Export limit exceeded: 362653 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (311 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-32970 1 Moxa 8 Nport Iaw5150a-12i\/o, Nport Iaw5150a-12i\/o Firmware, Nport Iaw5150a-6i\/o and 5 more 2025-04-16 7.5 High
Data can be copied without validation in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier, which may allow a remote attacker to cause denial-of-service conditions.
CVE-2021-32974 1 Moxa 8 Nport Iaw5150a-12i\/o, Nport Iaw5150a-12i\/o Firmware, Nport Iaw5150a-6i\/o and 5 more 2025-04-16 9.8 Critical
Improper input validation in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier may allow a remote attacker to execute commands.
CVE-2021-32976 1 Moxa 8 Nport Iaw5150a-12i\/o, Nport Iaw5150a-12i\/o Firmware, Nport Iaw5150a-6i\/o and 5 more 2025-04-16 9.8 Critical
Five buffer overflows in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier may allow a remote attacker to initiate a denial-of-service attack and execute arbitrary code.
CVE-2022-2044 1 Moxa 2 Nport 5110, Nport 5110 Firmware 2025-04-16 8.2 High
MOXA NPort 5110: Firmware Versions 2.10 is vulnerable to an out-of-bounds write that may allow an attacker to overwrite values in memory, causing a denial-of-service condition or potentially bricking the device.
CVE-2022-2043 1 Moxa 2 Nport 5110, Nport 5110 Firmware 2025-04-16 7.5 High
MOXA NPort 5110: Firmware Versions 2.10 is vulnerable to an out-of-bounds write that can cause the device to become unresponsive.
CVE-2021-40390 1 Moxa 1 Mxview 2025-04-15 9.8 Critical
An authentication bypass vulnerability exists in the Web Application functionality of Moxa MXView Series 3.2.4. A specially-crafted HTTP request can lead to unauthorized access. An attacker can send an HTTP request to trigger this vulnerability.
CVE-2021-40392 1 Moxa 1 Mxview 2025-04-15 7.5 High
An information disclosure vulnerability exists in the Web Application functionality of Moxa MXView Series 3.2.4. Network sniffing can lead to a disclosure of sensitive information. An attacker can sniff network traffic to exploit this vulnerability.
CVE-2016-5812 1 Moxa 7 Oncell G3001 Firmware, Oncell G3100v2, Oncell G3100v2 Firmware and 4 more 2025-04-12 N/A
Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and G3251 devices before 1.7 use cleartext password storage, which makes it easier for local users to obtain sensitive information by reading a configuration file.
CVE-2016-5804 1 Moxa 10 Mgate Mb3170, Mgate Mb3170 Firmware, Mgate Mb3180 and 7 more 2025-04-12 9.8 Critical
Moxa MGate MB3180 before 1.8, MGate MB3280 before 2.7, MGate MB3480 before 2.6, MGate MB3170 before 2.5, and MGate MB3270 before 2.7 use weak encryption, which allows remote attackers to bypass authentication via a brute-force series of guesses for a parameter value.
CVE-2016-0876 1 Moxa 2 Edr-g903, Edr-g903 Firmware 2025-04-12 7.5 High
Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to discover cleartext passwords by reading a configuration file.
CVE-2016-5799 1 Moxa 7 Oncell G3001 Firmware, Oncell G3100v2, Oncell G3100v2 Firmware and 4 more 2025-04-12 N/A
Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and G3251 devices before 1.7 do not properly restrict authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack.
CVE-2016-5793 1 Moxa 1 Active Opc Server 2025-04-12 N/A
Unquoted Windows search path vulnerability in Moxa Active OPC Server before 2.4.19 allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory.
CVE-2016-0875 1 Moxa 2 Edr-g903, Edr-g903 Firmware 2025-04-12 7.5 High
Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to read configuration and log files via a crafted URL.
CVE-2016-5792 1 Moxa 1 Softcms 2025-04-12 N/A
SQL injection vulnerability in Moxa SoftCMS before 1.5 allows remote attackers to execute arbitrary SQL commands via unspecified fields.
CVE-2016-4514 1 Moxa 2 Pt-7728, Pt-7728 Firmware 2025-04-12 7.7 High
Moxa PT-7728 devices with software 3.4 build 15081113 allow remote authenticated users to change the configuration via vectors involving a local proxy.
CVE-2015-6481 1 Moxa 1 Oncell Central Manager 2025-04-12 N/A
The login function in the RequestController class in Moxa OnCell Central Manager before 2.2 has a hardcoded root password, which allows remote attackers to obtain administrative access via a login session.
CVE-2016-4503 1 Moxa 2 Device Server Web Console 5232-n, Device Server Web Console 5232-n Firmware 2025-04-12 9.8 Critical
Moxa Device Server Web Console 5232-N allows remote attackers to bypass authentication, and consequently modify settings and data, via vectors related to reading a cookie parameter containing a UserId value.
CVE-2016-4500 1 Moxa 2 Uc-7408 Lx-plus, Uc-7408 Lx-plus Firmware 2025-04-12 N/A
Moxa UC-7408 LX-Plus devices allow remote authenticated users to write to the firmware, and consequently render a device unusable, by leveraging root access.
CVE-2015-6480 1 Moxa 1 Oncell Central Manager 2025-04-12 N/A
The MessageBrokerServlet servlet in Moxa OnCell Central Manager before 2.2 does not require authentication, which allows remote attackers to obtain administrative access via a command, as demonstrated by the addUserAndGroup action.
CVE-2015-1000 1 Moxa 1 Softcms 2025-04-12 N/A
Stack-based buffer overflow in the OpenForIPCamTest method in the RTSPVIDEO.rtspvideoCtrl.1 (aka SStreamVideo) ActiveX control in Moxa SoftCMS before 1.3 allows remote attackers to execute arbitrary code via the StrRtspPath parameter.