2 results (0.002 seconds)

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

VX Search v13.8 and v14.7 was discovered to contain an unquoted service path vulnerability which allows attackers to execute arbitrary commands at elevated privileges via a crafted executable file. • https://medium.com/%40SumitVerma101/windows-privilege-escalation-part-1-unquoted-service-path-c7a011a8d8ae https://packetstormsecurity.com/files/171300/VX-Search-13.8-Unquoted-Service-Path.html • CWE-428: Unquoted Search Path or Element •

CVSS: 9.8EPSS: 4%CPEs: 1EXPL: 1

Buffer overflow in the web server service in VX Search Enterprise 10.0.14 allows remote attackers to execute arbitrary code via a crafted GET request. Una vulnerabilidad de desbordamiento de búfer en el servicio del servidor web en VX Search Enterprise 10.0.14 permite que atacantes remotos ejecuten código arbitrario mediante una petición GET manipulada. • http://packetstormsecurity.com/files/143949/VX-Search-Enterprise-10.0.14-Buffer-Overflow.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •