Every CVE whose affected-product data names Flexense Syncbreeze, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (23)
CVE-2017-14980 — CVSS 9.8 (critical): Buffer overflow in Sync Breeze Enterprise 10.0.28 allows remote attackers to have unspecified impact via a long username parameter to…
CVE-2017-13696 — CVSS 9.8 (critical): A buffer overflow vulnerability lies in the web server component of Dup Scout Enterprise 9.9.14, Disk Savvy Enterprise 9.9.14, Sync Breeze…
CVE-2018-6537 — CVSS 9.8 (critical): A buffer overflow vulnerability in the control protocol of Flexense SyncBreeze Enterprise v10.4.18 allows remote attackers to execute…
CVE-2017-17996 — CVSS 8.8 (high): A buffer overflow vulnerability in "Add command" functionality exists in Flexense SyncBreeze Enterprise <= 10.3.14. The vulnerability can…
CVE-2025-59891 — CVSS 8.0 (high): Cross-Site request forgery (CSRF) vulnerability in Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18. An…
CVE-2025-59894 — CVSS 8.0 (high): Cross-Site request forgery (CSRF) vulnerability in Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18. An…
CVE-2025-59892 — CVSS 8.0 (high): Cross-Site request forgery (CSRF) vulnerability in Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18. An…
CVE-2025-59893 — CVSS 8.0 (high): Cross-Site request forgery (CSRF) vulnerability in Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18. An…
CVE-2017-15950 — CVSS 7.8 (high): Flexense SyncBreeze Enterprise version 10.1.16 is vulnerable to a buffer overflow that can be exploited for arbitrary code execution. The…
CVE-2017-17099 — CVSS 7.8 (high): There exists an unauthenticated SEH based Buffer Overflow vulnerability in the HTTP server of Flexense SyncBreeze Enterprise v10.1.16. When…
CVE-2020-37100 — CVSS 7.8 (high): Sync Breeze Enterprise 12.4.18 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code with…
CVE-2017-7310 — CVSS 7.8 (high): A buffer overflow vulnerability in Import Command in SyncBreeze before 10.6, DiskSorter before 10.6, DiskBoss before 8.9, DiskPulse before…
CVE-2020-36946 — CVSS 7.5 (high): SyncBreeze 10.0.28 contains a denial of service vulnerability in the login endpoint that allows remote attackers to crash the service…
CVE-2017-15664 — CVSS 7.5 (high): In Flexense Sync Breeze Enterprise v10.1.16, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a…
CVE-2017-17088 — CVSS 7.5 (high): The Enterprise version of SyncBreeze 10.2.12 and earlier is affected by a Remote Denial of Service vulnerability. The web server does not…
CVE-2018-8065 — CVSS 7.5 (high): An issue was discovered in the web server in Flexense SyncBreeze Enterprise 10.6.24. There is a user mode write access violation on the…
CVE-2025-59895 — CVSS 7.5 (high): Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a remote denial-of-service (DoS) vulnerability in the…
CVE-2018-10563 — CVSS 6.1 (medium): An XSS in Flexense SyncBreeze affects all versions (tested from SyncBreeze Enterprise from v10.1 to v10.7).
CVE-2025-59900 — CVSS 5.4 (medium): Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a persistent authenticated Cross-Site Scripting (XSS)…
CVE-2025-59896 — CVSS 5.4 (medium): Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a persistent authenticated Cross-Site Scripting (XSS)…
CVE-2025-59897 — CVSS 5.4 (medium): Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a persistent authenticated Cross-Site Scripting (XSS)…
CVE-2025-59898 — CVSS 5.4 (medium): Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a persistent authenticated Cross-Site Scripting (XSS)…
CVE-2025-59899 — CVSS 5.4 (medium): Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a persistent authenticated Cross-Site Scripting (XSS)…