Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
advantech webaccess hmi designer vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-42703
This vulnerability could allow an malicious user to send malicious Javascript code resulting in hijacking of the user’s cookie/session tokens, redirecting the user to a malicious webpage, and performing unintended browser action.
Advantech Webaccess Hmi Designer
4.6
CVSSv2
CVE-2021-42706
This vulnerability could allow an malicious user to disclose information and execute arbitrary code on affected installations of WebAccess/MHI Designer
Advantech Webaccess Hmi Designer
6.8
CVSSv2
CVE-2021-33000
Parsing a maliciously crafted project file may cause a heap-based buffer overflow, which may allow an malicious user to perform arbitrary code execution. User interaction is required on the WebAccess HMI Designer (versions 2.1.9.95 and prior).
Advantech Webaccess\\/hmi Designer
6.8
CVSSv2
CVE-2021-33002
Opening a maliciously crafted project file may cause an out-of-bounds write, which may allow an malicious user to execute arbitrary code. User interaction is require on the WebAccess HMI Designer (versions 2.1.9.95 and prior).
Advantech Webaccess\\/hmi Designer
6.8
CVSSv2
CVE-2021-33004
The affected product is vulnerable to memory corruption condition due to lack of proper validation of user supplied files, which may allow an malicious user to execute arbitrary code. User interaction is required on the WebAccess HMI Designer (versions 2.1.9.95 and prior).
Advantech Webaccess\\/hmi Designer
6.8
CVSSv2
CVE-2020-16207
Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. Multiple heap-based buffer overflow vulnerabilities may be exploited by opening specially crafted project files that may overflow the heap, which may allow remote code execution, disclosure/modification of information...
Advantech Webaccess\\/hmi Designer
4.3
CVSSv2
CVE-2020-16211
Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. An out-of-bounds read vulnerability may be exploited by processing specially crafted project files, which may allow an malicious user to read information.
Advantech Webaccess\\/hmi Designer
6.8
CVSSv2
CVE-2020-16213
Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. Processing specially crafted project files lacking proper validation of user supplied data may cause the system to write outside the intended buffer area, which may allow remote code execution, disclosure/modification...
Advantech Webaccess\\/hmi Designer
6.8
CVSSv2
CVE-2020-16217
Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. A double free vulnerability caused by processing specially crafted project files may allow remote code execution, disclosure/modification of information, or cause the application to crash.
Advantech Webaccess\\/hmi Designer
9.3
CVSSv2
CVE-2020-16215
Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. Processing specially crafted project files lacking proper validation of user supplied data may cause a stack-based buffer overflow, which may allow remote code execution, disclosure/modification of information, or cau...
Advantech Webaccess\\/hmi Designer
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »