emc 1 Documentum Content Server 2024-11-21 N/A
Java Method Server (JMS) in EMC Documentum Content Server before 6.7SP1 P32, 6.7SP2 before P25, 7.0 before P19, 7.1 before P16, and 7.2 before P02, when __debug_trace__ is configured, allows remote authenticated users to gain super-user privileges by leveraging the ability to read a log file containing a login ticket.