OpenCVE

Filtered by vendor Advantech Subscriptions

Total 384 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2016-0853	1 Advantech	1 Webaccess	2025-04-12	N/A
Advantech WebAccess before 8.1 allows remote attackers to obtain sensitive information via crafted input.
CVE-2016-0855	1 Advantech	1 Webaccess	2025-04-12	N/A
Directory traversal vulnerability in Advantech WebAccess before 8.1 allows remote attackers to list arbitrary virtual-directory files via unspecified vectors.
CVE-2016-0856	1 Advantech	1 Webaccess	2025-04-12	N/A
Multiple stack-based buffer overflows in Advantech WebAccess before 8.1 allow remote attackers to execute arbitrary code via unspecified vectors.
CVE-2016-0852	1 Advantech	1 Webaccess	2025-04-12	N/A
Advantech WebAccess before 8.1 allows remote attackers to bypass an intended administrative requirement and obtain file or folder access via unspecified vectors.
CVE-2014-0988	1 Advantech	1 Advantech Webaccess	2025-04-12	N/A
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the AccessCode parameter.
CVE-2016-0851	1 Advantech	1 Webaccess	2025-04-12	N/A
Advantech WebAccess before 8.1 allows remote attackers to cause a denial of service (out-of-bounds memory access) via unspecified vectors.
CVE-2012-0233	1 Advantech	1 Advantech Webaccess	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to inject arbitrary web script or HTML via a malformed URL.
CVE-2011-4525	1 Advantech	1 Advantech Webaccess	2025-04-11	N/A
Advantech/BroadWin WebAccess before 7.0 allows remote attackers to trigger the extraction of arbitrary web content into a batch file on a client system, and execute this batch file, via unspecified vectors.
CVE-2012-1234	1 Advantech	1 Advantech Webaccess	2025-04-11	N/A
SQL injection vulnerability in Advantech/BroadWin WebAccess 7.0 allows remote authenticated users to execute arbitrary SQL commands via a malformed URL. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0234.
CVE-2011-4523	1 Advantech	1 Advantech Webaccess	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in bwview.asp in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.
CVE-2011-4522	1 Advantech	1 Advantech Webaccess	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in bwerrdn.asp in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.
CVE-2011-4521	1 Advantech	1 Advantech Webaccess	2025-04-11	N/A
SQL injection vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary SQL commands via crafted string input.
CVE-2011-4526	1 Advantech	1 Advantech Webaccess	2025-04-11	N/A
Buffer overflow in an ActiveX control in Advantech/BroadWin WebAccess before 7.0 might allow remote attackers to execute arbitrary code via a long string value in unspecified parameters.
CVE-2012-0238	1 Advantech	1 Advantech Webaccess	2025-04-11	N/A
Stack-based buffer overflow in opcImg.asp in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary code via unspecified vectors.
CVE-2013-2299	1 Advantech	1 Advantech Webaccess	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in Advantech WebAccess (formerly BroadWin WebAccess) before 7.1 2013.05.30 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-0243	1 Advantech	1 Advantech Webaccess	2025-04-11	N/A
Buffer overflow in an ActiveX control in bwocxrun.ocx in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary code by leveraging the ability to write arbitrary content to any pathname.
CVE-2012-0241	1 Advantech	1 Advantech Webaccess	2025-04-11	N/A
Advantech/BroadWin WebAccess before 7.0 allows remote attackers to cause a denial of service (memory corruption) via a modified stream identifier to a function.
CVE-2011-0340	2 Advantech, Indusoft	3 Advantech Studio, Thin Client, Web Studio	2025-04-11	N/A
Multiple buffer overflows in the ISSymbol ActiveX control in ISSymbol.ocx 61.6.0.0 and 301.1009.2904.0 in the ISSymbol virtual machine, as distributed in Advantech Studio 6.1 SP6 61.6.01.05, InduSoft Web Studio before 7.0+SP1, and InduSoft Thin Client 7.0, allow remote attackers to execute arbitrary code via a long (1) InternationalOrder, (2) InternationalSeparator, or (3) LogFileName property value; or (4) a long bstrFileName argument to the OpenScreen method.
CVE-2013-1627	2 Advantech, Indusoft	2 Advantech Studio, Web Studio	2025-04-11	N/A
Absolute path traversal vulnerability in NTWebServer.exe in Indusoft Studio 7.0 and earlier and Advantech Studio 7.0 and earlier allows remote attackers to read arbitrary files via a full pathname in an argument to the sub_401A90 CreateFileW function.
CVE-2012-0240	1 Advantech	1 Advantech Webaccess	2025-04-11	N/A
GbScriptAddUp.asp in Advantech/BroadWin WebAccess before 7.0 does not properly perform authentication, which allows remote attackers to execute arbitrary code via unspecified vectors.

« first previous Page 9 of 20. next last »