VYPR

Vendor CVEs

EMC Corporation

All CVEs

592 total · sorted by risk
  • CVE-2009-3744Oct 22, 2009
    risk 0.04cvss epss 0.07

    rep_serv.exe 6.3.1.3 in the server in EMC RepliStor allows remote attackers to cause a denial of service via a crafted packet to TCP port 7144.

  • CVE-2007-4155Aug 3, 2007
    risk 0.04cvss epss 0.10

    Absolute path traversal vulnerability in a certain ActiveX control in vielib.dll in EMC VMware 6.0.0 allows remote attackers to execute arbitrary local programs via a full pathname in the first two arguments to the (1) CreateProcess or (2) CreateProcessEx method.

  • CVE-2007-4059Jul 30, 2007
    risk 0.04cvss epss 0.07

    Absolute path traversal vulnerability in a certain ActiveX control in IntraProcessLogging.dll 5.5.3.42958 in EMC VMware allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SetLogFileName method.

  • CVE-2018-11066Nov 26, 2018
    risk 0.03cvss epss 0.10

    Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1, 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2 contain a Remote Code Execution vulnerability. A remote…

  • CVE-2012-2277May 14, 2012
    risk 0.03cvss epss 0.04

    The IRM Server in EMC Documentum Information Rights Management 4.x before 4.7.0100 and 5.x before 5.0.1030 allows remote attackers to cause a denial of service (pvcontrol.exe process hang) via \n (line feed) characters in the Id fields of many "batch begin untethered" commands.

  • CVE-2012-0407Apr 20, 2012
    risk 0.03cvss epss 0.03

    Integer overflow in the DPA_Utilities library in EMC Data Protection Advisor (DPA) 5.5 through 5.8 SP1 allows remote attackers to cause a denial of service (infinite loop) via a negative 64-bit value in a certain size field.

  • CVE-2010-2860Aug 5, 2010
    risk 0.03cvss epss 0.04

    The EMC Celerra Network Attached Storage (NAS) appliance accepts external network traffic to IP addresses intended for an intranet network within the appliance, which allows remote attackers to read, create, or modify arbitrary files in the user data directory via NFS requests.

  • CVE-2009-3573Oct 6, 2009
    risk 0.03cvss epss 0.06

    Multiple insecure method vulnerabilities in the PDIControl.PDI.1 ActiveX control (PDIControl.dll) 2.2.3160.0 in EMC Captiva PixTools Distributed Imaging 2.2 allow remote attackers to create or overwrite arbitrary files via the (1) SetLogFileName and (2) WriteToLog methods.

  • CVE-2008-3370Jul 30, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the CUA Login Module in EMC Centera Universal Access (CUA) 4.0_4735.p4 allows remote attackers to execute arbitrary SQL commands via the user (user name) field.

  • CVE-2006-6410Dec 10, 2006
    risk 0.03cvss epss 0.01

    Buffer overflow in an ActiveX control in VMWare 5.5.1 allows local users to execute arbitrary code via a long VmdbDb parameter to the Initialize function.

  • CVE-2005-2357Aug 16, 2005
    risk 0.03cvss epss 0.03

    Directory traversal vulnerability in EMC Navisphere Manager 6.4.1.0.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.

  • CVE-1999-0733Jun 26, 1999
    risk 0.03cvss epss 0.01

    Buffer overflow in VMWare 1.0.1 for Linux via a long HOME environmental variable.

  • CVE-2007-0063Sep 21, 2007
    risk 0.02cvss epss 0.20

    Integer underflow in the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before…

  • CVE-2020-5341Jul 28, 2021
    risk 0.01cvss epss 0.04

    Deserialization of Untrusted Data Vulnerability Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2, 19.1 and 19.2 and Dell EMC Integrated Data Protection Appliance versions 2.0, 2.1, 2.2, 2.3, 2.4 and 2.4.1 contain a Deserialization of Untrusted Data Vulnerability. A…

  • CVE-2020-29495Jan 14, 2021
    risk 0.01cvss epss 0.06

    DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain an OS Command Injection Vulnerability in Fitness Analyzer. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying…

  • CVE-2019-3722Jun 6, 2019
    risk 0.01cvss epss 0.04

    Dell EMC OpenManage Server Administrator (OMSA) versions prior to 9.1.0.3 and prior to 9.2.0.4 contain an XML external entity (XXE) injection vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to read arbitrary server system files by…

  • CVE-2019-3725May 15, 2019
    risk 0.01cvss epss 0.03

    RSA Netwitness Platform versions prior to 11.2.1.1 and RSA Security Analytics versions prior to 10.6.6.1 are vulnerable to a Command Injection vulnerability due to missing input validation in the product. A remote unauthenticated malicious user could exploit this vulnerability…

  • CVE-2017-8023Apr 1, 2019
    risk 0.01cvss epss 0.06

    EMC NetWorker may potentially be vulnerable to an unauthenticated remote code execution vulnerability in the Networker Client execution service (nsrexecd) when oldauth authentication method is used. An unauthenticated remote attacker could send arbitrary commands via RPC service…

  • CVE-2015-0538May 7, 2015
    risk 0.01cvss epss 0.07

    ftagent.exe in EMC AutoStart 5.4.x and 5.5.x before 5.5.0.508 HF4 allows remote attackers to execute arbitrary commands via crafted packets.

  • CVE-2011-2738Sep 19, 2011
    risk 0.01cvss epss 0.11

    Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used in Unified Operations Manager before 8.6 and CiscoWorks LAN Management Solution 3.x and 4.x before 4.1; and multiple EMC Ionix products including Application Connectivity Monitor (Ionix…

  • CVE-2011-1741Jul 19, 2011
    risk 0.01cvss epss 0.08

    Stack-based buffer overflow in ftserver.exe in the OpenText Hummingbird Client Connector, as used in the Indexing Server in EMC Documentum eRoom 7.x before 7.4.3.f and other products, allows remote attackers to execute arbitrary code by sending a crafted message over TCP.

  • CVE-2008-3685Oct 22, 2009
    risk 0.01cvss epss 0.13

    Directory traversal vulnerability in aws_tmxn.exe in the Admin Agent service in the server in EMC Documentum ApplicationXtender Workflow, possibly 5.40 SP1 and earlier, allows remote attackers to upload arbitrary files, and execute arbitrary code, via directory traversal…

  • CVE-2008-5419Dec 10, 2008
    risk 0.01cvss epss 0.08

    Stack-based buffer overflow in SAN Manager Master Agent service (aka msragent.exe) in EMC Control Center 5.2 SP5 and 6.0 allows remote attackers to execute arbitrary code via multiple SST_CTGTRANS requests.

  • CVE-2007-0062Sep 21, 2007
    risk 0.01cvss epss 0.08

    Integer overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before 3.1.1; and the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build…

  • CVE-2007-0061Sep 21, 2007
    risk 0.01cvss epss 0.07

    The DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows…

  • CVE-2007-3618Aug 21, 2007
    risk 0.01cvss epss 0.07

    Stack-based buffer overflow in the NetWorker Remote Exec Service (nsrexecd.exe) in EMC Software NetWorker 7.x.x allows remote attackers to execute arbitrary code via a (1) poll or (2) kill request with a "long invalid subcmd."

  • CVE-2006-2391May 16, 2006
    risk 0.01cvss epss 0.08

    Buffer overflow in EMC Retrospect Client 5.1 through 7.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet to port 497.

  • CVE-2025-21120Aug 4, 2025
    risk 0.00cvss epss 0.00

    Dell Avamar, versions prior to 19.10 SP1 with patch 338904, contains a Trusting HTTP Permission Methods on the Server-Side vulnerability in Security. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.

  • CVE-2025-21105Feb 20, 2025
    risk 0.00cvss epss 0.00

    Dell RecoverPoint for Virtual Machines 6.0.X contains a command execution vulnerability. A Low privileged malicious user with local access could potentially exploit this vulnerability by running the specific binary and perform any administrative action permitted by it resulting…

  • CVE-2025-21106Feb 20, 2025
    risk 0.00cvss epss 0.00

    Dell Recover Point for Virtual Machines 6.0.X contains a Weak file system permission vulnerability. A low privileged Local attacker could potentially exploit this vulnerability, leading to impacting only non-sensitive resources in the system.

  • CVE-2025-21117Feb 5, 2025
    risk 0.00cvss epss 0.00

    Dell Avamar, version 19.4 or later, contains an access token reuse vulnerability in the AUI. A low privileged local attacker could potentially exploit this vulnerability, leading to fully impersonating the user.

  • CVE-2024-47984Dec 13, 2024
    risk 0.00cvss epss 0.00

    Dell RecoverPoint for Virtual Machines 6.0.x contains Denial of Service vulnerability. A User with Remote access could potentially exploit this vulnerability, leading to the disruption of most functionalities of the RPA persistent after reboot, resulting in need of technical…

  • CVE-2024-24902Dec 13, 2024
    risk 0.00cvss epss 0.00

    Dell RecoverPoint for Virtual Machines 6.0.x contains an Improper access control vulnerability. A low privileged local attacker could potentially exploit this vulnerability leading to gaining access to unauthorized data for a limited time.

  • CVE-2024-38488Dec 13, 2024
    risk 0.00cvss epss 0.00

    Dell RecoverPoint for Virtual Machines 6.0.x contains a vulnerability. An improper Restriction of Excessive Authentication vulnerability where a Network attacker could potentially exploit this vulnerability, leading to a brute force attack or a dictionary attack against the…

  • CVE-2024-48007Dec 13, 2024
    risk 0.00cvss epss 0.00

    Dell RecoverPoint for Virtual Machines 6.0.x contains use of hard-coded credentials vulnerability. A Remote unauthenticated attacker could potentially exploit this vulnerability by gaining access to the source code, easily retrieving these secrets and reusing them to access the…

  • CVE-2024-48008Dec 13, 2024
    risk 0.00cvss epss 0.01

    Dell RecoverPoint for Virtual Machines 6.0.x contains a OS Command Injection vulnerability. An Low privileged remote attacker could potentially exploit this vulnerability leading to information disclosure ,allowing of unintended actions like reading files that may contain…

  • CVE-2024-22461Dec 13, 2024
    risk 0.00cvss epss 0.01

    Dell RecoverPoint for Virtual Machines 6.0.x contains an OS Command injection vulnerability. A low privileged remote attacker could potentially exploit this vulnerability by running any command as root, leading to gaining of root-level access and compromise of complete system.

  • CVE-2024-47977Dec 10, 2024
    risk 0.00cvss epss 0.01

    Dell Avamar, versions prior to 19.12 with patch 338905, excluding 19.10 and 19.10SP1 with patch 338869, contains an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with remote access could potentially…

  • CVE-2024-47484Dec 10, 2024
    risk 0.00cvss epss 0.01

    Dell Avamar, versions prior to 19.12 with patch 338905, excluding 19.10 and 19.10SP1 with patch 338869, contains an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. An unauthenticated attacker with remote access could…

  • CVE-2024-52538Dec 10, 2024
    risk 0.00cvss epss 0.00

    Dell Avamar, versions prior to 19.12 with patch 338905, excluding 19.10 and 19.10SP1 with patch 338869, contains an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with remote access could potentially…

  • CVE-2024-26309Mar 8, 2024
    risk 0.00cvss epss 0.01

    Archer Platform 6.x before 6.14 P2 HF2 (6.14.0.2.2) contains a sensitive information disclosure vulnerability. An unauthenticated attacker could potentially obtain access to sensitive information via an internal URL.

  • CVE-2024-26311Feb 21, 2024
    risk 0.00cvss epss 0.01

    Archer Platform 6.x before 6.14 P2 HF1 (6.14.0.2.1) contains a reflected XSS vulnerability. A remote authenticated malicious Archer user could potentially exploit this by tricking a victim application user into supplying malicious JavaScript code to the vulnerable web…

  • CVE-2024-22426Feb 16, 2024
    risk 0.00cvss epss 0.01

    Dell RecoverPoint for Virtual Machines 5.3.x, 6.0.SP1 contains an OS Command injection vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to execute arbitrary operating system commands, which will get executed in the context…

  • CVE-2024-22425Feb 16, 2024
    risk 0.00cvss epss 0.00

    Dell RecoverPoint for Virtual Machines 5.3.x, 6.0.SP1 contains a brute force/dictionary attack vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to launch a brute force attack or a dictionary attack against the RecoverPoint…

  • CVE-2024-22432Jan 25, 2024
    risk 0.00cvss epss 0.00

    Networker 19.9 and all prior versions contains a Plain-text Password stored in temporary config file during backup duration in NMDA MySQL Database backups. User has low privilege access to Networker Client system could potentially exploit this vulnerability, leading to the…

  • CVE-2023-28053Dec 18, 2023
    risk 0.00cvss epss 0.00

    Dell NetWorker Virtual Edition versions 19.8 and below contain the use of deprecated cryptographic algorithms in the SSH component. A remote unauthenticated attacker could potentially exploit this vulnerability leading to some information disclosure.

  • CVE-2023-36628Oct 2, 2023
    risk 0.00cvss epss 0.00

    A flaw exists in VASA which allows users with access to a vSphere/ESXi VMware admin on a FlashArray to gain root access through privilege escalation.

  • CVE-2023-31131May 15, 2023
    risk 0.00cvss epss 0.01

    Greenplum Database (GPDB) is an open source data warehouse based on PostgreSQL. In versions prior to 6.22.3 Greenplum Database used an unsafe methods to extract tar files within GPPKGs. greenplum-db is vulnerable to path traversal leading to arbitrary file writes. An attacker…

  • CVE-2022-34451Feb 10, 2023
    risk 0.00cvss epss 0.00

    PowerPath Management Appliance with versions 3.3 & 3.2*, 3.1 & 3.0* contains a Stored Cross-site Scripting Vulnerability. An authenticated admin user could potentially exploit this vulnerability, to hijack user sessions or trick a victim application user into unknowingly send…

  • CVE-2022-34450Feb 10, 2023
    risk 0.00cvss epss 0.00

    PowerPath Management Appliance with version 3.3 contains Privilege Escalation vulnerability. An authenticated admin user could potentially exploit this issue and gain unrestricted control/code execution on the system as root.

Page 5 of 12