Lucene search
K

2696 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:54 a.m.6 views

CVE-2020-10617

There are multiple ways an unauthenticated attacker could perform SQL injection on WebAccess/NMS versions prior to 3.0.2 to gain access to sensitive information...

7.5CVSS7.9AI score0.01263EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:53 a.m.6 views

CVE-2020-10619

An attacker could use a specially crafted URL to delete files outside the WebAccess/NMS's versions prior to 3.0.2 control...

9.1CVSS6.7AI score0.14327EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:52 a.m.4 views

CVE-2020-10603

WebAccess/NMS versions prior to 3.0.2 does not properly sanitize user input and may allow an attacker to inject system commands remotely...

8.8CVSS7AI score0.01221EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:52 a.m.2 views

CVE-2020-10621

Multiple issues exist that allow files to be uploaded and executed on the WebAccess/NMS versions prior to 3.0.2...

10CVSS6.7AI score0.0159EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:52 a.m.7 views

CVE-2020-10638

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple heap-based buffer overflow vulnerabilities exist caused by a lack of proper validation of the length of user-supplied data, which may allow remote code execution...

9.8CVSS8AI score0.07059EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:52 a.m.5 views

CVE-2020-10629

WebAccess/NMS versions prior to 3.0.2 does not sanitize XML input. Specially crafted XML input could allow an attacker to read sensitive files...

7.5CVSS6.6AI score0.01231EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:51 a.m.6 views

CVE-2020-10625

WebAccess/NMS versions prior to 3.0.2 allows an unauthenticated remote user to create a new admin account...

9.8CVSS7AI score0.01624EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:51 a.m.13 views

CVE-2020-10607

In Advantech WebAccess, Versions 8.4.2 and prior. A stack-based buffer overflow vulnerability caused by a lack of proper validation of the length of user-supplied data may allow remote code execution...

8.8CVSS8AI score0.02123EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:32 a.m.4 views

CVE-2019-16901

Advantech WebAccess/HMI Designer 2.1.9.31 has Exception Handler Chain corruption starting at Unknown Symbol @ 0x0000000000000000 called from ntdll!RtlRaiseStatus+0x00000000000000b4...

7.5CVSS7.2AI score0.01323EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:32 a.m.4 views

CVE-2019-16899

In Advantech WebAccess/HMI Designer 2.1.9.31, Data from a Faulting Address controls Code Flow starting at PMV3!CTagInfoThreadBase::GetNICInfo+0x0000000000512918...

7.5CVSS7.1AI score0.01323EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:30 a.m.7 views

CVE-2019-16900

Advantech WebAccess/HMI Designer 2.1.9.31 has a User Mode Write AV starting at MSVCR90!memcpy+0x000000000000015c...

7.5CVSS7AI score0.01323EPSS
Exploits0References1
CNVD
CNVD
added 2025/12/25 12:0 a.m.3 views

Advantech WebAccess/SCADA Directory Traversal Vulnerability (CNVD-2026-11781)

Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture from Advantech, China. The software supports dynamic graphical display and real-time data control, and provides remote control and management of automation equipment. A directory traversal vulnerability exists in...

9.1CVSS6AI score0.00807EPSS
Exploits0References1
CNVD
CNVD
added 2025/12/24 12:0 a.m.5 views

Advantech WebAccess/SCADA SQL Injection Vulnerability

Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture from Advantech, China. The software supports dynamic graphical display and real-time data control, and provides remote control and management of automation equipment. An SQL injection vulnerability exists in...

8.8CVSS6.2AI score0.0028EPSS
Exploits0References1
CNVD
CNVD
added 2025/12/24 12:0 a.m.6 views

Advantech WebAccess/SCADA Directory Traversal Vulnerability

Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture from Advantech, China. The software supports dynamic graphical display and real-time data control, and provides remote control and management of automation equipment. Advantech WebAccess/SCADA suffers from a...

7.5CVSS6.1AI score0.00609EPSS
Exploits0References1
CNVD
CNVD
added 2025/12/24 12:0 a.m.3 views

Advantech WebAccess/SCADA Directory Traversal Vulnerability (CNVD-2026-11783)

Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture from Advantech, China. The software supports dynamic graphical display and real-time data control, and provides remote control and management of automation equipment. Advantech WebAccess/SCADA suffers from a...

5.3CVSS6.1AI score0.00558EPSS
Exploits0References1
CNVD
CNVD
added 2025/12/24 12:0 a.m.4 views

Advantech WebAccess/SCADA Code Issue Vulnerability

Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture from Advantech, China. The software supports dynamic graphical display and real-time data control, and provides remote control and management of automation equipment. A code issue vulnerability exists in Advantech...

9.8CVSS6.2AI score0.00531EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/19 9:14 p.m.5 views

CVE-2025-14848

Advantech WebAccess/SCADA is vulnerable to absolute directory traversal, which may allow an attacker to determine the existence of arbitrary files...

5.3CVSS7AI score0.00558EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/19 9:14 p.m.7 views

CVE-2025-14850

Advantech WebAccess/SCADA is vulnerable to directory traversal, which may allow an attacker to delete arbitrary files...

9.1CVSS7.1AI score0.00807EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/19 9:14 p.m.7 views

CVE-2025-46268

Advantech WebAccess/SCADA is vulnerable to SQL injection, which may allow an attacker to execute arbitrary SQL commands...

8.8CVSS8.1AI score0.0028EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/19 9:14 p.m.6 views

CVE-2025-14849

Advantech WebAccess/SCADA is vulnerable to unrestricted file upload, which may allow an attacker to remotely execute arbitrary code...

9.8CVSS7.5AI score0.00531EPSS
Exploits0References1
Rows per page
Query Builder