Vulnerabilities > Advantech > Webaccess

DATE CVE VULNERABILITY TITLE RISK
2017-05-02 CVE-2016-5810 Information Exposure vulnerability in Advantech Webaccess
upAdminPg.asp in Advantech WebAccess before 8.1_20160519 allows remote authenticated administrators to obtain sensitive password information via unspecified vectors.
network
low complexity
advantech CWE-200
4.9
2017-02-13 CVE-2017-5154 SQL Injection vulnerability in Advantech Webaccess 8.1
An issue was discovered in Advantech WebAccess Version 8.1.
network
low complexity
advantech CWE-89
critical
9.8
2017-02-13 CVE-2017-5152 Improper Authentication vulnerability in Advantech Webaccess 8.1
An issue was discovered in Advantech WebAccess Version 8.1.
network
low complexity
advantech CWE-287
critical
9.1
2016-06-25 CVE-2016-4528 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Advantech Webaccess
Buffer overflow in Advantech WebAccess before 8.1_20160519 allows local users to cause a denial of service via a crafted DLL file.
local
low complexity
advantech CWE-119
5.0
2016-06-25 CVE-2016-4525 Unspecified vulnerability in Advantech Webaccess
Unspecified ActiveX controls in Advantech WebAccess before 8.1_20160519 allow remote authenticated users to obtain sensitive information or modify data via unknown vectors, related to the INTERFACESAFE_FOR_UNTRUSTED_CALLER (aka safe for scripting) flag.
local
low complexity
advantech
6.6
2016-01-15 CVE-2016-0860 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Advantech Webaccess
Buffer overflow in the BwpAlarm subsystem in Advantech WebAccess before 8.1 allows remote attackers to cause a denial of service via a crafted RPC request.
network
low complexity
advantech CWE-119
7.5
2016-01-15 CVE-2016-0859 Numeric Errors vulnerability in Advantech Webaccess
Integer overflow in the Kernel service in Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted RPC request.
network
low complexity
advantech CWE-189
critical
9.8
2016-01-15 CVE-2016-0858 Race Condition vulnerability in Advantech Webaccess
Race condition in Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a crafted request.
network
high complexity
advantech CWE-362
8.1
2016-01-15 CVE-2016-0857 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Advantech Webaccess
Multiple heap-based buffer overflows in Advantech WebAccess before 8.1 allow remote attackers to execute arbitrary code via unspecified vectors.
network
low complexity
advantech CWE-119
critical
9.8
2016-01-15 CVE-2016-0856 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Advantech Webaccess
Multiple stack-based buffer overflows in Advantech WebAccess before 8.1 allow remote attackers to execute arbitrary code via unspecified vectors.
network
low complexity
advantech CWE-119
critical
9.8