Vulnerabilities > Advantech > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-28 | CVE-2019-10989 | Out-of-bounds Write vulnerability in Advantech Webaccess In WebAccess/SCADA Versions 8.3.5 and prior, multiple heap-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. | 9.8 |
| 2019-06-28 | CVE-2019-10985 | Path Traversal vulnerability in Advantech Webaccess In WebAccess/SCADA, Versions 8.3.5 and prior, a path traversal vulnerability is caused by a lack of proper validation of a user-supplied path prior to use in file operations. | 9.1 |
| 2018-10-29 | CVE-2018-17910 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Advantech Webaccess WebAccess Versions 8.3.2 and prior. | 9.3 |
| 2018-10-23 | CVE-2018-14816 | Out-of-bounds Write vulnerability in Advantech Webaccess Advantech WebAccess 8.3.1 and earlier has several stack-based buffer overflow vulnerabilities that have been identified, which may allow an attacker to execute arbitrary code. | 9.8 |
| 2018-10-23 | CVE-2018-14806 | Path Traversal vulnerability in Advantech Webaccess Advantech WebAccess 8.3.1 and earlier has a path traversal vulnerability which may allow an attacker to execute arbitrary code. | 9.8 |
| 2018-10-22 | CVE-2018-15704 | Out-of-bounds Write vulnerability in Advantech Webaccess Advantech WebAccess 8.3.2 and below is vulnerable to a stack buffer overflow vulnerability. | 9.0 |
| 2018-02-13 | CVE-2018-6911 | OS Command Injection vulnerability in Advantech Webaccess 8.3.0 The VBWinExec function in Node\AspVBObj.dll in Advantech WebAccess 8.3.0 allows remote attackers to execute arbitrary OS commands via a single argument (aka the command parameter). | 10.0 |
| 2018-01-05 | CVE-2017-16720 | Path Traversal vulnerability in Advantech Webaccess A Path Traversal issue was discovered in WebAccess versions 8.3.2 and earlier. | 10.0 |
| 2017-08-30 | CVE-2017-12708 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Advantech Webaccess An Improper Restriction Of Operations Within The Bounds Of A Memory Buffer issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. | 10.0 |
| 2016-02-21 | CVE-2016-2275 | Improper Access Control vulnerability in Advantech Vesp211-232 Firmware and Vesp211-Eu Firmware The web interface on Advantech/B+B SmartWorx VESP211-EU devices with firmware 1.7.2 and VESP211-232 devices with firmware 1.5.1 and 1.7.2 relies on the client to implement access control, which allows remote attackers to perform administrative actions via modified JavaScript code. | 10.0 |