Filtered by vendor Emc
Subscribe
Total
414 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-5001 | 1 Emc | 1 Rsa Archer Egrc | 2025-04-20 | 4.0 MEDIUM | 4.3 MEDIUM |
| EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an information exposure through an error message vulnerability. A remote low privileged attacker may potentially exploit this vulnerability to use information disclosed in an error message to launch another more focused attack. | |||||
| CVE-2016-8215 | 1 Emc | 1 Rsa Security Analytics | 2025-04-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| EMC RSA Security Analytics 10.5.3 and 10.6.2 contains fixes for a Reflected Cross-Site Scripting vulnerability that could potentially be exploited by malicious users to compromise the affected system. | |||||
| CVE-2016-9867 | 1 Emc | 1 Scaleio | 2025-04-20 | 4.6 MEDIUM | 8.8 HIGH |
| An issue was discovered in EMC ScaleIO versions before 2.0.1.1. A low-privileged local attacker may be able to modify the kernel memory in the SCINI driver and may achieve code execution to escalate privileges to root on ScaleIO Data Client (SDC) servers. | |||||
| CVE-2017-4986 | 1 Emc | 1 Secure Remote Services | 2025-04-20 | 5.0 MEDIUM | 5.3 MEDIUM |
| EMC ESRS VE 3.18 or earlier contains Authentication Bypass that could potentially be exploited by malicious users to compromise the affected system. | |||||
| CVE-2017-14385 | 1 Emc | 2 Data Domain, Data Domain Os | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in EMC Data Domain DD OS 5.7 family, versions prior to 5.7.5.6; EMC Data Domain DD OS 6.0 family, versions prior to 6.0.2.9; EMC Data Domain DD OS 6.1 family, versions prior to 6.1.0.21; EMC Data Domain Virtual Edition 2.0 family, all versions; EMC Data Domain Virtual Edition 3.0 family, versions prior to 3.0 SP2 Update 1; and EMC Data Domain Virtual Edition 3.1 family, versions prior to 3.1 Update 2. EMC Data Domain DD OS contains a memory overflow vulnerability in SMBv1 which may potentially be exploited by an unauthenticated remote attacker. An attacker may completely shut down both the SMB service and active directory authentication. This may also allow remote code injection and execution. | |||||
| CVE-2016-9872 | 1 Emc | 1 Documentum D2 | 2025-04-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| EMC Documentum D2 version 4.5 and EMC Documentum D2 version 4.6 has Reflected Cross-Site Scripting Vulnerabilities that could potentially be exploited by malicious users to compromise the affected system. | |||||
| CVE-2017-14378 | 1 Emc | 2 Rsa Authentication Agent Api For C, Rsa Authentication Agent Sdk For C | 2025-04-20 | 7.5 HIGH | 10.0 CRITICAL |
| EMC RSA Authentication Agent API 8.5 for C and RSA Authentication Agent SDK 8.6 for C allow attackers to bypass authentication, aka an "Error Handling Vulnerability." | |||||
| CVE-2017-4979 | 1 Emc | 1 Isilon Onefs | 2025-04-20 | 4.6 MEDIUM | 7.1 HIGH |
| EMC Isilon OneFS 8.0.1.0, OneFS 8.0.0.0 - 8.0.0.2, OneFS 7.2.1.0 - 7.2.1.3, and OneFS 7.2.0.x is affected by an NFS export vulnerability. Under certain conditions, after upgrading a cluster from OneFS 7.1.1.x or earlier, users may have unexpected levels of access to some NFS exports. | |||||
| CVE-2017-8024 | 1 Emc | 1 Isilon Onefs | 2025-04-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| EMC Isilon OneFS (versions prior to 8.1.0.1, versions prior to 8.0.1.2, versions prior to 8.0.0.6, version 7.2.1.x) is impacted by a reflected cross-site scripting vulnerability that may potentially be exploited by malicious users to compromise the affected system. | |||||
| CVE-2017-4980 | 1 Emc | 1 Isilon Onefs | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| EMC Isilon OneFS is affected by a path traversal vulnerability that may potentially be exploited by attackers to compromise the affected system. Affected versions are 7.1.0 - 7.1.1.10, 7.2.0 - 7.2.1.3, and 8.0.0 - 8.0.0.1. | |||||
| CVE-2017-8017 | 1 Emc | 1 Smarts Network Configuration Manager | 2025-04-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| EMC Network Configuration Manager (NCM) 9.3.x, 9.4.0.x, 9.4.1.x, and 9.4.2.x is affected by a reflected cross-site scripting Vulnerability that could potentially be exploited by malicious users to compromise the affected system. | |||||
| CVE-2017-4982 | 1 Emc | 1 Mainframe Enablers Resourcepak Base | 2025-04-20 | 10.0 HIGH | 9.8 CRITICAL |
| EMC Mainframe Enablers ResourcePak Base versions 7.6.0, 8.0.0, and 8.1.0 contains a fix for a privilege management vulnerability that could potentially be exploited by malicious users to compromise the affected system. | |||||
| CVE-2016-9868 | 1 Emc | 1 Scaleio | 2025-04-20 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered in EMC ScaleIO versions before 2.0.1.1. A low-privileged local attacker may cause a denial-of-service by generating a kernel panic in the SCINI driver using IOCTL calls which may render the ScaleIO Data Client (SDC) server unavailable until the next reboot. | |||||
| CVE-2017-4999 | 1 Emc | 1 Rsa Archer Egrc | 2025-04-20 | 4.0 MEDIUM | 6.5 MEDIUM |
| EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an authorization bypass through user-controlled key vulnerability in Discussion Forum Messages. A remote low privileged attacker may potentially exploit this vulnerability to elevate their privileges and view other users' discussion forum messages. | |||||
| CVE-2017-8004 | 2 Emc, Rsa | 3 Rsa Identity Governance And Lifecycle, Rsa Identity Management And Governance, Rsa Via Lifecycle And Governance | 2025-04-20 | 6.5 MEDIUM | 7.2 HIGH |
| The EMC RSA Identity Governance and Lifecycle, RSA Via Lifecycle and Governance and RSA IMG products (RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2, all patch levels; RSA Via Lifecycle and Governance version 7.0, all patch levels; RSA Identity Management and Governance (RSA IMG) versions 6.9.1, all patch levels) allow an application administrator to upload arbitrary files that may potentially contain a malicious code. The malicious file could be then executed on the affected system with the privileges of the user the application is running under. | |||||
| CVE-2017-4976 | 1 Emc | 1 Esrs Policy Manager | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| EMC ESRS Policy Manager prior to 6.8 contains an undocumented account (OpenDS admin) with a default password. A remote attacker with the knowledge of the default password may login to the system and gain administrator privileges to the local LDAP directory server. | |||||
| CVE-2017-14376 | 1 Emc | 1 Appsync | 2025-04-20 | 7.2 HIGH | 7.8 HIGH |
| EMC AppSync Server prior to 3.5.0.1 contains database accounts with hardcoded passwords that could potentially be exploited by malicious users to compromise the affected system. | |||||
| CVE-2017-3757 | 1 Emc | 1 Elan Touchpad Driver | 2025-04-20 | 7.2 HIGH | 7.8 HIGH |
| An unquoted service path vulnerability was identified in the driver for the ElanTech Touchpad, various versions, used on some Lenovo brand notebooks (not ThinkPads). This could allow an attacker with local privileges to execute code with administrative privileges. | |||||
| CVE-2017-4988 | 1 Emc | 1 Isilon Onefs | 2025-04-20 | 9.0 HIGH | 7.2 HIGH |
| EMC Isilon OneFS 8.0.1.0, 8.0.0 - 8.0.0.3, 7.2.0 - 7.2.1.4, 7.1.x is affected by a privilege escalation vulnerability that could potentially be exploited by attackers to compromise the affected system. | |||||
| CVE-2016-9869 | 1 Emc | 1 Scaleio | 2025-04-20 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered in EMC ScaleIO versions before 2.0.1.1. Incorrect permissions on the SCINI driver may allow a low-privileged local attacker to modify the configuration and render the ScaleIO Data Client (SDC) server unavailable. | |||||