Vulnerabilities > Advantech > Webaccess HMI Designer
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-11-15 | CVE-2021-42703 | Cross-site Scripting vulnerability in Advantech Webaccess HMI Designer 2.1.7.32 This vulnerability could allow an attacker to send malicious Javascript code resulting in hijacking of the user’s cookie/session tokens, redirecting the user to a malicious webpage, and performing unintended browser action. | 6.1 |
2021-11-15 | CVE-2021-42706 | Use After Free vulnerability in Advantech Webaccess HMI Designer 2.1.7.32 This vulnerability could allow an attacker to disclose information and execute arbitrary code on affected installations of WebAccess/MHI Designer | 7.8 |
2021-06-24 | CVE-2021-33000 | Out-of-bounds Write vulnerability in Advantech Webaccess/Hmi Designer 2.1/2.1.9.31/2.1.9.95 Parsing a maliciously crafted project file may cause a heap-based buffer overflow, which may allow an attacker to perform arbitrary code execution. | 7.8 |
2021-06-24 | CVE-2021-33002 | Unspecified vulnerability in Advantech Webaccess/Hmi Designer 2.1/2.1.9.31/2.1.9.95 Opening a maliciously crafted project file may cause an out-of-bounds write, which may allow an attacker to execute arbitrary code. | 7.8 |
2021-06-24 | CVE-2021-33004 | Out-of-bounds Write vulnerability in Advantech Webaccess/Hmi Designer 2.1/2.1.9.31/2.1.9.95 The affected product is vulnerable to memory corruption condition due to lack of proper validation of user supplied files, which may allow an attacker to execute arbitrary code. | 7.8 |
2020-08-06 | CVE-2020-16229 | Type Confusion vulnerability in Advantech Webaccess/Hmi Designer 2.1/2.1.9.31 Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. | 7.8 |
2020-08-06 | CVE-2020-16217 | Double Free vulnerability in Advantech Webaccess/Hmi Designer 2.1/2.1.9.31 Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. | 7.8 |
2020-08-06 | CVE-2020-16215 | Improper Input Validation vulnerability in Advantech Webaccess/Hmi Designer 2.1/2.1.9.31 Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. | 7.8 |
2020-08-06 | CVE-2020-16213 | Out-of-bounds Write vulnerability in Advantech Webaccess/Hmi Designer 2.1/2.1.9.31 Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. | 7.8 |
2020-08-06 | CVE-2020-16211 | Out-of-bounds Read vulnerability in Advantech Webaccess/Hmi Designer 2.1/2.1.9.31 Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. | 5.5 |