Filtered by vendor Advantech
Subscriptions
Total
317 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-16900 | 1 Advantech | 1 Webaccess\/hmi Designer | 2024-11-21 | 7.5 High |
| Advantech WebAccess/HMI Designer 2.1.9.31 has a User Mode Write AV starting at MSVCR90!memcpy+0x000000000000015c. | ||||
| CVE-2019-16899 | 1 Advantech | 1 Webaccess\/hmi Designer | 2024-11-21 | 7.5 High |
| In Advantech WebAccess/HMI Designer 2.1.9.31, Data from a Faulting Address controls Code Flow starting at PM_V3!CTagInfoThreadBase::GetNICInfo+0x0000000000512918. | ||||
| CVE-2019-13558 | 1 Advantech | 1 Webaccess | 2024-11-21 | 9.8 Critical |
| In WebAccess versions 8.4.1 and prior, an exploit executed over the network may cause improper control of generation of code, which may allow remote code execution, data exfiltration, or cause a system crash. | ||||
| CVE-2019-13556 | 1 Advantech | 1 Webaccess | 2024-11-21 | 8.8 High |
| In WebAccess versions 8.4.1 and prior, multiple stack-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution. | ||||
| CVE-2019-13552 | 1 Advantech | 1 Webaccess | 2024-11-21 | 8.8 High |
| In WebAccess versions 8.4.1 and prior, multiple command injection vulnerabilities are caused by a lack of proper validation of user-supplied data and may allow arbitrary file deletion and remote code execution. | ||||
| CVE-2019-13551 | 1 Advantech | 1 Wise-paas\/rmm | 2024-11-21 | 9.8 Critical |
| Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. Path traversal vulnerabilities are caused by a lack of proper validation of a user-supplied path prior to use in file operations. An attacker can leverage these vulnerabilities to remotely execute code while posing as an administrator. | ||||
| CVE-2019-13550 | 1 Advantech | 1 Webaccess | 2024-11-21 | 9.8 Critical |
| In WebAccess, versions 8.4.1 and prior, an improper authorization vulnerability may allow an attacker to disclose sensitive information, cause improper control of generation of code, which may allow remote code execution or cause a system crash. | ||||
| CVE-2019-13547 | 1 Advantech | 1 Wise-paas\/rmm | 2024-11-21 | 9.8 Critical |
| Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. There is an unsecured function that allows anyone who can access the IP address to use the function without authentication. | ||||
| CVE-2019-10993 | 1 Advantech | 1 Webaccess | 2024-11-21 | 9.8 Critical |
| In WebAccess/SCADA Versions 8.3.5 and prior, multiple untrusted pointer dereference vulnerabilities may allow a remote attacker to execute arbitrary code. | ||||
| CVE-2019-10991 | 1 Advantech | 1 Webaccess | 2024-11-21 | 9.8 Critical |
| In WebAccess/SCADA, Versions 8.3.5 and prior, multiple stack-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution. | ||||
| CVE-2019-10989 | 1 Advantech | 1 Webaccess | 2024-11-21 | 9.8 Critical |
| In WebAccess/SCADA Versions 8.3.5 and prior, multiple heap-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution. Note: A different vulnerability than CVE-2019-10991. | ||||
| CVE-2019-10987 | 1 Advantech | 1 Webaccess | 2024-11-21 | 8.8 High |
| In WebAccess/SCADA Versions 8.3.5 and prior, multiple out-of-bounds write vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution. | ||||
| CVE-2019-10985 | 1 Advantech | 1 Webaccess | 2024-11-21 | 9.1 Critical |
| In WebAccess/SCADA, Versions 8.3.5 and prior, a path traversal vulnerability is caused by a lack of proper validation of a user-supplied path prior to use in file operations. An attacker can leverage this vulnerability to delete files while posing as an administrator. | ||||
| CVE-2019-10983 | 1 Advantech | 1 Webaccess | 2024-11-21 | 7.5 High |
| In WebAccess/SCADA Versions 8.3.5 and prior, an out-of-bounds read vulnerability is caused by a lack of proper validation of user-supplied data. Exploitation of this vulnerability may allow disclosure of information. | ||||
| CVE-2019-10961 | 1 Advantech | 1 Webaccess Hmi Designer | 2024-11-21 | 8.8 High |
| In Advantech WebAccess HMI Designer Version 2.1.9.23 and prior, processing specially crafted MCR files lacking proper validation of user supplied data may cause the system to write outside the intended buffer area, allowing remote code execution. | ||||
| CVE-2018-8845 | 1 Advantech | 4 Webaccess, Webaccess\/nms, Webaccess Dashboard and 1 more | 2024-11-21 | 9.8 Critical |
| In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, a heap-based buffer overflow vulnerability has been identified, which may allow an attacker to execute arbitrary code. | ||||
| CVE-2018-8841 | 1 Advantech | 4 Webaccess, Webaccess\/nms, Webaccess Dashboard and 1 more | 2024-11-21 | N/A |
| In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, an improper privilege management vulnerability may allow an authenticated user to modify files when read access should only be given to the user. | ||||
| CVE-2018-8837 | 1 Advantech | 1 Webaccess Hmi Designer | 2024-11-21 | N/A |
| Processing specially crafted .pm3 files in Advantech WebAccess HMI Designer 2.1.7.32 and prior may cause the system to write outside the intended buffer area and may allow remote code execution. | ||||
| CVE-2018-8835 | 1 Advantech | 1 Webaccess Hmi Designer | 2024-11-21 | N/A |
| Double free vulnerabilities in Advantech WebAccess HMI Designer 2.1.7.32 and prior caused by processing specially crafted .pm3 files may allow remote code execution. | ||||
| CVE-2018-8833 | 1 Advantech | 1 Webaccess Hmi Designer | 2024-11-21 | 7.8 High |
| Heap-based buffer overflow vulnerabilities in Advantech WebAccess HMI Designer 2.1.7.32 and prior caused by processing specially crafted .pm3 files may allow remote code execution. | ||||