Vulnerabilities > Advantech
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-01-15 | CVE-2015-3947 | SQL Injection vulnerability in Advantech Webaccess SQL injection vulnerability in Advantech WebAccess before 8.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | 6.5 |
2016-01-15 | CVE-2015-3946 | Cross-Site Request Forgery (CSRF) vulnerability in Advantech Webaccess Cross-site request forgery (CSRF) vulnerability in Advantech WebAccess before 8.1 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | 6.8 |
2016-01-15 | CVE-2015-3943 | Information Exposure vulnerability in Advantech Webaccess Advantech WebAccess before 8.1 allows remote attackers to read sensitive cleartext information about e-mail project accounts via unspecified vectors. | 5.0 |
2016-01-09 | CVE-2015-7938 | Improper Authentication vulnerability in Advantech Eki-1321 Series Firmware and Eki-1322 Series Firmware Advantech EKI-132x devices with firmware before 2015-12-31 allow remote attackers to bypass authentication via unspecified vectors. | 10.0 |
2015-11-07 | CVE-2015-6476 | Hardcoded Credentials Security Bypass vulnerability in Multiple Advantech EKI Products Advantech EKI-122x-BE devices with firmware before 1.65, EKI-132x devices with firmware before 1.98, and EKI-136x devices with firmware before 1.27 have hardcoded SSH keys, which makes it easier for remote attackers to obtain access via an SSH session. | 10.0 |
2015-09-28 | CVE-2014-9202 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Advantech Webaccess 8.0 Multiple stack-based buffer overflows in an unspecified DLL file in Advantech WebAccess before 8.0_20150816 allow remote attackers to execute arbitrary code via a crafted file that triggers long string arguments to functions. | 6.9 |
2015-09-11 | CVE-2014-9208 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Advantech Webaccess Multiple stack-based buffer overflows in unspecified DLL files in Advantech WebAccess before 8.0.1 allow remote attackers to execute arbitrary code via unknown vectors. | 10.0 |
2015-02-13 | CVE-2014-8385 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Advantech Eki-1200 Gateway Series Firmware Buffer overflow on Advantech EKI-1200 gateways with firmware before 1.63 allows remote attackers to execute arbitrary code via unspecified vectors. | 10.0 |
2015-01-20 | CVE-2014-8386 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Advantech Adamview 4.3 Multiple stack-based buffer overflows in Advantech AdamView 4.3 and earlier allow remote attackers to execute arbitrary code via a crafted (1) display properties or (2) conditional bitmap parameter in a GNI file. | 7.5 |
2014-11-21 | CVE-2014-8388 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Advantech Webaccess Stack-based buffer overflow in Advantech WebAccess, formerly BroadWin WebAccess, before 8.0 allows remote attackers to execute arbitrary code via a crafted ip_address parameter in an HTML document. | 7.2 |