Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
emc vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-6181
EMC Watch4Net prior to 6.3 stores cleartext polled-device passwords in the installation repository, which allows local users to obtain sensitive information by leveraging repository privileges.
Emc Watch4net
Emc Watch4net 6.0
Emc Watch4net 6.1
NA
CVE-2014-0632
Directory traversal vulnerability in EMC VPLEX GeoSynchrony 4.x and 5.x prior to 5.3 allows remote authenticated users to execute arbitrary code via unspecified vectors.
Emc Vplex Geosynchrony 5.0
Emc Vplex Geosynchrony 5.2
Emc Vplex Geosynchrony 5.1
Emc Vplex Geosynchrony 5.2.1
Emc Vplex Geosynchrony 4.0
NA
CVE-2014-0634
EMC VPLEX GeoSynchrony 4.x and 5.x prior to 5.3 does not include the HTTPOnly flag in a Set-Cookie header for an unspecified cookie, which makes it easier for remote malicious users to obtain potentially sensitive information via script access to this cookie.
Emc Vplex Geosynchrony 5.0
Emc Vplex Geosynchrony 4.0
Emc Vplex Geosynchrony 5.2
Emc Vplex Geosynchrony 5.1
Emc Vplex Geosynchrony 5.2.1
NA
CVE-2014-0635
Session fixation vulnerability in EMC VPLEX GeoSynchrony 4.x and 5.x prior to 5.3 allows remote malicious users to hijack web sessions via unspecified vectors.
Emc Vplex Geosynchrony 4.0
Emc Vplex Geosynchrony 5.2
Emc Vplex Geosynchrony 5.0
Emc Vplex Geosynchrony 5.1
Emc Vplex Geosynchrony 5.2.1
NA
CVE-2014-0633
The GUI in EMC VPLEX GeoSynchrony 4.x and 5.x prior to 5.3 does not properly validate session-timeout values, which might make it easier for remote malicious users to execute arbitrary code by leveraging an unattended workstation.
Emc Vplex Geosynchrony 5.2.1
Emc Vplex Geosynchrony 4.0
Emc Vplex Geosynchrony 5.0
Emc Vplex Geosynchrony 5.2
Emc Vplex Geosynchrony 5.1
NA
CVE-2007-3618
Stack-based buffer overflow in the NetWorker Remote Exec Service (nsrexecd.exe) in EMC Software NetWorker 7.x.x allows remote malicious users to execute arbitrary code via a (1) poll or (2) kill request with a "long invalid subcmd."
Emc Legato Networker 7.0
Emc Legato Networker 7.1.3
Emc Legato Networker 7.2
Emc Legato Networker 7.2.1
Emc Legato Networker 7.3.2
NA
CVE-2012-0404
Cross-site scripting (XSS) vulnerability in EMC Documentum eRoom prior to 7.4.4 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Emc Documentum Eroom 7.4.1
Emc Documentum Eroom 7.3.0
Emc Documentum Eroom 7.4.2
Emc Documentum Eroom
NA
CVE-2013-3287
EMC Unisphere for VMAX prior to 1.6.1.6, when using an unspecified level of debug logging in LDAP configurations, allows local users to discover the cleartext LDAP bind password by reading the console.
Dell Emc Unisphere
Dell Emc Unisphere 1.5
Dell Emc Unisphere 1.0
Dell Emc Unisphere 1.1
NA
CVE-2012-0398
EMC Documentum eRoom prior to 7.4.4 does not properly validate session cookies, which allows remote malicious users to hijack or replay sessions via unspecified vectors.
Emc Documentum Eroom
Emc Documentum Eroom 7.4.2
Emc Documentum Eroom 7.4.1
Emc Documentum Eroom 7.3.0
7.8
CVSSv3
CVE-2020-26193
Dell EMC PowerScale OneFS versions 8.1.0 - 9.1.0 contain an improper input validation vulnerability. A user with the ISI_PRIV_CLUSTER privilege may exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the priv...
Dell Emc Powerscale Onefs 8.1.0
Dell Emc Powerscale Onefs 8.1.1
Dell Emc Powerscale Onefs 8.1.2
Dell Emc Powerscale Onefs 8.2.0
Dell Emc Powerscale Onefs 8.2.1
Dell Emc Powerscale Onefs 8.2.2
Dell Emc Powerscale Onefs 9.0.0
Dell Emc Powerscale Onefs 9.1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »