24 matches found
Flexense DiskBoss Service code-related vulnerabilities
Flexense DiskBoss Service is a file storage analysis software developed by Flexense Corporation. Version 12.2.18 of Flexense DiskBoss Service contains a code vulnerability. This vulnerability stems from the binary path configuration, where service paths are defined without quotes, which may lead ...
EUVD-2018-2368
Malware in sbrugna...
EUVD-2018-17043
Malware in sbrugna...
EUVD-2017-7116
Malware in sbrugna...
Flexense DiskBoss Enterprise Buffer Overflow (CVE-2018-5262)
A stack buffer overflow vulnerability exists in the web server of DiskBoss Enterprise. The vulnerability is due to the way DiskBoss Enterprise handles bounds checking. A remote, authenticated attack can lead to a stack buffer overflow...
Flexense DiskBoss Enterprise Cross-Site Scripting Vulnerability
Flexense DiskBoss Enterprise is a rules-based automated data analysis and file management solution from Flexense Canada. The solution supports performing disk space analysis, file classification, file search, file synchronization and data migration. A cross-site scripting vulnerability exists in...
Flexense DiskBoss 9.1.16 Cross Site Scripting
Description: URL: l ocalhost/ Affected Component: /?n0ipr0csalert'XSS'n0ipr0cs=1 Vulnerability Type: Cross Site Scripting https://cwe.mitre.org/data/definitions/79.html Vendor of Product: Flexense-DiskBoss Version: v7.4.28 to v9.1.16 Attack Type: Remote Impact: This attack allows an attacker code...
Cross site scripting
Flexense DiskBoss Enterprise v7.4.28 to v9.1.16 has XSS...
CVE-2018-10294
Flexense DiskBoss Enterprise v7.4.28 to v9.1.16 has XSS...
CVE-2018-10294
Flexense DiskBoss Enterprise v7.4.28 to v9.1.16 has XSS...
CVE-2018-10294
Flexense DiskBoss Enterprise (versions 7.4.28–9.1.16) is affected by a cross-site scripting (XSS) vulnerability. The CVE entry CVE-2018-10294 is supported by multiple connected sources (CNVD-2018-09174, CVE records, and packetstorm disclosures) indicating a remote XSS in DiskBoss Enterprise. Impa...
CVE-2018-10294
Flexense DiskBoss Enterprise v7.4.28 to v9.1.16 has XSS...
Flexense DiskBoss Information Disclosure Vulnerability
Flexense DiskBoss is a rules-based automated data management solution from Flexense Canada. A security vulnerability exists in Flexense DiskBoss version 8.8.16 and earlier. An attacker could exploit the vulnerability to obtain sensitive information...
CVE-2018-5261
An issue was discovered in Flexense DiskBoss 8.8.16 and earlier. Due to the usage of plaintext information from the handshake as input for the encryption key used for the encryption of the rest of the session, the server and client disclose sensitive information, such as the authentication...
CVE-2018-5261
Flexense DiskBoss 8.8.16 and earlier has a vulnerability where plaintext data from the handshake is used as input for the encryption key for the rest of the session, allowing a man-in-the-middle to access sensitive information such as authentication credentials. Source reports include NVD and CNV...
CVE-2018-5261
An issue was discovered in Flexense DiskBoss 8.8.16 and earlier. Due to the usage of plaintext information from the handshake as input for the encryption key used for the encryption of the rest of the session, the server and client disclose sensitive information, such as the authentication...
CVE-2018-5262
A stack-based buffer overflow in Flexense DiskBoss 8.8.16 and earlier allows unauthenticated remote attackers to execute arbitrary code in the context of a highly privileged account...
CVE-2018-5262
DiskBoss Enterprise 8.8.16 and earlier contains a stack-based buffer overflow in the web server that allows a remote attacker to execute arbitrary code with high privileges. Public records (CVE-2018-5262) describe remote code execution via improper bounds checking; various sources cite exploit sa...
CVE-2017-15665
In Flexense DiskBoss Enterprise 8.5.12, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVERGETINFO packet sent to control port 8094...
CVE-2017-15665
In Flexense DiskBoss Enterprise 8.5.12, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVERGETINFO packet sent to control port 8094...