Vulnerabilities > RSA
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-03-06 | CVE-2012-0397 | Buffer Errors vulnerability in RSA Securid Software Token Converter 2.6 Buffer overflow in EMC RSA SecurID Software Token Converter before 2.6.1 allows remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors. | 7.6 |
| 2012-01-27 | CVE-2011-4143 | Information Exposure vulnerability in RSA Envision 4.0/4.1 EMC RSA enVision 4.0 before SP4 P5 and 4.1 before P3 allows remote attackers to obtain sensitive information about environment variables in the web system via unspecified vectors. | 5.0 |
| 2011-12-17 | CVE-2011-4141 | Unspecified vulnerability in RSA Securid 4.1/4.1.0.545 Untrusted search path vulnerability in EMC RSA SecurID Software Token 4.1 before 4.1.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a Software Token file. | 9.3 |
| 2011-08-25 | CVE-2011-2737 | Information Exposure vulnerability in RSA Envision RSA enVision 3.x and 4.x before 4 SP4 P3 allows remote attackers to read arbitrary files via unspecified vectors, related to an "arbitrary file retrieval vulnerability." | 5.0 |
| 2011-08-25 | CVE-2011-2736 | Cryptographic Issues vulnerability in RSA Envision 4.0 RSA enVision 4.x before 4 SP4 P3 places cleartext administrative credentials in Task Escalation e-mail messages, which allows remote attackers to obtain sensitive information by sniffing the network or leveraging access to a recipient mailbox. | 5.0 |
| 2011-03-16 | CVE-2011-0322 | Security Bypass vulnerability in RSA Access Manager Server Unspecified vulnerability in EMC RSA Access Manager Server 5.5.x, 6.0.x, and 6.1.x allows remote attackers to access resources via unknown vectors. | 7.5 |
| 2010-11-26 | CVE-2008-7266 | Cross-Site Scripting vulnerability in RSA Adaptive Authentication Cross-site scripting (XSS) vulnerability in an unspecified Shockwave Flash file in RSA Adaptive Authentication 2.x and 5.7.x allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | 4.3 |
| 2010-10-07 | CVE-2010-3321 | Permissions, Privileges, and Access Controls vulnerability in RSA Authentication Client 2.0/3.0/3.5.1 RSA Authentication Client 2.0.x, 3.0, and 3.5.x before 3.5.3 does not properly handle a SENSITIVE or NON-EXTRACTABLE tag on a secret key object that is stored on a SecurID 800 authenticator, which allows local users to bypass intended access restrictions and read keys via unspecified PKCS#11 API requests. | 1.5 |
| 2010-09-24 | CVE-2010-3261 | Path Traversal vulnerability in RSA Authentication Agent FOR web Directory traversal vulnerability in RSA Authentication Agent 7.0 before P2 for Web allows remote attackers to read unspecified data via unknown vectors. | 5.0 |
| 2010-09-09 | CVE-2010-3018 | Information Exposure vulnerability in RSA Access Manager Server 5.5.3/6.0.4/6.1 RSA Access Manager Server 5.5.3 before 5.5.3.172, 6.0.4 before 6.0.4.53, and 6.1 before 6.1.2.01 does not properly perform cache updates, which allows remote attackers to obtain sensitive information via unspecified vectors. | 4.3 |