Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2009-1119 | Multiple heap-based buffer overflows in EMC RepliStor 6.2 before SP5 and 6.3 before SP2 allow remote attackers to execute arbitrary code via a crafted message to (1) ctrlservice.exe or (2) rep_srv.exe, possibly related to an integer overflow. | 10.0 | 5.36% | 2009-04-15 | 2026-06-16 |
| CVE-2010-0620 | Directory traversal vulnerability in the SSL Service in EMC HomeBase Server 6.2.x before 6.2.3 and 6.3.x before 6.3.2 allows remote attackers to overwrite arbitrary files with any content, and consequently execute arbitrary code, via a .. (dot dot) in an unspecified parameter. | 9.3 | 19.48% | 2010-02-24 | 2026-06-16 |
| CVE-2010-1919 | Unspecified vulnerability in EMC Avamar 4.1.x and 5.0 before SP1 allows remote attackers to cause a denial of service (gsan service hang) by sending a crafted message using TCP. | 7.1 | 2.43% | 2010-05-28 | 2026-06-16 |
| CVE-2010-2337 | Open redirect vulnerability in RSA Federated Identity Manager 4.0 before 4.0.25 and 4.1 before 4.1.26 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unknown vectors. | 6.0 | 1.18% | 2010-07-28 | 2026-06-16 |
| CVE-2010-2633 | Unspecified vulnerability in EMC Disk Library (EDL) before 3.2.7, 3.3.x before 3.3.2 epatch 8, and 4.0.x before 4.0.1 epatch 4 allows remote attackers to cause a denial of service (communication-module crash) by sending a crafted message through TCP. | 7.8 | 1.98% | 2010-08-02 | 2026-06-16 |
| CVE-2010-2634 | RSA enVision before 3.7 SP1 allows remote authenticated users to cause a denial of service via unspecified vectors. | 4.0 | 0.89% | 2010-08-10 | 2026-06-16 |
| CVE-2010-3017 | Unspecified vulnerability in RSA Access Manager Agent 4.7.1 before 4.7.1.7, when RSA Adaptive Authentication Integration is enabled, allows remote attackers to bypass authentication and obtain sensitive information via unknown vectors. | 5.7 | 0.67% | 2010-09-09 | 2026-06-16 |
| CVE-2010-3018 | RSA Access Manager Server 5.5.3 before 5.5.3.172, 6.0.4 before 6.0.4.53, and 6.1 before 6.1.2.01 does not properly perform cache updates, which allows remote attackers to obtain sensitive information via unspecified vectors. | 4.3 | 0.98% | 2010-09-09 | 2026-06-16 |
| CVE-2010-3261 | Directory traversal vulnerability in RSA Authentication Agent 7.0 before P2 for Web allows remote attackers to read unspecified data via unknown vectors. | 5.0 | 1.63% | 2010-09-24 | 2026-06-16 |
| CVE-2010-3321 | RSA Authentication Client 2.0.x, 3.0, and 3.5.x before 3.5.3 does not properly handle a SENSITIVE or NON-EXTRACTABLE tag on a secret key object that is stored on a SecurID 800 authenticator, which allows local users to bypass intended access restrictions and read keys via unspecified PKCS#11 API requests. | 1.5 | 0.26% | 2010-10-07 | 2026-06-16 |
| CVE-2011-0321 | librpc.dll in nsrexecd in EMC NetWorker before 7.5 SP4, 7.5.3.x before 7.5.3.5, and 7.6.x before 7.6.1.2 does not properly mitigate the possibility of a spoofed localhost source IP address, which allows remote attackers to (1) register or (2) unregister RPC services, and consequently cause a denial of service or obtain sensitive information from interprocess communication, via crafted UDP packets containing service commands. | 6.4 | 2.60% | 2011-02-01 | 2026-06-16 |
| CVE-2011-0647 | The irccd.exe service in EMC Replication Manager Client before 5.3 and NetWorker Module for Microsoft Applications 2.1.x and 2.2.x allows remote attackers to execute arbitrary commands via the RunProgram function to TCP port 6542. | 10.0 | 63.68% | 2011-02-10 | 2026-06-16 |
| CVE-2011-0322 | Unspecified vulnerability in EMC RSA Access Manager Server 5.5.x, 6.0.x, and 6.1.x allows remote attackers to access resources via unknown vectors. | 7.5 | 1.66% | 2011-03-16 | 2026-06-16 |
| CVE-2011-0442 | The service utility in EMC Avamar 5.x before 5.0.4 uses cleartext to transmit event details in (1) service requests and (2) e-mail messages, which might allow remote attackers to obtain sensitive information by sniffing the network. | 3.5 | 1.06% | 2011-03-16 | 2026-06-16 |
| CVE-2011-0648 | Unspecified vulnerability in EMC Avamar before 5.0.4-30 allows remote authenticated users to gain privileges via unknown vectors. | 8.5 | 2.52% | 2011-03-16 | 2026-06-16 |
| CVE-2011-1420 | EMC Data Protection Advisor Collector 5.7 and 5.7.1 on Solaris SPARC platforms uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors. | 7.2 | 0.38% | 2011-03-28 | 2026-06-16 |
| CVE-2011-1421 | EMC NetWorker 7.5.x before 7.5.4.3 and 7.6.x before 7.6.1.5, when the client push feature is enabled, uses weak permissions for an unspecified file, which allows local users to gain privileges via unknown vectors. | 6.9 | 0.31% | 2011-04-22 | 2026-06-16 |
| CVE-2011-1422 | Cross-site scripting (XSS) vulnerability in an unspecified Shockwave Flash file in EMC RSA Adaptive Authentication On-Premise (AAOP) 2.x, 5.7.x, and 6.x allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | 4.3 | 1.27% | 2011-04-22 | 2026-06-16 |
| CVE-2011-1423 | Cross-site scripting (XSS) vulnerability in RSA Data Loss Prevention (DLP) Enterprise Manager 8.x before 8.5 SP1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 | 1.05% | 2011-05-04 | 2026-06-16 |
| CVE-2011-1424 | The default configuration of ExShortcut\Web.config in EMC SourceOne Email Management before 6.6 SP1, when the Mobile Services component is used, does not properly set the localOnly attribute of the trace element, which allows remote authenticated users to obtain sensitive information via ASP.NET Application Tracing. | 3.5 | 0.77% | 2011-05-24 | 2026-06-16 |