Vx Search Security Vulnerabilities and Issues — Vx Search CVE List

FlexenseVx Search

7 matches found

CVE•added 2018/01/10 6:0 p.m.•64 views

CVE-2017-15662

CVE-2017-15662 affects Flexense VX Search Enterprise v10.1.12. The vulnerability is a denial-of-service in the product’s Control Protocol, triggered by sending a crafted SERVER_GET_INFO packet to port 9123. Public details describe the attack vector and a DoS outcome, with sources pointing to a se...

7.5CVSS7.3AI score0.18429EPSS

CVE•added 2017/10/11 1:0 p.m.•63 views

CVE-2017-15220

Flexense VX Search Enterprise 10.1.12 is affected by a buffer overflow when processing an empty POST request to a long URI starting with /../, enabling remote code execution as described in CVE-2017-15220. Multiple sources (NVD entry, CNVD entry, and exploit listings) corroborate a remote overflo...

9.8CVSS9.9AI score0.12375EPSS

CVE•added 2024/05/24 12:40 p.m.•55 views

CVE-2023-49575

CVE-2023-49575 affects VX Search Enterprise (v10.2.14) and related Flexense products (Sync Breeze Enterprise Server 10.4.18, Disk Pulse Enterprise 10.4.18). A persistent XSS vulnerability exists via the /setup_smtp API endpoints, specifically in smtp_server, smtp_user, smtp_password, and smtp_ema...

7.1CVSS6.3AI score0.0011EPSS

CVE•added 2024/05/24 12:39 p.m.•52 views

CVE-2023-49572

CVE-2023-49572 corresponds to a persistent XSS vulnerability in VX Search Enterprise (v10.2.14) and Disk Pulse Enterprise (v10.4.18) exploitable via /setup_odbc parameters odbc_data_source, odbc_user and odbc_password. The issue allows an attacker to store and trigger malicious JavaScript payload...

7.1CVSS6.3AI score0.0011EPSS

CVE•added 2024/05/24 12:40 p.m.•50 views

CVE-2023-49574

VX Search Enterprise 10.2.14 is affected by a persistent XSS vulnerability affecting the /add_job API (job_name / add job parameter). Attackers could store malicious JavaScript payloads that execute when the page loads. Public sources confirm the vulnerability impact but do not provide exploitati...

7.1CVSS6.7AI score0.00106EPSS

CVE•added 2024/05/24 12:39 p.m.•49 views

CVE-2023-49573

VX Search Enterprise 10.2.14 is affected by a persistent XSS in the API endpoint exposed via the /add_command_action (action_value) field. The issue allows storing malicious JavaScript payloads that execute when the page loads. The connected PT-2024-13752 entry corroborates an XSS via the /add co...

7.1CVSS6.7AI score0.00106EPSS

CVE•added 2018/05/02 9:0 p.m.•36 views

CVE-2018-10567

Flexense VX Search Enterprise is affected by a Cross-Site Scripting (XSS) vulnerability in versions 10.1.12 through 10.7. The CVE details indicate the issue exists in this product line, and multiple connected sources corroborate the same affected version range. The precise root cause is not descr...

6.1CVSS5.9AI score0.0024EPSS