Lucene search
K
AdvantechWebaccess Hmi Designer

6 matches found

CVE
CVE
added 2019/08/02 4:6 p.m.69 views

CVE-2019-10961

CVE-2019-10961 affects Advantech WebAccess HMI Designer up to version 2.1.9.23. The issue is an out-of-bounds write in MCR file processing due to insufficient validation, enabling remote code execution. Advantech released version 2.1.9.31 with a fix. Affected: WebAccess HMI Designer 2.1.9.23 and ...

8.8CVSS9AI score0.04127EPSS
CVE
CVE
added 2018/04/25 11:0 p.m.50 views

CVE-2018-8837

CVE-2018-8837 affects Advantech WebAccess HMI Designer (versions 2.1.7.32 and earlier). The root cause is an out-of-bounds write (CWE-787) triggered by processing specially crafted .pm3 files, potentially leading to remote code execution. Public sources in the connected documents corroborate the ...

7.8CVSS8AI score0.02083EPSS
CVE
CVE
added 2018/04/25 11:0 p.m.49 views

CVE-2018-8833

Advantech WebAccess HMI Designer (Version 2.1.7.32 and earlier) contains a heap-based buffer overflow when processing specially crafted .pm3 files, which can lead to remote code execution. The CVE-2018-8833 entry is supported by multiple sources in connected documents (CNVD/CVELIST/NVD) that desc...

7.8CVSS8.2AI score0.02245EPSS
CVE
CVE
added 2018/04/25 11:0 p.m.46 views

CVE-2018-8835

Advantech WebAccess HMI Designer 2.1.7.32 and prior are affected by a double‑free vulnerability in processing specially crafted .pm3 files, which may allow remote code execution. CVE-2018-8835. The issue is caused by improper handling during file processing and is highlighted alongside other vuln...

7.8CVSS8AI score0.02083EPSS
CVE
CVE
added 2021/11/15 2:0 p.m.40 views

CVE-2021-42706

Summary: CVE-2021-42706 affects Advantech WebAccess HMI Designer (WebAccess/MHI Designer). The connected advisory details a Use After Free vulnerability (CWE-416) in WebAccess/MHI Designer, leading to information disclosure and arbitrary code execution via memory corruption when handling crafted ...

7.8CVSS7.7AI score0.00273EPSS
CVE
CVE
added 2021/11/15 2:3 p.m.39 views

CVE-2021-42703

Vulnerability context: CVE-2021-42703 corresponds to a cross‑site scripting flaw in Advantech WebAccess HMI Designer (pre‑2.1.11.0). The issue stems from insufficient input filtering/escaping of user‑submitted parameters, enabling attacker‑supplied JavaScript to execute in the affected web contex...

6.1CVSS6AI score0.00603EPSS