Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Iview
(Advantech)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 23 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-02-11 | CVE-2021-22654 | Advantech iView versions prior to v5.7.03.6112 are vulnerable to a SQL injection, which may allow an unauthorized attacker to disclose information. | Iview | 7.5 | ||
| 2021-02-11 | CVE-2021-22652 | Access to the Advantech iView versions prior to v5.7.03.6112 configuration are missing authentication, which may allow an unauthorized attacker to change the configuration and obtain code execution. | Iview | 9.8 | ||
| 2021-02-11 | CVE-2021-22656 | Advantech iView versions prior to v5.7.03.6112 are vulnerable to directory traversal, which may allow an attacker to read sensitive files. | Iview | 7.5 | ||
| 2021-06-11 | CVE-2021-32932 | The affected product is vulnerable to a SQL injection, which may allow an unauthorized attacker to disclose information on the iView (versions prior to v5.7.03.6182). | Iview | 7.5 | ||
| 2021-06-11 | CVE-2021-32930 | The affected product’s configuration is vulnerable due to missing authentication, which may allow an attacker to change configurations and execute arbitrary code on the iView (versions prior to v5.7.03.6182). | Iview | 9.8 | ||
| 2022-07-22 | CVE-2022-2135 | The affected product is vulnerable to multiple SQL injections, which may allow an unauthorized attacker to disclose information. | Iview | 7.5 | ||
| 2022-07-22 | CVE-2022-2136 | The affected product is vulnerable to multiple SQL injections that require low privileges for exploitation and may allow an unauthorized attacker to disclose information. | Iview | 6.5 | ||
| 2022-07-22 | CVE-2022-2137 | The affected product is vulnerable to two SQL injections that require high privileges for exploitation and may allow an unauthorized attacker to disclose information | Iview | 4.9 | ||
| 2022-07-22 | CVE-2022-2138 | The affected product is vulnerable due to missing authentication, which may allow an attacker to read or modify sensitive data and execute arbitrary code, resulting in a denial-of-service condition. | Iview | 7.5 | ||
| 2022-07-22 | CVE-2022-2139 | The affected product is vulnerable to directory traversal, which may allow an attacker to access unauthorized files and execute arbitrary code. | Iview | 9.8 |