Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
emc documentum content server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-4544
EMC Documentum Content Server prior to 7.1P20 and 7.2.x prior to 7.2P04 does not properly verify authorization for dm_job object access, which allows remote authenticated users to obtain superuser privileges via crafted object operations. NOTE: this vulnerability exists because o...
Emc Documentum Content Server 7.2
Emc Documentum Content Server 7.1
NA
CVE-2015-0550
Directory traversal vulnerability in EMC Documentum Thumbnail Server 6.7SP1 before P32, 6.7SP2 before P25, 7.0 before P19, 7.1 before P16, and 7.2 before P01 allows remote malicious users to bypass intended Content Server access restrictions via unspecified vectors.
Emc Documentum Thumbnail Server 6.7
Emc Documentum Thumbnail Server 7.0
Emc Documentum Thumbnail Server 7.1
Emc Documentum Thumbnail Server 7.2
8.8
CVSSv3
CVE-2017-15276
OpenText Documentum Content Server (formerly EMC Documentum Content Server) up to and including 7.3 contains the following design gap, which allows an authenticated user to gain superuser privileges: Content Server allows uploading content using batches (TAR archives). When unpac...
Opentext Documentum Content Server
1 EDB exploit
8.8
CVSSv3
CVE-2017-15012
OpenText Documentum Content Server (formerly EMC Documentum Content Server) up to and including 7.3 does not properly validate the input of the PUT_FILE RPC-command, which allows any authenticated user to hijack an arbitrary file from the Content Server filesystem; because some f...
Opentext Documentum Content Server
1 EDB exploit
NA
CVE-2014-2515
EMC Documentum D2 3.1 before P24, 3.1SP1 before P02, 4.0 before P11, 4.1 before P16, and 4.2 before P05 does not properly restrict tickets provided by D2GetAdminTicketMethod and D2RefreshCacheMethod, which allows remote authenticated users to gain privileges via a request for a s...
Emc Documentum D2 3.1
Emc Documentum D2 4.1
Emc Documentum D2 4.2
Emc Documentum D2 4.0
NA
CVE-2014-2504
EMC Documentum D2 3.1 before P20, 3.1 SP1 before P02, 4.0 before P10, 4.1 before P13, and 4.2 before P01 allows remote authenticated users to bypass intended access restrictions and execute arbitrary Documentum Query Language (DQL) queries by calling (1) a core method or (2) a D2...
Emc Documentum D2 3.1
Emc Documentum D2 4.2
Emc Documentum D2 4.1
Emc Documentum D2 4.0
NA
CVE-2014-2518
Multiple cross-site request forgery (CSRF) vulnerabilities in EMC Documentum WDK prior to 6.7SP1 P28 and 6.7SP2 before P15 allow remote malicious users to hijack the authentication of arbitrary users.
Emc Documentum Capital Projects 1.9
Emc Documentum Records Manager 6.7
Emc Documentum Administrator 6.7
Emc Documentum Capital Projects 1.8
Emc Engineering Plant Facilities Management Solution For Documentum 1.7
Emc Digital Assets Manager 6.5
Emc Task Space 6.7
Emc Documentum Webtop 6.7
Emc Web Publishers 6.5
Emc Documentum Administrator 7.1
Emc Documentum Wdk 6.7
Emc Documentum Administrator 7.0
NA
CVE-2015-4524
Unrestricted file upload vulnerability in EMC Documentum WebTop 6.7SP1 before P31, 6.7SP2 before P23, and 6.8 before P01; Documentum Administrator 6.7SP1 before P31, 6.7SP2 before P23, 7.0 before P18, 7.1 before P15, and 7.2 before P01; Documentum Digital Assets Manager 6.5SP6 be...
Emc Documentum Webtop 6.7
Emc Documentum Webtop 6.8
Emc Documentum Administrator 7.2
Emc Documentum Digital Asset Manager 6.5
Emc Documentum Web Publisher 6.5
Emc Documentum Taskspace 6.7
Emc Documentum Administrator 6.7
Emc Documentum Administrator 7.0
Emc Documentum Administrator 7.1
8.8
CVSSv3
CVE-2017-15013
OpenText Documentum Content Server (formerly EMC Documentum Content Server) up to and including 7.3 contains the following design gap, which allows an authenticated user to gain superuser privileges: Content Server stores information about uploaded files in dmr_content objects, w...
Opentext Documentum Content Server
1 EDB exploit
4.3
CVSSv3
CVE-2017-15014
OpenText Documentum Content Server (formerly EMC Documentum Content Server) up to and including 7.3 contains the following design gap, which allows authenticated users to download arbitrary content files regardless of the attacker's repository permissions: When an authentica...
Opentext Documentum Content Server
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4956
validation
CVE-2024-35221
remote attackers
CVE-2023-30309
CVE-2024-36112
CVE-2024-23109
CVE-2023-43850
stored XSS
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »