Vulnerabilities > Flexense > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-09 | CVE-2020-29659 | Classic Buffer Overflow vulnerability in Flexense Dupscout 10.0.18 A buffer overflow in the web server of Flexense DupScout Enterprise 10.0.18 allows a remote anonymous attacker to execute code as SYSTEM by overflowing the sid parameter via a GET /settings&sid= attack. | 9.8 |
| 2018-02-27 | CVE-2018-6481 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Flexense Disksavvy 10.4.18 A buffer overflow vulnerability in the control protocol of Disk Savvy Enterprise v10.4.18 allows remote attackers to execute arbitrary code by sending a crafted packet to TCP port 9124. | 9.8 |
| 2018-02-02 | CVE-2018-6537 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Flexense Syncbreeze 10.4.18 A buffer overflow vulnerability in the control protocol of Flexense SyncBreeze Enterprise v10.4.18 allows remote attackers to execute arbitrary code by sending a crafted packet to TCP port 9121. | 9.8 |
| 2018-01-24 | CVE-2017-13696 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Flexense products A buffer overflow vulnerability lies in the web server component of Dup Scout Enterprise 9.9.14, Disk Savvy Enterprise 9.9.14, Sync Breeze Enterprise 9.9.16, and Disk Pulse Enterprise 9.9.16 where an attacker can craft a malicious GET request and exploit the web server component. | 9.8 |
| 2018-01-12 | CVE-2018-5262 | Out-of-bounds Write vulnerability in Flexense Diskboss A stack-based buffer overflow in Flexense DiskBoss 8.8.16 and earlier allows unauthenticated remote attackers to execute arbitrary code in the context of a highly privileged account. | 9.8 |
| 2017-10-11 | CVE-2017-15220 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Flexense VX Search 10.1.12 Flexense VX Search Enterprise 10.1.12 is vulnerable to a buffer overflow via an empty POST request to a long URI beginning with a /../ substring. | 9.8 |
| 2017-10-10 | CVE-2017-14980 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Flexense Syncbreeze 10.0.28 Buffer overflow in Sync Breeze Enterprise 10.0.28 allows remote attackers to have unspecified impact via a long username parameter to /login. | 9.8 |
| 2017-03-06 | CVE-2017-6416 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Flexense Sysgauge 1.5.18 An issue was discovered in SysGauge 1.5.18. | 9.8 |