Filtered by vendor Advantech
Subscriptions
Total
317 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-2136 | 1 Advantech | 1 Iview | 2025-04-16 | 8.8 High |
| The affected product is vulnerable to multiple SQL injections that require low privileges for exploitation and may allow an unauthorized attacker to disclose information. | ||||
| CVE-2022-2142 | 1 Advantech | 1 Iview | 2025-04-16 | 8.1 High |
| The affected product is vulnerable to a SQL injection with high attack complexity, which may allow an unauthorized attacker to disclose information. | ||||
| CVE-2022-22987 | 1 Advantech | 2 Adam-3600, Adam-3600 Firmware | 2025-04-16 | 9.8 Critical |
| The affected product has a hardcoded private key available inside the project folder, which may allow an attacker to achieve Web Server login and perform further actions. | ||||
| CVE-2022-2137 | 1 Advantech | 1 Iview | 2025-04-16 | 4.9 Medium |
| The affected product is vulnerable to two SQL injections that require high privileges for exploitation and may allow an unauthorized attacker to disclose information | ||||
| CVE-2022-2139 | 1 Advantech | 1 Iview | 2025-04-16 | 6.5 Medium |
| The affected product is vulnerable to directory traversal, which may allow an attacker to access unauthorized files and execute arbitrary code. | ||||
| CVE-2022-2138 | 1 Advantech | 1 Iview | 2025-04-16 | 8.2 High |
| The affected product is vulnerable due to missing authentication, which may allow an attacker to read or modify sensitive data and execute arbitrary code, resulting in a denial-of-service condition. | ||||
| CVE-2022-2135 | 1 Advantech | 1 Iview | 2025-04-16 | 7.5 High |
| The affected product is vulnerable to multiple SQL injections, which may allow an unauthorized attacker to disclose information. | ||||
| CVE-2022-2143 | 1 Advantech | 1 Iview | 2025-04-16 | 9.8 Critical |
| The affected product is vulnerable to two instances of command injection, which may allow an attacker to remotely execute arbitrary code. | ||||
| CVE-2022-3385 | 1 Advantech | 1 R-seenet | 2025-04-16 | 9.8 Critical |
| Advantech R-SeeNet Versions 2.4.17 and prior are vulnerable to a stack-based buffer overflow. An unauthorized attacker can remotely overflow the stack buffer and enable remote code execution. | ||||
| CVE-2022-3386 | 1 Advantech | 1 R-seenet | 2025-04-16 | 9.8 Critical |
| Advantech R-SeeNet Versions 2.4.17 and prior are vulnerable to a stack-based buffer overflow. An unauthorized attacker can use an outsized filename to overflow the stack buffer and enable remote code execution. | ||||
| CVE-2022-3387 | 1 Advantech | 1 R-seenet | 2025-04-16 | 6.5 Medium |
| Advantech R-SeeNet Versions 2.4.19 and prior are vulnerable to path traversal attacks. An unauthorized attacker could remotely exploit vulnerable PHP code to delete .PDF files. | ||||
| CVE-2021-40388 | 1 Advantech | 1 Sq Manager | 2025-04-15 | 8.8 High |
| A privilege escalation vulnerability exists in Advantech SQ Manager Server 1.0.6. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2021-40389 | 1 Advantech | 1 Deviceon\/iedge | 2025-04-15 | 8.8 High |
| A privilege escalation vulnerability exists in the installation of Advantech DeviceOn/iEdge Server 1.0.2. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2021-40396 | 1 Advantech | 1 Deviceon\/iservice | 2025-04-15 | 8.8 High |
| A privilege escalation vulnerability exists in the installation of Advantech DeviceOn/iService 1.1.7. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2021-40397 | 1 Advantech | 1 Wise-paas\/ota | 2025-04-15 | 7.8 High |
| A privilege escalation vulnerability exists in the installation of Advantech WISE-PaaS/OTA Server 3.0.9. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2014-0991 | 1 Advantech | 1 Advantech Webaccess | 2025-04-12 | N/A |
| Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the projectname parameter. | ||||
| CVE-2014-0990 | 1 Advantech | 1 Advantech Webaccess | 2025-04-12 | N/A |
| Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the UserName parameter. | ||||
| CVE-2014-2368 | 1 Advantech | 1 Advantech Webaccess | 2025-04-12 | N/A |
| The BrowseFolder method in the bwocxrun ActiveX control in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a crafted call. | ||||
| CVE-2014-0988 | 1 Advantech | 1 Advantech Webaccess | 2025-04-12 | N/A |
| Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the AccessCode parameter. | ||||
| CVE-2014-0987 | 1 Advantech | 1 Advantech Webaccess | 2025-04-12 | N/A |
| Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the NodeName2 parameter. | ||||