VYPR
Vendor

Rsa

Products
39
CVEs
150
Across products
156
Status
Private

Products

39
View all 39 products →

Recent CVEs

150
View all 150 CVEs →
  • CVE-2020-37095CriFeb 7, 2026
    risk 0.64cvss 9.8epss 0.01

    Cyberoam Authentication Client 2.1.2.7 contains a buffer overflow vulnerability that allows remote attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) memory. Attackers can craft a malicious input in the 'Cyberoam Server Address' field to…

  • CVE-2018-11058CriSep 14, 2018
    risk 0.64cvss 9.8epss 0.04

    RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edition, version prior to 4.0.5.3 (in 4.0.x) contain a Buffer Over-Read vulnerability when parsing ASN.1 data. A remote attacker could use maliciously…

  • CVE-2017-14377CriNov 29, 2017
    risk 0.64cvss 9.8epss 0.03

    EMC RSA Authentication Agent for Web: Apache Web Server version 8.0 and RSA Authentication Agent for Web: Apache Web Server version 8.0.1 prior to Build 618 have a security vulnerability that could potentially lead to authentication bypass.

  • CVE-2018-11061CriAug 24, 2018
    risk 0.60cvss 9.1epss 0.05

    RSA NetWitness Platform versions prior to 11.1.0.2 and RSA Security Analytics versions prior to 10.6.6 are vulnerable to a server-side template injection vulnerability due to insecure configuration of the template engine used in the product. A remote authenticated malicious RSA…

  • CVE-2018-1245CriJul 13, 2018
    risk 0.59cvss 9.0epss 0.03

    RSA Identity Lifecycle and Governance versions 7.0.1, 7.0.2 and 7.1.0 contains an authorization bypass vulnerability within the workflow architect component (ACM). A remote authenticated malicious user with non-admin privileges could potentially bypass the Java Security…

  • CVE-2018-11060HigJul 24, 2018
    risk 0.57cvss 8.8epss 0.03

    RSA Archer, versions prior to 6.4.0.1, contain an authorization bypass vulnerability in the REST API. A remote authenticated malicious Archer user could potentially exploit this vulnerability to elevate their privileges.

  • CVE-2018-1252HigJun 5, 2018
    risk 0.57cvss 8.8epss 0.02

    RSA Web Threat Detection versions prior to 6.4, contain an SQL injection vulnerability in the Administration and Forensics applications. An authenticated malicious user with low privileges could potentially exploit this vulnerability to execute SQL commands on the back-end…

  • CVE-2014-4627HigNov 7, 2014
    risk 0.57cvss 8.8epss 0.02

    SQL injection vulnerability in EMC RSA Web Threat Detection 4.x before 4.6.1.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

  • CVE-2018-11059HigJul 24, 2018
    risk 0.53cvss 8.2epss 0.01

    RSA Archer, versions prior to 6.4.0.1, contain a stored cross-site scripting vulnerability. A remote authenticated malicious Archer user could potentially exploit this vulnerability to store malicious HTML or JavaScript code in a trusted application data store. When application…

  • CVE-2018-1247HigMay 8, 2018
    risk 0.51cvss 7.1epss 0.17

    RSA Authentication Manager Security Console, version 8.3 and earlier, contains a XML External Entity (XXE) vulnerability. This could potentially allow admin users to cause a denial of service or extract server data via injecting a maliciously crafted DTD in an XML file submitted…

  • CVE-2018-11054HigAug 31, 2018
    risk 0.49cvss 7.5epss 0.03

    RSA BSAFE Micro Edition Suite, version 4.1.6, contains an integer overflow vulnerability. A remote attacker could use maliciously constructed ASN.1 data to potentially cause a Denial Of Service.

  • CVE-2018-11051HigJul 3, 2018
    risk 0.49cvss 7.5epss 0.03

    RSA Certificate Manager Versions 6.9 build 560 through 6.9 build 564 contain a path traversal vulnerability in the RSA CMP Enroll Server and the RSA REST Enroll Server. A remote unauthenticated attacker could potentially exploit this vulnerability by manipulating input…

  • CVE-2018-1232HigMar 30, 2018
    risk 0.49cvss 7.5epss 0.03

    RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are impacted by a stack-based buffer overflow which may occur when handling certain malicious web cookies that have invalid formats. The attacker could exploit this vulnerability to…

  • CVE-2017-9758HigNov 10, 2017
    risk 0.48cvss 7.4epss 0.01

    Savitech driver packages for Windows silently install a self-signed certificate into the Trusted Root Certification Authorities store, aka "Inaudible Subversion."

  • CVE-2018-11049HigJul 11, 2018
    risk 0.47cvss 7.3epss 0.00

    RSA Identity Governance and Lifecycle, RSA Via Lifecycle and Governance, and RSA IMG releases have an uncontrolled search vulnerability. The installation scripts set an environment variable in an unintended manner. A local authenticated malicious user could trick the root user…

  • CVE-2017-8004HigJul 17, 2017
    risk 0.47cvss 7.2epss 0.02

    The EMC RSA Identity Governance and Lifecycle, RSA Via Lifecycle and Governance and RSA IMG products (RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2, all patch levels; RSA Via Lifecycle and Governance version 7.0, all patch levels; RSA Identity Management and…

  • CVE-2015-6851MedDec 23, 2015
    risk 0.44cvss 6.7epss 0.01

    EMC RSA SecurID Web Agent before 8.0 allows physically proximate attackers to bypass the privacy-screen protection mechanism by leveraging an unattended workstation and running DOM Inspector.

  • CVE-2018-11073MedSep 28, 2018
    risk 0.42cvss 6.5epss 0.01

    RSA Authentication Manager versions prior to 8.3 P3 contain a stored cross-site scripting vulnerability in the Operations Console. A malicious Operations Console administrator could exploit this vulnerability to store arbitrary HTML or JavaScript code through the web interface.…

  • CVE-2018-11056MedAug 31, 2018
    risk 0.42cvss 6.5epss 0.02

    RSA BSAFE Micro Edition Suite, prior to 4.1.6.1 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edition versions prior to 4.0.5.3 (in 4.0.x) contain an Uncontrolled Resource Consumption ('Resource Exhaustion') vulnerability when parsing ASN.1 data. A remote attacker could use…

  • CVE-2018-11074MedSep 28, 2018
    risk 0.40cvss 6.1epss 0.02

    RSA Authentication Manager versions prior to 8.3 P3 are affected by a DOM-based cross-site scripting vulnerability which exists in its embedded MadCap Flare Help files. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking a victim…