Skip to main content

Vx Search

6 CVEs product

Monthly

CVE-2018-25328 HIGH POC This Week

VX Search 10.6.18 contains a local buffer overflow vulnerability that allows attackers to overwrite the instruction pointer by supplying an oversized string in the directory field. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Vx Search
NVD Exploit-DB VulDB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2021-47974 HIGH POC This Week

VX Search 13.5.28 contains an unquoted service path vulnerability in both VX Search Server and VX Search Enterprise services that allows local attackers to escalate privileges. Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

RCE Vx Search
NVD Exploit-DB VulDB
CVSS 4.0
8.5
EPSS
0.0%
CVE-2023-24671 HIGH This Week

VX Search v13.8 and v14.7 was discovered to contain an unquoted service path vulnerability which allows attackers to execute arbitrary commands at elevated privileges via a crafted executable file. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Vx Search
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2018-10567 MEDIUM This Month

XSS exists in Flexense VX Search Enterprise from v10.1.12 to v10.7. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Vx Search
NVD
CVSS 3.0
6.1
EPSS
0.7%
CVE-2017-15220 CRITICAL POC THREAT Emergency

Flexense VX Search Enterprise 10.1.12 is vulnerable to a buffer overflow via an empty POST request to a long URI beginning with a /../ substring. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 12.4%.

Buffer Overflow RCE Vx Search
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
12.4%
CVE-2017-13708 CRITICAL POC THREAT Emergency

Buffer overflow in the web server service in VX Search Enterprise 10.0.14 allows remote attackers to execute arbitrary code via a crafted GET request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 70.7%.

Buffer Overflow RCE Vx Search
NVD
CVSS 3.0
9.8
EPSS
70.7%
Threat
5.6
EPSS 0% CVSS 8.6
HIGH POC This Week

VX Search 10.6.18 contains a local buffer overflow vulnerability that allows attackers to overwrite the instruction pointer by supplying an oversized string in the directory field. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Vx Search
NVD Exploit-DB VulDB
EPSS 0% CVSS 8.5
HIGH POC This Week

VX Search 13.5.28 contains an unquoted service path vulnerability in both VX Search Server and VX Search Enterprise services that allows local attackers to escalate privileges. Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

RCE Vx Search
NVD Exploit-DB VulDB
EPSS 0% CVSS 7.8
HIGH This Week

VX Search v13.8 and v14.7 was discovered to contain an unquoted service path vulnerability which allows attackers to execute arbitrary commands at elevated privileges via a crafted executable file. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Vx Search
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

XSS exists in Flexense VX Search Enterprise from v10.1.12 to v10.7. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Vx Search
NVD
EPSS 12% CVSS 9.8
CRITICAL POC THREAT Emergency

Flexense VX Search Enterprise 10.1.12 is vulnerable to a buffer overflow via an empty POST request to a long URI beginning with a /../ substring. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 12.4%.

Buffer Overflow RCE Vx Search
NVD Exploit-DB
EPSS 71% 5.6 CVSS 9.8
CRITICAL POC THREAT Emergency

Buffer overflow in the web server service in VX Search Enterprise 10.0.14 allows remote attackers to execute arbitrary code via a crafted GET request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 70.7%.

Buffer Overflow RCE Vx Search
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy