Filtered by vendor Advantech
Subscriptions
Filtered by product Webaccess
Subscriptions
Total
103 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-0853 | 1 Advantech | 1 Webaccess | 2025-04-12 | N/A |
| Advantech WebAccess before 8.1 allows remote attackers to obtain sensitive information via crafted input. | ||||
| CVE-2016-0852 | 1 Advantech | 1 Webaccess | 2025-04-12 | N/A |
| Advantech WebAccess before 8.1 allows remote attackers to bypass an intended administrative requirement and obtain file or folder access via unspecified vectors. | ||||
| CVE-2016-0851 | 1 Advantech | 1 Webaccess | 2025-04-12 | N/A |
| Advantech WebAccess before 8.1 allows remote attackers to cause a denial of service (out-of-bounds memory access) via unspecified vectors. | ||||
| CVE-2016-0857 | 1 Advantech | 1 Webaccess | 2025-04-12 | N/A |
| Multiple heap-based buffer overflows in Advantech WebAccess before 8.1 allow remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2015-6467 | 1 Advantech | 1 Webaccess | 2025-04-12 | N/A |
| Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code via vectors involving a browser plugin. | ||||
| CVE-2016-0856 | 1 Advantech | 1 Webaccess | 2025-04-12 | N/A |
| Multiple stack-based buffer overflows in Advantech WebAccess before 8.1 allow remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2015-3948 | 1 Advantech | 1 Webaccess | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in Advantech WebAccess before 8.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2015-3947 | 1 Advantech | 1 Webaccess | 2025-04-12 | N/A |
| SQL injection vulnerability in Advantech WebAccess before 8.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2016-0858 | 1 Advantech | 1 Webaccess | 2025-04-12 | N/A |
| Race condition in Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a crafted request. | ||||
| CVE-2016-4528 | 1 Advantech | 1 Webaccess | 2025-04-12 | N/A |
| Buffer overflow in Advantech WebAccess before 8.1_20160519 allows local users to cause a denial of service via a crafted DLL file. | ||||
| CVE-2015-3943 | 1 Advantech | 1 Webaccess | 2025-04-12 | N/A |
| Advantech WebAccess before 8.1 allows remote attackers to read sensitive cleartext information about e-mail project accounts via unspecified vectors. | ||||
| CVE-2015-3946 | 1 Advantech | 1 Webaccess | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Advantech WebAccess before 8.1 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | ||||
| CVE-2014-9202 | 1 Advantech | 1 Webaccess | 2025-04-12 | N/A |
| Multiple stack-based buffer overflows in an unspecified DLL file in Advantech WebAccess before 8.0_20150816 allow remote attackers to execute arbitrary code via a crafted file that triggers long string arguments to functions. | ||||
| CVE-2014-8388 | 1 Advantech | 1 Webaccess | 2025-04-12 | N/A |
| Stack-based buffer overflow in Advantech WebAccess, formerly BroadWin WebAccess, before 8.0 allows remote attackers to execute arbitrary code via a crafted ip_address parameter in an HTML document. | ||||
| CVE-2014-9208 | 1 Advantech | 1 Webaccess | 2025-04-12 | N/A |
| Multiple stack-based buffer overflows in unspecified DLL files in Advantech WebAccess before 8.0.1 allow remote attackers to execute arbitrary code via unknown vectors. | ||||
| CVE-2023-2866 | 1 Advantech | 1 Webaccess | 2025-01-16 | 7.3 High |
| If an attacker can trick an authenticated user into loading a maliciously crafted .zip file onto Advantech WebAccess version 8.4.5, a web shell could be used to give the attacker full control of the SCADA server. | ||||
| CVE-2023-4215 | 1 Advantech | 1 Webaccess | 2025-01-16 | 6.5 Medium |
| Advantech WebAccess version 9.1.3 contains an exposure of sensitive information to an unauthorized actor vulnerability that could leak user credentials. | ||||
| CVE-2021-38408 | 1 Advantech | 1 Webaccess | 2024-11-21 | 9.8 Critical |
| A stack-based buffer overflow vulnerability in Advantech WebAccess Versions 9.02 and prior caused by a lack of proper validation of the length of user-supplied data may allow remote code execution. | ||||
| CVE-2021-38389 | 1 Advantech | 1 Webaccess | 2024-11-21 | 9.8 Critical |
| Advantech WebAccess versions 9.02 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute code. | ||||
| CVE-2021-34540 | 1 Advantech | 1 Webaccess | 2024-11-21 | 6.1 Medium |
| Advantech WebAccess 8.4.2 and 8.4.4 allows XSS via the username column of the bwRoot.asp page of WADashboard. | ||||