Flexense Sync Breeze Enterprise Server
12 CVEs affecting Flexense Sync Breeze Enterprise Server. Latest disclosed: 2026-01-28. Critical: 0, High: 6.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-59894 | High | 8.0 | 2026-01-28 | Cross-Site request forgery (CSRF) vulnerability in Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18. An authenticated user could cause… |
CVE-2025-59893 | High | 8.0 | 2026-01-28 | Cross-Site request forgery (CSRF) vulnerability in Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18. An authenticated user could cause… |
CVE-2025-59892 | High | 8.0 | 2026-01-28 | Cross-Site request forgery (CSRF) vulnerability in Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18. An authenticated user could cause… |
CVE-2025-59891 | High | 8.0 | 2026-01-28 | Cross-Site request forgery (CSRF) vulnerability in Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18. An authenticated user could cause… |
CVE-2025-59895 | High | 7.5 | 2026-01-28 | Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a remote denial-of-service (DoS) vulnerability in the configuration restore f… |
CVE-2023-49575 | High | 7.1 | 2024-05-24 | A vulnerability has been discovered in VX Search Enterprise affecting version 10.2.14, in Sync Breeze Enterprise Server 10.4.18 version, and in Disk Pulse Ente… |
CVE-2025-59900 | Medium | 5.4 | 2026-01-28 | Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a persistent authenticated Cross-Site Scripting (XSS) vulnerability. An attac… |
CVE-2025-59899 | Medium | 5.4 | 2026-01-28 | Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a persistent authenticated Cross-Site Scripting (XSS) vulnerability. An attac… |
CVE-2025-59898 | Medium | 5.4 | 2026-01-28 | Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a persistent authenticated Cross-Site Scripting (XSS) vulnerability. An attac… |
CVE-2025-59897 | Medium | 5.4 | 2026-01-28 | Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a persistent authenticated Cross-Site Scripting (XSS) vulnerability. An attac… |
CVE-2025-59896 | Medium | 5.4 | 2026-01-28 | Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a persistent authenticated Cross-Site Scripting (XSS) vulnerability. An attac… |
CVE-2025-59901 | | 2026-01-28 | Disk Pulse Enterprise v10.4.18 has an authenticated reflected XSS vulnerability in the '/monitor_directory?sid=' endpoint, caused by insufficient validation of… |