Buffer overflow in the web server service in VX Search Enterprise 10.0.14 allows remote attackers to execute arbitrary code via a crafted GET request.
9.8CVSS
9.6AI Score
0.047EPSS
Flexense VX Search Enterprise 10.1.12 is vulnerable to a buffer overflow via an empty POST request to a long URI beginning with a /../ substring. This allows remote attackers to execute arbitrary code.
9.8CVSS
9.9AI Score
0.071EPSS
In Flexense VX Search Enterprise v10.1.12, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVER_GET_INFO packet sent to control port 9123.
7.5CVSS
7.3AI Score
0.014EPSS
6.1CVSS
5.9AI Score
0.001EPSS
VX Search v13.8 and v14.7 was discovered to contain an unquoted service path vulnerability which allows attackers to execute arbitrary commands at elevated privileges via a crafted executable file.
7.8CVSS
8.5AI Score
0.0004EPSS