ReportizFlow
Filtered by vendor Advantech
Subscriptions
Total
337 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-2138 | 1 Advantech | 1 Iview | 2025-04-16 | 8.2 High |
| The affected product is vulnerable due to missing authentication, which may allow an attacker to read or modify sensitive data and execute arbitrary code, resulting in a denial-of-service condition. | ||||
| CVE-2022-2135 | 1 Advantech | 1 Iview | 2025-04-16 | 7.5 High |
| The affected product is vulnerable to multiple SQL injections, which may allow an unauthorized attacker to disclose information. | ||||
| CVE-2022-2143 | 1 Advantech | 1 Iview | 2025-04-16 | 9.8 Critical |
| The affected product is vulnerable to two instances of command injection, which may allow an attacker to remotely execute arbitrary code. | ||||
| CVE-2022-3385 | 1 Advantech | 1 R-seenet | 2025-04-16 | 9.8 Critical |
| Advantech R-SeeNet Versions 2.4.17 and prior are vulnerable to a stack-based buffer overflow. An unauthorized attacker can remotely overflow the stack buffer and enable remote code execution. | ||||
| CVE-2022-3386 | 1 Advantech | 1 R-seenet | 2025-04-16 | 9.8 Critical |
| Advantech R-SeeNet Versions 2.4.17 and prior are vulnerable to a stack-based buffer overflow. An unauthorized attacker can use an outsized filename to overflow the stack buffer and enable remote code execution. | ||||
| CVE-2022-3387 | 1 Advantech | 1 R-seenet | 2025-04-16 | 6.5 Medium |
| Advantech R-SeeNet Versions 2.4.19 and prior are vulnerable to path traversal attacks. An unauthorized attacker could remotely exploit vulnerable PHP code to delete .PDF files. | ||||
| CVE-2021-40388 | 1 Advantech | 1 Sq Manager | 2025-04-15 | 8.8 High |
| A privilege escalation vulnerability exists in Advantech SQ Manager Server 1.0.6. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2021-40389 | 1 Advantech | 1 Deviceon\/iedge | 2025-04-15 | 8.8 High |
| A privilege escalation vulnerability exists in the installation of Advantech DeviceOn/iEdge Server 1.0.2. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2021-40396 | 1 Advantech | 1 Deviceon\/iservice | 2025-04-15 | 8.8 High |
| A privilege escalation vulnerability exists in the installation of Advantech DeviceOn/iService 1.1.7. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2021-40397 | 1 Advantech | 1 Wise-paas\/ota | 2025-04-15 | 7.8 High |
| A privilege escalation vulnerability exists in the installation of Advantech WISE-PaaS/OTA Server 3.0.9. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2014-0987 | 1 Advantech | 1 Advantech Webaccess | 2025-04-12 | N/A |
| Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the NodeName2 parameter. | ||||
| CVE-2015-3943 | 1 Advantech | 1 Webaccess | 2025-04-12 | N/A |
| Advantech WebAccess before 8.1 allows remote attackers to read sensitive cleartext information about e-mail project accounts via unspecified vectors. | ||||
| CVE-2016-0852 | 1 Advantech | 1 Webaccess | 2025-04-12 | N/A |
| Advantech WebAccess before 8.1 allows remote attackers to bypass an intended administrative requirement and obtain file or folder access via unspecified vectors. | ||||
| CVE-2016-2275 | 1 Advantech | 4 Vesp211-232, Vesp211-232 Firmware, Vesp211-eu and 1 more | 2025-04-12 | N/A |
| The web interface on Advantech/B+B SmartWorx VESP211-EU devices with firmware 1.7.2 and VESP211-232 devices with firmware 1.5.1 and 1.7.2 relies on the client to implement access control, which allows remote attackers to perform administrative actions via modified JavaScript code. | ||||
| CVE-2014-8388 | 1 Advantech | 1 Webaccess | 2025-04-12 | N/A |
| Stack-based buffer overflow in Advantech WebAccess, formerly BroadWin WebAccess, before 8.0 allows remote attackers to execute arbitrary code via a crafted ip_address parameter in an HTML document. | ||||
| CVE-2014-8385 | 1 Advantech | 6 Eki-1200 Gateway Series Firmware, Eki-1221, Eki-1221d and 3 more | 2025-04-12 | N/A |
| Buffer overflow on Advantech EKI-1200 gateways with firmware before 1.63 allows remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2016-0851 | 1 Advantech | 1 Webaccess | 2025-04-12 | N/A |
| Advantech WebAccess before 8.1 allows remote attackers to cause a denial of service (out-of-bounds memory access) via unspecified vectors. | ||||
| CVE-2015-3948 | 1 Advantech | 1 Webaccess | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in Advantech WebAccess before 8.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2014-0989 | 1 Advantech | 1 Advantech Webaccess | 2025-04-12 | N/A |
| Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the AccessCode2 parameter. | ||||
| CVE-2016-4528 | 1 Advantech | 1 Webaccess | 2025-04-12 | N/A |
| Buffer overflow in Advantech WebAccess before 8.1_20160519 allows local users to cause a denial of service via a crafted DLL file. | ||||