Emc

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2016-0909 1Emc 2Avamar Data Store Avamar Server Virtual Edition May 6, 2026 Nov 15, 2016 N/A· v4 8.4 HIGH· v3 7.2 HIGH· v2 EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) versions 7.3 and older contain a vulnerability that may expose the Avamar servers to potentially be compromised by malicious users.
CVE-2016-6646 2Dell Emc 3Emc Unisphere Solutions EnablerUnisphere May 6, 2026 Oct 5, 2016 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 The vApp Managers web application in EMC Unisphere for VMAX Virtual Appliance 8.x before 8.3.0 and Solutions Enabler Virtual Appliance 8.x before 8.3.0 allows remote attackers to execute arbitrary code via crafted input...Show more The vApp Managers web application in EMC Unisphere for VMAX Virtual Appliance 8.x before 8.3.0 and Solutions Enabler Virtual Appliance 8.x before 8.3.0 allows remote attackers to execute arbitrary code via crafted input to the (1) GetSymmCmdRequest or (2) RemoteServiceHandler class.Show less
CVE-2016-6645 2Dell Emc 3Emc Unisphere Solutions EnablerUnisphere May 6, 2026 Oct 5, 2016 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 The vApp Managers web application in EMC Unisphere for VMAX Virtual Appliance 8.x before 8.3.0 and Solutions Enabler Virtual Appliance 8.x before 8.3.0 allows remote authenticated users to execute arbitrary code via craf...Show more The vApp Managers web application in EMC Unisphere for VMAX Virtual Appliance 8.x before 8.3.0 and Solutions Enabler Virtual Appliance 8.x before 8.3.0 allows remote authenticated users to execute arbitrary code via crafted input to the (1) GeneralCmdRequest, (2) PersistantDataRequest, or (3) GetCommandExecRequest class.Show less
CVE-2016-0913 1Emc 2Networker Module For Microsoft Applications Replication Manager May 6, 2026 Oct 5, 2016 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The client in EMC Replication Manager (RM) before 5.5.3.0_01-PatchHotfix, EMC Network Module for Microsoft 3.x, and EMC Networker Module for Microsoft 8.2.x before 8.2.3.6 allows remote RM servers to execute arbitrary co...Show more The client in EMC Replication Manager (RM) before 5.5.3.0_01-PatchHotfix, EMC Network Module for Microsoft 3.x, and EMC Networker Module for Microsoft 8.2.x before 8.2.3.6 allows remote RM servers to execute arbitrary commands by placing a crafted script in an SMB share.Show less
CVE-2016-6647 1Emc 1Vipr Srm May 6, 2026 Sep 30, 2016 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 Cross-site scripting (XSS) vulnerability in EMC ViPR SRM before 4.0.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2016-0918 1Emc 2Rsa Identity Management And Governance Rsa Via Lifecycle And Governance May 6, 2026 Sep 24, 2016 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 EMC RSA Identity Management and Governance before 6.8.1 P25 and 6.9.x before 6.9.1 P15 and RSA Via Lifecycle and Governance before 7.0.0 P04 allow remote authenticated users to obtain User Detail Popup information via a...Show more EMC RSA Identity Management and Governance before 6.8.1 P25 and 6.9.x before 6.9.1 P15 and RSA Via Lifecycle and Governance before 7.0.0 P04 allow remote authenticated users to obtain User Detail Popup information via a modified URL.Show less
CVE-2016-0925 1Emc 1Rsa Adaptive Authentication On Premise May 6, 2026 Sep 21, 2016 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 Cross-site scripting (XSS) vulnerability in the Case Management application in EMC RSA Adaptive Authentication (On-Premise) before 6.0.2.1.SP3.P4 HF210, 7.0.x and 7.1.x before 7.1.0.0.SP0.P6 HF50, and 7.2.x before 7.2.0....Show more Cross-site scripting (XSS) vulnerability in the Case Management application in EMC RSA Adaptive Authentication (On-Premise) before 6.0.2.1.SP3.P4 HF210, 7.0.x and 7.1.x before 7.1.0.0.SP0.P6 HF50, and 7.2.x before 7.2.0.0.SP0.P0 HF20 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.Show less
CVE-2016-0921 1Emc 1Avamar Server May 6, 2026 Sep 21, 2016 N/A· v4 6.5 MEDIUM· v3 6.9 MEDIUM· v2 Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 use weak permissions for unspecified directories, which allows local users to obtain root access by replacing a script with a...Show more Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 use weak permissions for unspecified directories, which allows local users to obtain root access by replacing a script with a Trojan horse program.Show less
CVE-2016-0920 1Emc 1Avamar Server May 6, 2026 Sep 21, 2016 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 allow local users to obtain root access via a crafted parameter to a command that is available in the sudo configuration.
CVE-2016-0917 1Emc 3Vnx1 Oe Firmware Vnx2 Oe FirmwareVnxe Oe Firmware May 6, 2026 Sep 21, 2016 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The SMB service in EMC VNXe (VNXe3200 Operating Environment prior to 3.1.5.8711957 and VNXe3100/3150/3300 Operating Environment prior to 2.4.4.22638), VNX1 File OE before 7.1.80.3, VNX2 File OE before 8.1.9.155, and Cele...Show more The SMB service in EMC VNXe (VNXe3200 Operating Environment prior to 3.1.5.8711957 and VNXe3100/3150/3300 Operating Environment prior to 2.4.4.22638), VNX1 File OE before 7.1.80.3, VNX2 File OE before 8.1.9.155, and Celerra (all supported versions) does not prevent duplicate NTLM challenge-response nonces, which makes it easier for remote attackers to execute arbitrary code, or read or write to files, via a series of authentication requests, a related issue to CVE-2010-0231.Show less
CVE-2016-0905 1Emc 1Avamar Server May 6, 2026 Sep 21, 2016 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 allow local users to obtain root privileges by leveraging admin access and entering a sudo command.
CVE-2016-0904 1Emc 1Avamar Server May 6, 2026 Sep 21, 2016 N/A· v4 8.6 HIGH· v3 5.0 MEDIUM· v2 Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 use the same encryption key across different customers' installations, which allows remote attackers to defeat cryptographic...Show more Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 use the same encryption key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms and obtain sensitive client-server traffic information by leveraging knowledge of this key from another installation.Show less
CVE-2016-0903 1Emc 1Avamar Server May 6, 2026 Sep 21, 2016 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 rely on client-side authentication, which allows remote attackers to spoof clients and read backup data via a modified client...Show more Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 rely on client-side authentication, which allows remote attackers to spoof clients and read backup data via a modified client agent.Show less
CVE-2016-6643 1Emc 1Vipr Srm May 6, 2026 Sep 18, 2016 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in EMC ViPR SRM before 3.7.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2016-6642 1Emc 1Vipr Srm May 6, 2026 Sep 18, 2016 N/A· v4 6.1 MEDIUM· v3 5.8 MEDIUM· v2 Cross-site request forgery (CSRF) vulnerability in EMC ViPR SRM before 3.7.2 allows remote attackers to hijack the authentication of administrators for requests that upload files.
CVE-2016-6641 1Emc 1Vipr Srm May 6, 2026 Sep 18, 2016 N/A· v4 7.6 HIGH· v3 3.5 LOW· v2 Cross-site scripting (XSS) vulnerability in EMC ViPR SRM before 3.7.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2016-0922 1Emc 1Vipr Srm May 6, 2026 Sep 18, 2016 N/A· v4 9.8 CRITICAL· v3 5.0 MEDIUM· v2 EMC ViPR SRM before 3.7.2 does not restrict the number of password-authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force guessing attack.
CVE-2016-6644 1Emc 1Documentum D2 May 6, 2026 Sep 17, 2016 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 EMC Documentum D2 4.5 before patch 15 and 4.6 before patch 03 allows remote attackers to read arbitrary Docbase documents by leveraging knowledge of an r_object_id value.
CVE-2016-0915 1Emc 1Authentication Manager Prime May 6, 2026 Aug 22, 2016 N/A· v4 8.1 HIGH· v3 5.5 MEDIUM· v2 The Self-Service Portal in EMC RSA Authentication Manager (AM) Prime Self-Service 3.0 and 3.1 before 3.1 1915.42871 allows remote authenticated users to cause a denial of service (PIN change for an arbitrary user) via a...Show more The Self-Service Portal in EMC RSA Authentication Manager (AM) Prime Self-Service 3.0 and 3.1 before 3.1 1915.42871 allows remote authenticated users to cause a denial of service (PIN change for an arbitrary user) via a modified token serial number within a PIN change request, related to a "direct object reference vulnerability."Show less
CVE-2016-0906 1Emc 1Avamar May 6, 2026 Jul 6, 2016 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 The web-restore interface in Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar through 7.1.2 and 7.2.x through 7.2.1 allows remote authenticated users to read or delete directories via a Linux backup...Show more The web-restore interface in Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar through 7.1.2 and 7.2.x through 7.2.1 allows remote authenticated users to read or delete directories via a Linux backup-restore operation.Show less

Previous 1...567...21 Next