Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Advantech Subscribe
Filtered by product Webaccess Hmi Designer
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-10961 1 Advantech 1 Webaccess Hmi Designer 2023-03-03 6.8 MEDIUM 8.8 HIGH
In Advantech WebAccess HMI Designer Version 2.1.9.23 and prior, processing specially crafted MCR files lacking proper validation of user supplied data may cause the system to write outside the intended buffer area, allowing remote code execution.
CVE-2021-42706 1 Advantech 1 Webaccess Hmi Designer 2021-11-17 4.6 MEDIUM 7.8 HIGH
This vulnerability could allow an attacker to disclose information and execute arbitrary code on affected installations of WebAccess/MHI Designer
CVE-2021-42703 1 Advantech 1 Webaccess Hmi Designer 2021-11-16 4.3 MEDIUM 6.1 MEDIUM
This vulnerability could allow an attacker to send malicious Javascript code resulting in hijacking of the user’s cookie/session tokens, redirecting the user to a malicious webpage, and performing unintended browser action.
CVE-2018-8833 1 Advantech 1 Webaccess Hmi Designer 2020-09-29 6.8 MEDIUM 7.8 HIGH
Heap-based buffer overflow vulnerabilities in Advantech WebAccess HMI Designer 2.1.7.32 and prior caused by processing specially crafted .pm3 files may allow remote code execution.
CVE-2018-8835 1 Advantech 1 Webaccess Hmi Designer 2019-10-09 6.8 MEDIUM 7.8 HIGH
Double free vulnerabilities in Advantech WebAccess HMI Designer 2.1.7.32 and prior caused by processing specially crafted .pm3 files may allow remote code execution.
CVE-2018-8837 1 Advantech 1 Webaccess Hmi Designer 2019-10-09 6.8 MEDIUM 7.8 HIGH
Processing specially crafted .pm3 files in Advantech WebAccess HMI Designer 2.1.7.32 and prior may cause the system to write outside the intended buffer area and may allow remote code execution.