Filtered by vendor Flexense
Subscribe
Total
28 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-15664 | 1 Flexense | 1 Syncbreeze | 2018-02-01 | 5.0 MEDIUM | 7.5 HIGH |
| In Flexense Sync Breeze Enterprise v10.1.16, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVER_GET_INFO packet sent to control port 9121. | |||||
| CVE-2017-15662 | 1 Flexense | 1 Vx Search | 2018-02-01 | 5.0 MEDIUM | 7.5 HIGH |
| In Flexense VX Search Enterprise v10.1.12, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVER_GET_INFO packet sent to control port 9123. | |||||
| CVE-2017-15665 | 1 Flexense | 1 Diskboss | 2018-02-01 | 5.0 MEDIUM | 7.5 HIGH |
| In Flexense DiskBoss Enterprise 8.5.12, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVER_GET_INFO packet sent to control port 8094. | |||||
| CVE-2017-17088 | 1 Flexense | 1 Syncbreeze | 2018-01-04 | 5.0 MEDIUM | 7.5 HIGH |
| The Enterprise version of SyncBreeze 10.2.12 and earlier is affected by a Remote Denial of Service vulnerability. The web server does not check bounds when reading server requests in the Host header on making a connection, resulting in a classic Buffer Overflow that causes a Denial of Service. | |||||
| CVE-2017-17099 | 1 Flexense | 1 Syncbreeze | 2017-12-20 | 7.2 HIGH | 7.8 HIGH |
| There exists an unauthenticated SEH based Buffer Overflow vulnerability in the HTTP server of Flexense SyncBreeze Enterprise v10.1.16. When sending a GET request with an excessive length, it is possible for a malicious user to overwrite the SEH record and execute a payload that would run under the Windows SYSTEM account. | |||||
| CVE-2017-15220 | 1 Flexense | 1 Vx Search | 2017-10-26 | 7.5 HIGH | 9.8 CRITICAL |
| Flexense VX Search Enterprise 10.1.12 is vulnerable to a buffer overflow via an empty POST request to a long URI beginning with a /../ substring. This allows remote attackers to execute arbitrary code. | |||||
| CVE-2017-14980 | 1 Flexense | 1 Syncbreeze | 2017-10-20 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer overflow in Sync Breeze Enterprise 10.0.28 allows remote attackers to have unspecified impact via a long username parameter to /login. | |||||
| CVE-2017-6416 | 1 Flexense | 1 Sysgauge | 2017-03-07 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in SysGauge 1.5.18. A buffer overflow vulnerability in SMTP connection verification leads to arbitrary code execution. The attack vector is a crafted SMTP daemon that sends a long 220 (aka "Service ready") string. | |||||