本ページは advantech webaccess_hmi_designer に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2021-42703 | This vulnerability could allow an attacker to send malicious Javascript code resulting in hijacking of the user’s cookie/session tokens, redirecting the user to a malicious webpage, and performing unintended browser action. | [email protected] | 5.4 | 0.16% | 2021-11-15 | 2024-11-21 |
| CVE-2021-42706 | This vulnerability could allow an attacker to disclose information and execute arbitrary code on affected installations of WebAccess/MHI Designer | [email protected] | 7.8 | 0.05% | 2021-11-15 | 2024-11-21 |
| CVE-2019-10961 | In Advantech WebAccess HMI Designer Version 2.1.9.23 and prior, processing specially crafted MCR files lacking proper validation of user supplied data may cause the system to write outside the intended buffer area, allowing remote code execution. | [email protected] | 8.8 | 0.82% | 2019-08-02 | 2024-11-21 |
| CVE-2018-8837 | Processing specially crafted .pm3 files in Advantech WebAccess HMI Designer 2.1.7.32 and prior may cause the system to write outside the intended buffer area and may allow remote code execution. | [email protected] | 7.8 | 0.35% | 2018-04-25 | 2024-11-21 |
| CVE-2018-8835 | Double free vulnerabilities in Advantech WebAccess HMI Designer 2.1.7.32 and prior caused by processing specially crafted .pm3 files may allow remote code execution. | [email protected] | 7.8 | 0.35% | 2018-04-25 | 2024-11-21 |
| CVE-2018-8833 | Heap-based buffer overflow vulnerabilities in Advantech WebAccess HMI Designer 2.1.7.32 and prior caused by processing specially crafted .pm3 files may allow remote code execution. | [email protected] | 7.8 | 0.78% | 2018-04-25 | 2024-11-21 |