Filtered by vendor Advantech Subscriptions
Total 383 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2016-0853 1 Advantech 1 Webaccess 2025-04-12 N/A
Advantech WebAccess before 8.1 allows remote attackers to obtain sensitive information via crafted input.
CVE-2015-3943 1 Advantech 1 Webaccess 2025-04-12 N/A
Advantech WebAccess before 8.1 allows remote attackers to read sensitive cleartext information about e-mail project accounts via unspecified vectors.
CVE-2016-4528 1 Advantech 1 Webaccess 2025-04-12 N/A
Buffer overflow in Advantech WebAccess before 8.1_20160519 allows local users to cause a denial of service via a crafted DLL file.
CVE-2015-3948 1 Advantech 1 Webaccess 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in Advantech WebAccess before 8.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2016-0852 1 Advantech 1 Webaccess 2025-04-12 N/A
Advantech WebAccess before 8.1 allows remote attackers to bypass an intended administrative requirement and obtain file or folder access via unspecified vectors.
CVE-2016-0858 1 Advantech 1 Webaccess 2025-04-12 N/A
Race condition in Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a crafted request.
CVE-2015-7938 1 Advantech 4 Eki-1321, Eki-1321 Series Firmware, Eki-1322 and 1 more 2025-04-12 N/A
Advantech EKI-132x devices with firmware before 2015-12-31 allow remote attackers to bypass authentication via unspecified vectors.
CVE-2015-3946 1 Advantech 1 Webaccess 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability in Advantech WebAccess before 8.1 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVE-2015-6476 1 Advantech 14 Eki-1221, Eki-1221d, Eki-1222 and 11 more 2025-04-12 N/A
Advantech EKI-122x-BE devices with firmware before 1.65, EKI-132x devices with firmware before 1.98, and EKI-136x devices with firmware before 1.27 have hardcoded SSH keys, which makes it easier for remote attackers to obtain access via an SSH session.
CVE-2014-0991 1 Advantech 1 Advantech Webaccess 2025-04-12 N/A
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the projectname parameter.
CVE-2014-0990 1 Advantech 1 Advantech Webaccess 2025-04-12 N/A
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the UserName parameter.
CVE-2016-0859 1 Advantech 1 Webaccess 2025-04-12 N/A
Integer overflow in the Kernel service in Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted RPC request.
CVE-2014-0989 1 Advantech 1 Advantech Webaccess 2025-04-12 N/A
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the AccessCode2 parameter.
CVE-2014-0988 1 Advantech 1 Advantech Webaccess 2025-04-12 N/A
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the AccessCode parameter.
CVE-2015-6467 1 Advantech 1 Webaccess 2025-04-12 N/A
Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code via vectors involving a browser plugin.
CVE-2014-0987 1 Advantech 1 Advantech Webaccess 2025-04-12 N/A
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the NodeName2 parameter.
CVE-2014-0986 1 Advantech 1 Advantech Webaccess 2025-04-12 N/A
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the GotoCmd parameter.
CVE-2014-0985 1 Advantech 1 Advantech Webaccess 2025-04-12 N/A
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the NodeName parameter.
CVE-2016-4525 1 Advantech 1 Webaccess 2025-04-12 N/A
Unspecified ActiveX controls in Advantech WebAccess before 8.1_20160519 allow remote authenticated users to obtain sensitive information or modify data via unknown vectors, related to the INTERFACESAFE_FOR_UNTRUSTED_CALLER (aka safe for scripting) flag.
CVE-2016-0856 1 Advantech 1 Webaccess 2025-04-12 N/A
Multiple stack-based buffer overflows in Advantech WebAccess before 8.1 allow remote attackers to execute arbitrary code via unspecified vectors.