Untrusted search path vulnerability in EMC RSA SecurID Software Token 4.1 before 4.1.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a Software Token...
6.5AI Score
0.001EPSS
RSA enVision 4.x before 4 SP4 P3 places cleartext administrative credentials in Task Escalation e-mail messages, which allows remote attackers to obtain sensitive information by sniffing the network or leveraging access to a recipient...
6.4AI Score
0.002EPSS
RSA enVision 3.x and 4.x before 4 SP4 P3 allows remote attackers to read arbitrary files via unspecified vectors, related to an "arbitrary file retrieval...
7AI Score
0.003EPSS
Unspecified vulnerability in EMC RSA Access Manager Server 5.5.x, 6.0.x, and 6.1.x allows remote attackers to access resources via unknown...
6.8AI Score
0.017EPSS
Cross-site scripting (XSS) vulnerability in an unspecified Shockwave Flash file in RSA Adaptive Authentication 2.x and 5.7.x allows remote attackers to inject arbitrary web script or HTML via unknown...
6AI Score
0.003EPSS
RSA Authentication Client 2.0.x, 3.0, and 3.5.x before 3.5.3 does not properly handle a SENSITIVE or NON-EXTRACTABLE tag on a secret key object that is stored on a SecurID 800 authenticator, which allows local users to bypass intended access restrictions and read keys via unspecified PKCS#11 API...
6.3AI Score
0.0004EPSS
Directory traversal vulnerability in RSA Authentication Agent 7.0 before P2 for Web allows remote attackers to read unspecified data via unknown...
6.8AI Score
0.004EPSS
RSA enVision before 3.7 SP1 allows remote authenticated users to cause a denial of service via unspecified...
6.3AI Score
0.002EPSS
Open redirect vulnerability in RSA Federated Identity Manager 4.0 before 4.0.25 and 4.1 before 4.1.26 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unknown...
6.9AI Score
0.006EPSS
RSA EnVision 3.5.0, 3.5.1, 3.5.2, and 3.7.0 does not properly restrict access to unspecified user profile functionality, which allows remote attackers to obtain the administrator password hash and conduct brute force guessing...
7AI Score
0.006EPSS
Open redirect vulnerability in WebID/IISWebAgentIF.dll in RSA Authentication Agent 5.3.0.258 for Web for IIS, when accessed via certain browsers such as Mozilla Firefox, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via an ftp URL in the url...
6.8AI Score
0.004EPSS
Cross-site scripting (XSS) vulnerability in WebID/IISWebAgentIF.dll in RSA Authentication Agent 5.3.0.258, and other versions before 5.3.3.378, allows remote attackers to inject arbitrary web script or HTML via a URL-encoded postdata parameter. NOTE: this is different than CVE-2005-1118, but it...
5.5AI Score
0.006EPSS
Incomplete blacklist vulnerability in IISWebAgentIF.dll in the WebID RSA Authentication Agent 5.3, and possibly earlier, allows remote attackers to conduct cross-site scripting (XSS) attacks via the postdata parameter, due to an incomplete fix for...
5.8AI Score
0.006EPSS
Multiple cross-site scripting (XSS) vulnerabilities in (1) Request-spk.xuda and (2) Add-msie-request.xuda in RSA KEON Registration Authority Web Interface 1.0 allow remote attackers to inject arbitrary web script or HTML via unspecified...
5.8AI Score
0.013EPSS
Cross-site scripting (XSS) vulnerability in the logon page in RSA EnVision 3.3.6 Build 0115 allows remote attackers to inject arbitrary web script or HTML via the username...
5.7AI Score
0.006EPSS
Heap-based buffer overflow in _mprosrv.exe in Progress Software Progress 9.1E and OpenEdge 10.1x, as used by the RSA Authentication Manager 6.0 and 6.1, SecurID Appliance 2.0, ACE/Server 5.2, and possibly other products, allows remote attackers to execute arbitrary code via crafted packets. NOTE:.....
8.1AI Score
0.126EPSS
RSA Keon Certificate Authority (KeonCA) Manager 6.5.1 and 6.6 allows privileged local users to hide malicious Certificate Authority (CA) activities by modifying CA auditor logs without detection by (1) modifying or deleting a and its signature from the XML log in a way that is not detected by the.....
6.6AI Score
0.0004EPSS
Stack-based buffer overflow in IISWebAgentIF.dll in RSA Authentication Agent for Web (aka SecurID Web Agent) 5.2 and 5.3 for IIS allows remote attackers to execute arbitrary code via a long url parameter in the Redirect...
8AI Score
0.371EPSS
Cross-site scripting (XSS) vulnerability in RSA Authentication Agent for Web 5.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the image parameter in a GetPic...
5.8AI Score
0.01EPSS
Heap-based buffer overflow in RSA SecurID Web Agent 5, 5.2, and 5.3 allows remote attackers to execute arbitrary code via crafted chunked-encoding...
8AI Score
0.666EPSS
Directory traversal vulnerability in WebID in RSA Security SecurID 5.0 as used by ACE/Agent for Windows, Windows NT and Windows 2000 allows attackers to access restricted resources via URL-encoded (1) /.. or (2) .....
7AI Score
0.004EPSS
WebID in RSA Security SecurID 5.0 as used by ACE/Agent for Windows, Windows NT and Windows 2000 allows attackers to cause the WebID agent to enter debug mode via a URL containing null characters, which may allow attackers to obtain sensitive...
6.7AI Score
0.003EPSS
Cross-site scripting (XSS) vulnerability in IISWebAgentIF.dll in the RSA Authentication Agent for Web 5.2 allows remote attackers to inject arbitrary web script or HTML via the postdata...
5.6AI Score
0.006EPSS
Cross-site scripting (XSS) vulnerability in the secure redirect function of RSA ACE/Agent 5.0 for Windows, and 5.x for Web, allows remote attackers to insert arbitrary web script and possibly cause users to enter a passphrase via a GET request containing the...
6AI Score
0.002EPSS
An interaction between Microsoft Outlook Web Access (OWA) with RSA SecurID allows local users to bypass the SecurID authentication for a previous user via several submissions of an OWA Authentication request with the proper OWA password for the previous user, which is eventually accepted by...
7.1AI Score
0.043EPSS
Buffer overflow in RSAREF2 via the encryption and decryption functions in the RSAREF...
6.9AI Score
0.005EPSS