NVD や CVE、ほか複数の脅威フィードを束ね、RCE など高リスクな事象を深く追える一覧です。CVSS と EPSS を組み合わせ、Exploit 参照や PoC の有無から悪用しやすさを追跡します。ベンダー修正や緩和策の文脈とあわせて優先度を決め、対応サイクルを短く保ちつつ重要資産を守る支援をします。
Assigner(CNA/発行元):[email protected] この条件を外す
| CVE | 説明 | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|
| CVE-2009-1119 | Multiple heap-based buffer overflows in EMC RepliStor 6.2 before SP5 and 6.3 before SP2 allow remote attackers to execute arbitrary code via a crafted message to (1) ctrlservice.exe or (2) rep_srv.exe, possibly related to an integer overflow. | 10.0 | 5.36% | 2009-04-15 | 2026-06-16 |
| CVE-2009-1120 | EMC RepliStor Server Service before ESA-09-003 has a DoASOCommand Remote Code Execution Vulnerability. The flaw exists within the DoRcvRpcCall RPC function -exposed via the rep_srv.exe process- where the vulnerability is caused by an error when the rep_srv.exe handles a specially crafted packet sent by an unauthenticated attacker. | 9.8 | 7.41% | 2020-01-15 | 2026-06-16 |
| CVE-2010-0620 | Directory traversal vulnerability in the SSL Service in EMC HomeBase Server 6.2.x before 6.2.3 and 6.3.x before 6.3.2 allows remote attackers to overwrite arbitrary files with any content, and consequently execute arbitrary code, via a .. (dot dot) in an unspecified parameter. | 9.3 | 19.48% | 2010-02-24 | 2026-06-16 |
| CVE-2010-1919 | Unspecified vulnerability in EMC Avamar 4.1.x and 5.0 before SP1 allows remote attackers to cause a denial of service (gsan service hang) by sending a crafted message using TCP. | 7.1 | 2.43% | 2010-05-28 | 2026-06-16 |
| CVE-2010-2337 | Open redirect vulnerability in RSA Federated Identity Manager 4.0 before 4.0.25 and 4.1 before 4.1.26 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unknown vectors. | 6.0 | 1.18% | 2010-07-28 | 2026-06-16 |
| CVE-2010-2633 | Unspecified vulnerability in EMC Disk Library (EDL) before 3.2.7, 3.3.x before 3.3.2 epatch 8, and 4.0.x before 4.0.1 epatch 4 allows remote attackers to cause a denial of service (communication-module crash) by sending a crafted message through TCP. | 7.8 | 1.98% | 2010-08-02 | 2026-06-16 |
| CVE-2010-2634 | RSA enVision before 3.7 SP1 allows remote authenticated users to cause a denial of service via unspecified vectors. | 4.0 | 0.89% | 2010-08-10 | 2026-06-16 |
| CVE-2010-3017 | Unspecified vulnerability in RSA Access Manager Agent 4.7.1 before 4.7.1.7, when RSA Adaptive Authentication Integration is enabled, allows remote attackers to bypass authentication and obtain sensitive information via unknown vectors. | 5.7 | 0.67% | 2010-09-09 | 2026-06-16 |
| CVE-2010-3018 | RSA Access Manager Server 5.5.3 before 5.5.3.172, 6.0.4 before 6.0.4.53, and 6.1 before 6.1.2.01 does not properly perform cache updates, which allows remote attackers to obtain sensitive information via unspecified vectors. | 4.3 | 0.98% | 2010-09-09 | 2026-06-16 |
| CVE-2010-3261 | Directory traversal vulnerability in RSA Authentication Agent 7.0 before P2 for Web allows remote attackers to read unspecified data via unknown vectors. | 5.0 | 1.63% | 2010-09-24 | 2026-06-16 |
| CVE-2010-3321 | RSA Authentication Client 2.0.x, 3.0, and 3.5.x before 3.5.3 does not properly handle a SENSITIVE or NON-EXTRACTABLE tag on a secret key object that is stored on a SecurID 800 authenticator, which allows local users to bypass intended access restrictions and read keys via unspecified PKCS#11 API requests. | 1.5 | 0.26% | 2010-10-07 | 2026-06-16 |
| CVE-2011-0321 | librpc.dll in nsrexecd in EMC NetWorker before 7.5 SP4, 7.5.3.x before 7.5.3.5, and 7.6.x before 7.6.1.2 does not properly mitigate the possibility of a spoofed localhost source IP address, which allows remote attackers to (1) register or (2) unregister RPC services, and consequently cause a denial of service or obtain sensitive information from interprocess communication, via crafted UDP packets containing service commands. | 6.4 | 2.60% | 2011-02-01 | 2026-06-16 |
| CVE-2011-0322 | Unspecified vulnerability in EMC RSA Access Manager Server 5.5.x, 6.0.x, and 6.1.x allows remote attackers to access resources via unknown vectors. | 7.5 | 1.66% | 2011-03-16 | 2026-06-16 |
| CVE-2011-0442 | The service utility in EMC Avamar 5.x before 5.0.4 uses cleartext to transmit event details in (1) service requests and (2) e-mail messages, which might allow remote attackers to obtain sensitive information by sniffing the network. | 3.5 | 1.06% | 2011-03-16 | 2026-06-16 |
| CVE-2011-0647 | The irccd.exe service in EMC Replication Manager Client before 5.3 and NetWorker Module for Microsoft Applications 2.1.x and 2.2.x allows remote attackers to execute arbitrary commands via the RunProgram function to TCP port 6542. | 10.0 | 63.68% | 2011-02-10 | 2026-06-16 |
| CVE-2011-0648 | Unspecified vulnerability in EMC Avamar before 5.0.4-30 allows remote authenticated users to gain privileges via unknown vectors. | 8.5 | 2.52% | 2011-03-16 | 2026-06-16 |
| CVE-2011-1420 | EMC Data Protection Advisor Collector 5.7 and 5.7.1 on Solaris SPARC platforms uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors. | 7.2 | 0.38% | 2011-03-28 | 2026-06-16 |
| CVE-2011-1421 | EMC NetWorker 7.5.x before 7.5.4.3 and 7.6.x before 7.6.1.5, when the client push feature is enabled, uses weak permissions for an unspecified file, which allows local users to gain privileges via unknown vectors. | 6.9 | 0.31% | 2011-04-22 | 2026-06-16 |
| CVE-2011-1422 | Cross-site scripting (XSS) vulnerability in an unspecified Shockwave Flash file in EMC RSA Adaptive Authentication On-Premise (AAOP) 2.x, 5.7.x, and 6.x allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | 4.3 | 1.27% | 2011-04-22 | 2026-06-16 |
| CVE-2011-1423 | Cross-site scripting (XSS) vulnerability in RSA Data Loss Prevention (DLP) Enterprise Manager 8.x before 8.5 SP1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 | 1.05% | 2011-05-04 | 2026-06-16 |