Lucene search
K

185 matches found

NVD
NVD
added 2020/05/08 12:15 p.m.9 views

CVE-2020-10638

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple heap-based buffer overflow vulnerabilities exist caused by a lack of proper validation of the length of user-supplied data, which may allow remote code execution...

9.8CVSS10AI score0.07059EPSS
Exploits0References7
OSV
OSV
added 2020/05/08 12:15 p.m.5 views

CVE-2020-12018

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. An out-of-bounds vulnerability exists that may allow access to unauthorized data...

7.5CVSS5.8AI score0.01529EPSS
Exploits0References2
NVD
NVD
added 2020/05/08 12:15 p.m.23 views

CVE-2020-12006

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple relative path traversal vulnerabilities exist that may allow a low privilege user to overwrite files outside the application’s control...

9.8CVSS9.7AI score0.03692EPSS
Exploits0References4
NVD
NVD
added 2020/05/08 12:15 p.m.40 views

CVE-2020-12002

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple stack-based buffer overflow vulnerabilities exist caused by a lack of proper validation of the length of user-supplied data, which may allow remote code execution...

9.8CVSS10AI score0.09076EPSS
Exploits0References10
NVD
NVD
added 2020/05/08 12:15 p.m.43 views

CVE-2020-12018

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. An out-of-bounds vulnerability exists that may allow access to unauthorized data...

7.5CVSS8AI score0.01529EPSS
Exploits0References2
OSV
OSV
added 2020/05/08 12:15 p.m.4 views

CVE-2020-10638

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple heap-based buffer overflow vulnerabilities exist caused by a lack of proper validation of the length of user-supplied data, which may allow remote code execution...

9.8CVSS7.8AI score
Exploits0References7
OSV
OSV
added 2020/05/08 12:15 p.m.4 views

CVE-2020-12014

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Input is not properly sanitized and may allow an attacker to inject SQL commands...

7.5CVSS5.8AI score0.01529EPSS
Exploits0References2
OSV
OSV
added 2020/05/08 12:15 p.m.4 views

CVE-2020-12022

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. An improper validation vulnerability exists that could allow an attacker to inject specially crafted input into memory where it can be executed...

9.8CVSS7.3AI score0.01672EPSS
Exploits0References2
OSV
OSV
added 2020/05/08 12:15 p.m.6 views

CVE-2020-12010

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple relative path traversal vulnerabilities exist that may allow an authenticated user to use a specially crafted file to delete files outside the application’s control...

7.1CVSS7.1AI score0.01009EPSS
Exploits0References1
NVD
NVD
added 2020/05/08 12:15 p.m.27 views

CVE-2020-12014

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Input is not properly sanitized and may allow an attacker to inject SQL commands...

7.5CVSS8.2AI score0.01529EPSS
Exploits0References2
NVD
NVD
added 2020/05/08 12:15 p.m.31 views

CVE-2020-12026

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple relative path traversal vulnerabilities exist that may allow a low privilege user to overwrite files outside the application’s control...

8.8CVSS9.2AI score0.02312EPSS
Exploits0References2
OSV
OSV
added 2020/05/08 12:15 p.m.5 views

CVE-2020-12026

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple relative path traversal vulnerabilities exist that may allow a low privilege user to overwrite files outside the application’s control...

8.8CVSS5.8AI score0.02312EPSS
Exploits0References2
NVD
NVD
added 2020/05/08 12:15 p.m.32 views

CVE-2020-12010

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple relative path traversal vulnerabilities exist that may allow an authenticated user to use a specially crafted file to delete files outside the application’s control...

7.1CVSS7.6AI score0.01009EPSS
Exploits0References1
NVD
NVD
added 2020/05/08 12:15 p.m.29 views

CVE-2020-12022

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. An improper validation vulnerability exists that could allow an attacker to inject specially crafted input into memory where it can be executed...

9.8CVSS9.4AI score0.01672EPSS
Exploits0References2
Prion
Prion
added 2020/05/08 12:15 p.m.20 views

Heap overflow

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple heap-based buffer overflow vulnerabilities exist caused by a lack of proper validation of the length of user-supplied data, which may allow remote code execution...

7.5CVSS9.9AI score0.07059EPSS
Exploits0References7Affected Software1
Prion
Prion
added 2020/05/08 12:15 p.m.12 views

Stack overflow

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple stack-based buffer overflow vulnerabilities exist caused by a lack of proper validation of the length of user-supplied data, which may allow remote code execution...

7.5CVSS9.9AI score0.09076EPSS
Exploits0References10Affected Software1
Prion
Prion
added 2020/05/08 12:15 p.m.14 views

Out-of-bounds

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. An out-of-bounds vulnerability exists that may allow access to unauthorized data...

5CVSS7.5AI score0.01529EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2020/05/08 12:15 p.m.19 views

Path traversal

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple relative path traversal vulnerabilities exist that may allow an authenticated user to use a specially crafted file to delete files outside the application’s control...

5.8CVSS7AI score0.01009EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/05/08 11:51 a.m.36 views

CVE-2020-12018

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. An out-of-bounds vulnerability exists that may allow access to unauthorized data...

7.5AI score0.01529EPSS
Exploits0References2
CVE
CVE
added 2020/05/08 11:51 a.m.57 views

CVE-2020-12018

Advantech WebAccess Node (HMI platform) is affected by CVE-2020-12018 via an out-of-bounds read in IOCTL handling of ViewSrv.dll/DrawSrv.dll, exposing unauthorized data. Affected versions are WebAccess Node 8.4.4 and prior, and 9.0.0. The vulnerability enables information disclosure without authe...

7.5CVSS7.4AI score0.01529EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder