Filtered by vendor Advantech
Subscriptions
Total
370 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-12705 | 1 Advantech | 1 Webop | 2025-04-20 | N/A |
| A Heap-Based Buffer Overflow issue was discovered in Advantech WebOP. A maliciously crafted project file may be able to trigger a heap-based buffer overflow, which may crash the process and allow an attacker to execute arbitrary code. | ||||
| CVE-2017-14016 | 1 Advantech | 1 Webaccess | 2025-04-20 | N/A |
| A Stack-based Buffer Overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. The application lacks proper validation of the length of user-supplied data prior to copying it to a stack-based buffer, which could allow an attacker to execute arbitrary code under the context of the process. | ||||
| CVE-2017-12708 | 1 Advantech | 1 Webaccess | 2025-04-20 | N/A |
| An Improper Restriction Of Operations Within The Bounds Of A Memory Buffer issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Researchers have identified multiple vulnerabilities that allow invalid locations to be referenced for the memory buffer, which may allow an attacker to execute arbitrary code or cause the system to crash. | ||||
| CVE-2017-12702 | 1 Advantech | 1 Webaccess | 2025-04-20 | N/A |
| An Externally Controlled Format String issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. String format specifiers based on user provided input are not properly validated, which could allow an attacker to execute arbitrary code. | ||||
| CVE-2017-12717 | 1 Advantech | 1 Webaccess | 2025-04-20 | N/A |
| An Uncontrolled Search Path Element issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. A maliciously crafted dll file placed earlier in the search path may allow an attacker to execute code within the context of the application. | ||||
| CVE-2017-5152 | 1 Advantech | 1 Webaccess | 2025-04-20 | N/A |
| An issue was discovered in Advantech WebAccess Version 8.1. By accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access pages unrestricted (AUTHENTICATION BYPASS). | ||||
| CVE-2017-12713 | 1 Advantech | 1 Webaccess | 2025-04-20 | N/A |
| An Incorrect Permission Assignment for Critical Resource issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Multiple files and folders with ACLs that affect other users are allowed to be modified by non-administrator accounts. | ||||
| CVE-2017-12711 | 1 Advantech | 1 Webaccess | 2025-04-20 | N/A |
| An Incorrect Privilege Assignment issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. A built-in user account has been granted a sensitive privilege that may allow a user to elevate to administrative privileges. | ||||
| CVE-2022-2136 | 1 Advantech | 1 Iview | 2025-04-16 | 8.8 High |
| The affected product is vulnerable to multiple SQL injections that require low privileges for exploitation and may allow an unauthorized attacker to disclose information. | ||||
| CVE-2022-2142 | 1 Advantech | 1 Iview | 2025-04-16 | 8.1 High |
| The affected product is vulnerable to a SQL injection with high attack complexity, which may allow an unauthorized attacker to disclose information. | ||||
| CVE-2022-22987 | 1 Advantech | 2 Adam-3600, Adam-3600 Firmware | 2025-04-16 | 9.8 Critical |
| The affected product has a hardcoded private key available inside the project folder, which may allow an attacker to achieve Web Server login and perform further actions. | ||||
| CVE-2022-2137 | 1 Advantech | 1 Iview | 2025-04-16 | 4.9 Medium |
| The affected product is vulnerable to two SQL injections that require high privileges for exploitation and may allow an unauthorized attacker to disclose information | ||||
| CVE-2022-2139 | 1 Advantech | 1 Iview | 2025-04-16 | 6.5 Medium |
| The affected product is vulnerable to directory traversal, which may allow an attacker to access unauthorized files and execute arbitrary code. | ||||
| CVE-2022-2138 | 1 Advantech | 1 Iview | 2025-04-16 | 8.2 High |
| The affected product is vulnerable due to missing authentication, which may allow an attacker to read or modify sensitive data and execute arbitrary code, resulting in a denial-of-service condition. | ||||
| CVE-2022-2135 | 1 Advantech | 1 Iview | 2025-04-16 | 7.5 High |
| The affected product is vulnerable to multiple SQL injections, which may allow an unauthorized attacker to disclose information. | ||||
| CVE-2022-2143 | 1 Advantech | 1 Iview | 2025-04-16 | 9.8 Critical |
| The affected product is vulnerable to two instances of command injection, which may allow an attacker to remotely execute arbitrary code. | ||||
| CVE-2022-3385 | 1 Advantech | 1 R-seenet | 2025-04-16 | 9.8 Critical |
| Advantech R-SeeNet Versions 2.4.17 and prior are vulnerable to a stack-based buffer overflow. An unauthorized attacker can remotely overflow the stack buffer and enable remote code execution. | ||||
| CVE-2022-3386 | 1 Advantech | 1 R-seenet | 2025-04-16 | 9.8 Critical |
| Advantech R-SeeNet Versions 2.4.17 and prior are vulnerable to a stack-based buffer overflow. An unauthorized attacker can use an outsized filename to overflow the stack buffer and enable remote code execution. | ||||
| CVE-2022-3387 | 1 Advantech | 1 R-seenet | 2025-04-16 | 6.5 Medium |
| Advantech R-SeeNet Versions 2.4.19 and prior are vulnerable to path traversal attacks. An unauthorized attacker could remotely exploit vulnerable PHP code to delete .PDF files. | ||||
| CVE-2021-40388 | 1 Advantech | 1 Sq Manager | 2025-04-15 | 8.8 High |
| A privilege escalation vulnerability exists in Advantech SQ Manager Server 1.0.6. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability. | ||||