Filtered by vendor Advantech
Subscribe
Total
302 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2014-2367 | 1 Advantech | 1 Advantech Webaccess | 2025-04-12 | 4.3 MEDIUM | N/A |
The ChkCookie subroutine in an ActiveX control in broadweb/include/gChkCook.asp in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a crafted call. | |||||
CVE-2015-3946 | 1 Advantech | 1 Webaccess | 2025-04-12 | 6.8 MEDIUM | 8.8 HIGH |
Cross-site request forgery (CSRF) vulnerability in Advantech WebAccess before 8.1 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | |||||
CVE-2014-0987 | 1 Advantech | 1 Advantech Webaccess | 2025-04-12 | 6.8 MEDIUM | N/A |
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the NodeName2 parameter. | |||||
CVE-2016-0855 | 1 Advantech | 1 Webaccess | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
Directory traversal vulnerability in Advantech WebAccess before 8.1 allows remote attackers to list arbitrary virtual-directory files via unspecified vectors. | |||||
CVE-2014-2366 | 1 Advantech | 1 Advantech Webaccess | 2025-04-12 | 4.0 MEDIUM | N/A |
upAdminPg.asp in Advantech WebAccess before 7.2 allows remote authenticated users to discover credentials by reading HTML source code. | |||||
CVE-2014-0986 | 1 Advantech | 1 Advantech Webaccess | 2025-04-12 | 6.8 MEDIUM | N/A |
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the GotoCmd parameter. | |||||
CVE-2016-4528 | 1 Advantech | 1 Webaccess | 2025-04-12 | 4.3 MEDIUM | 5.0 MEDIUM |
Buffer overflow in Advantech WebAccess before 8.1_20160519 allows local users to cause a denial of service via a crafted DLL file. | |||||
CVE-2014-0764 | 1 Advantech | 1 Advantech Webaccess | 2025-04-12 | 7.5 HIGH | N/A |
Stack-based buffer overflow in Advantech WebAccess before 7.2 allows remote attackers to execute arbitrary code via a long NodeName parameter. | |||||
CVE-2014-0989 | 1 Advantech | 1 Advantech Webaccess | 2025-04-12 | 6.8 MEDIUM | N/A |
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the AccessCode2 parameter. | |||||
CVE-2014-0988 | 1 Advantech | 1 Advantech Webaccess | 2025-04-12 | 6.8 MEDIUM | N/A |
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the AccessCode parameter. | |||||
CVE-2016-0857 | 1 Advantech | 1 Webaccess | 2025-04-12 | 10.0 HIGH | 9.8 CRITICAL |
Multiple heap-based buffer overflows in Advantech WebAccess before 8.1 allow remote attackers to execute arbitrary code via unspecified vectors. | |||||
CVE-2014-0766 | 1 Advantech | 1 Advantech Webaccess | 2025-04-12 | 7.5 HIGH | N/A |
Stack-based buffer overflow in Advantech WebAccess before 7.2 allows remote attackers to execute arbitrary code via a long NodeName2 argument. | |||||
CVE-2014-2368 | 1 Advantech | 1 Advantech Webaccess | 2025-04-12 | 5.0 MEDIUM | N/A |
The BrowseFolder method in the bwocxrun ActiveX control in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a crafted call. | |||||
CVE-2014-0770 | 1 Advantech | 1 Advantech Webaccess | 2025-04-12 | 7.5 HIGH | N/A |
Stack-based buffer overflow in Advantech WebAccess before 7.2 allows remote attackers to execute arbitrary code via a long UserName parameter. | |||||
CVE-2014-2365 | 1 Advantech | 1 Advantech Webaccess | 2025-04-12 | 5.5 MEDIUM | N/A |
Unspecified vulnerability in Advantech WebAccess before 7.2 allows remote authenticated users to create or delete arbitrary files via unknown vectors. | |||||
CVE-2015-3948 | 1 Advantech | 1 Webaccess | 2025-04-12 | 3.5 LOW | 5.4 MEDIUM |
Cross-site scripting (XSS) vulnerability in Advantech WebAccess before 8.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | |||||
CVE-2014-8387 | 1 Advantech | 2 Eki-6340, Eki-6340 Firmware | 2025-04-12 | 9.0 HIGH | N/A |
cgi/utility.cgi in Advantech EKI-6340 2.05 Wi-Fi Mesh Access Point allows remote authenticated users to execute arbitrary commands via shell metacharacters in the pinghost parameter to ping.cgi. | |||||
CVE-2015-7938 | 1 Advantech | 4 Eki-1321, Eki-1321 Series Firmware, Eki-1322 and 1 more | 2025-04-12 | 10.0 HIGH | 9.8 CRITICAL |
Advantech EKI-132x devices with firmware before 2015-12-31 allow remote attackers to bypass authentication via unspecified vectors. | |||||
CVE-2016-0853 | 1 Advantech | 1 Webaccess | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
Advantech WebAccess before 8.1 allows remote attackers to obtain sensitive information via crafted input. | |||||
CVE-2014-0992 | 1 Advantech | 1 Advantech Webaccess | 2025-04-12 | 6.8 MEDIUM | N/A |
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the password parameter. |