Filtered by vendor Deltaww
Subscribe
Search
Total
63 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-43457 | 1 Deltaww | 1 Diaenergie | 2023-12-22 | N/A | 8.8 HIGH |
| SQL Injection in HandlerPage_KID.ashx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network | |||||
| CVE-2023-5944 | 1 Deltaww | 1 Dopsoft | 2023-12-08 | N/A | 7.8 HIGH |
| Delta Electronics DOPSoft is vulnerable to a stack-based buffer overflow, which may allow for arbitrary code execution if an attacker can lead a legitimate user to execute a specially crafted file. | |||||
| CVE-2023-46690 | 1 Deltaww | 1 Infrasuite Device Master | 2023-12-06 | N/A | 8.8 HIGH |
| In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an attacker to write to any file to any location of the filesystem, which could lead to remote code execution. | |||||
| CVE-2023-47279 | 1 Deltaww | 1 Infrasuite Device Master | 2023-12-06 | N/A | 7.5 HIGH |
| In Delta Electronics InfraSuite Device Master v.1.0.7, A vulnerability exists that allows an unauthenticated attacker to disclose user information through a single UDP packet, obtain plaintext credentials, or perform NTLM relaying. | |||||
| CVE-2021-32969 | 1 Deltaww | 1 Diascreen | 2022-06-07 | 6.8 MEDIUM | 7.8 HIGH |
| Delta Electronics DIAScreen versions prior to 1.1.0 are vulnerable to an out-of-bounds write condition, which may result in a system crash or allow an attacker to remotely execute arbitrary code. | |||||
| CVE-2021-32965 | 1 Deltaww | 1 Diascreen | 2022-06-07 | 6.8 MEDIUM | 7.8 HIGH |
| Delta Electronics DIAScreen versions prior to 1.1.0 are vulnerable to type confusion, which may allow an attacker to remotely execute arbitrary code. | |||||
| CVE-2022-1403 | 1 Deltaww | 1 Asda Soft | 2022-05-10 | 6.8 MEDIUM | 7.8 HIGH |
| ASDA-Soft: Version 5.4.1.0 and prior does not properly sanitize input while processing a specific project file, allowing a possible out-of-bounds write condition. | |||||
| CVE-2022-1402 | 1 Deltaww | 1 Asda Soft | 2022-05-10 | 5.8 MEDIUM | 7.1 HIGH |
| ASDA-Soft: Version 5.4.1.0 and prior does not properly sanitize input while processing a specific project file, allowing a possible out-of-bounds read condition. | |||||
| CVE-2021-43982 | 1 Deltaww | 1 Cncsoft | 2021-12-13 | 6.8 MEDIUM | 7.8 HIGH |
| Delta Electronics CNCSoft Versions 1.01.30 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code. | |||||
| CVE-2020-16227 | 1 Deltaww | 1 Tpeditor | 2021-11-22 | 6.8 MEDIUM | 7.8 HIGH |
| Delta Electronics TPEditor Versions 1.97 and prior. An improper input validation may be exploited by processing a specially crafted project file not validated when the data is entered by a user. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application. | |||||
| CVE-2021-38424 | 1 Deltaww | 1 Dialink | 2021-11-05 | 6.8 MEDIUM | 7.8 HIGH |
| The tag interface of Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to an attacker injecting formulas into the tag data. Those formulas may then be executed when it is opened with a spreadsheet application. | |||||
| CVE-2021-38416 | 1 Deltaww | 1 Dialink | 2021-11-05 | 4.4 MEDIUM | 7.8 HIGH |
| Delta Electronics DIALink versions 1.2.4.0 and prior insecurely loads libraries, which may allow an attacker to use DLL hijacking and takeover the system where the software is installed. | |||||
| CVE-2021-38422 | 1 Deltaww | 1 Dialink | 2021-11-05 | 4.6 MEDIUM | 7.8 HIGH |
| Delta Electronics DIALink versions 1.2.4.0 and prior stores sensitive information in cleartext, which may allow an attacker to have extensive access to the application directory and escalate privileges. | |||||
| CVE-2021-38420 | 1 Deltaww | 1 Dialink | 2021-11-05 | 4.6 MEDIUM | 7.8 HIGH |
| Delta Electronics DIALink versions 1.2.4.0 and prior default permissions give extensive permissions to low-privileged user accounts, which may allow an attacker to modify the installation directory and upload malicious files. | |||||
| CVE-2019-13536 | 1 Deltaww | 1 Tpeditor | 2021-10-28 | 6.8 MEDIUM | 7.8 HIGH |
| Delta Electronics TPEditor, Versions 1.94 and prior. Multiple heap-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to remotely execute arbitrary code. | |||||
| CVE-2021-38406 | 1 Deltaww | 1 Dopsoft | 2021-10-04 | 6.8 MEDIUM | 7.8 HIGH |
| Delta Electronic DOPSoft 2 (Version 2.00.07 and prior) lacks proper validation of user-supplied data when parsing specific project files. This could result in multiple out-of-bounds write instances. An attacker could leverage this vulnerability to execute code in the context of the current process. | |||||
| CVE-2021-38404 | 1 Deltaww | 1 Dopsoft | 2021-10-04 | 6.8 MEDIUM | 7.8 HIGH |
| Delta Electronic DOPSoft 2 (Version 2.00.07 and prior) lacks proper validation of user-supplied data when parsing specific project files. This could result in a heap-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the current process. | |||||
| CVE-2021-38402 | 1 Deltaww | 1 Dopsoft | 2021-10-04 | 6.8 MEDIUM | 7.8 HIGH |
| Delta Electronic DOPSoft 2 (Version 2.00.07 and prior) lacks proper validation of user-supplied data when parsing specific project files. This could lead to a stack-based buffer overflow while trying to copy to a buffer during font string handling. An attacker could leverage this vulnerability to execute code in the context of the current process. | |||||
| CVE-2021-33019 | 1 Deltaww | 1 Dopsoft | 2021-09-16 | 6.8 MEDIUM | 7.8 HIGH |
| A stack-based buffer overflow vulnerability in Delta Electronics DOPSoft Version 4.00.11 and prior may be exploited by processing a specially crafted project file, which may allow an attacker to execute arbitrary code. | |||||
| CVE-2020-10597 | 1 Deltaww | 1 Delta Industrial Automation Dopsoft | 2021-09-14 | 5.8 MEDIUM | 7.1 HIGH |
| Delta Industrial Automation DOPSoft, Version 4.00.08.15 and prior. Multiple out-of-bounds read vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to read information and/or crash the application. | |||||
| CVE-2021-33007 | 1 Deltaww | 1 Tpeditor | 2021-09-03 | 6.8 MEDIUM | 7.8 HIGH |
| A heap-based buffer overflow in Delta Electronics TPEditor: v1.98.06 and prior may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code. | |||||
| CVE-2021-27412 | 1 Deltaww | 1 Dopsoft | 2021-07-07 | 6.8 MEDIUM | 7.8 HIGH |
| Delta Electronics DOPSoft Versions 4.0.10.17 and prior are vulnerable to an out-of-bounds read, which may allow an attacker to execute arbitrary code. | |||||
| CVE-2021-22672 | 1 Deltaww | 1 Cncsoft Screeneditor | 2021-05-18 | 6.8 MEDIUM | 7.8 HIGH |
| Delta Electronics' CNCSoft ScreenEditor in versions prior to v1.01.30 could allow the corruption of data, a denial-of-service condition, or code execution. The vulnerability may allow an attacker to remotely execute arbitrary code. | |||||
| CVE-2020-27289 | 1 Deltaww | 1 Cncsoft-b | 2021-03-09 | 6.8 MEDIUM | 7.8 HIGH |
| Delta Electronics CNCSoft-B Versions 1.0.0.2 and prior has a null pointer dereference issue while processing project files, which may allow an attacker to execute arbitrary code. | |||||
| CVE-2020-27275 | 1 Deltaww | 1 Dopsoft | 2021-03-09 | 9.3 HIGH | 7.8 HIGH |
| Delta Electronics DOPSoft Version 4.0.8.21 and prior is vulnerable to an out-of-bounds write while processing project files, which may allow an attacker to execute arbitrary code. | |||||
| CVE-2020-27281 | 1 Deltaww | 1 Cncsoft Screeneditor | 2021-03-09 | 6.8 MEDIUM | 7.8 HIGH |
| A stack-based buffer overflow may exist in Delta Electronics CNCSoft ScreenEditor versions 1.01.26 and prior when processing specially crafted project files, which may allow an attacker to execute arbitrary code. | |||||
| CVE-2020-27291 | 1 Deltaww | 1 Cncsoft-b | 2021-03-09 | 6.8 MEDIUM | 7.8 HIGH |
| Delta Electronics CNCSoft-B Versions 1.0.0.2 and prior is vulnerable to an out-of-bounds read while processing project files, which may allow an attacker to execute arbitrary code. | |||||
| CVE-2020-27287 | 1 Deltaww | 1 Cncsoft-b | 2021-03-09 | 6.8 MEDIUM | 7.8 HIGH |
| Delta Electronics CNCSoft-B Versions 1.0.0.2 and prior is vulnerable to an out-of-bounds write while processing project files, which may allow an attacker to execute arbitrary code. | |||||
| CVE-2020-27277 | 1 Deltaww | 1 Dopsoft | 2021-03-09 | 9.3 HIGH | 7.8 HIGH |
| Delta Electronics DOPSoft Version 4.0.8.21 and prior has a null pointer dereference issue while processing project files, which may allow an attacker to execute arbitrary code. | |||||
| CVE-2020-27293 | 1 Deltaww | 1 Cncsoft-b | 2021-03-09 | 6.8 MEDIUM | 7.8 HIGH |
| Delta Electronics CNCSoft-B Versions 1.0.0.2 and prior has a type confusion issue while processing project files, which may allow an attacker to execute arbitrary code. | |||||
| CVE-2020-27280 | 1 Deltaww | 1 Ispsoft | 2021-02-02 | 6.8 MEDIUM | 7.8 HIGH |
| A use after free issue has been identified in the way ISPSoft(v3.12 and prior) processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution. | |||||
| CVE-2020-27288 | 1 Deltaww | 1 Tpeditor | 2021-01-29 | 6.8 MEDIUM | 7.8 HIGH |
| An untrusted pointer dereference has been identified in the way TPEditor(v1.98 and prior) processes project files, allowing an attacker to craft a special project file that may permit arbitrary code execution. | |||||
| CVE-2020-27284 | 1 Deltaww | 1 Tpeditor | 2021-01-29 | 6.8 MEDIUM | 7.8 HIGH |
| TPEditor (v1.98 and prior) is vulnerable to two out-of-bounds write instances in the way it processes project files, allowing an attacker to craft a special project file that may permit arbitrary code execution. | |||||
| CVE-2019-13540 | 1 Deltaww | 1 Tpeditor | 2020-10-16 | 6.8 MEDIUM | 7.8 HIGH |
| Delta Electronics TPEditor, Versions 1.94 and prior. Multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to remotely execute arbitrary code. | |||||
| CVE-2019-10947 | 1 Deltaww | 1 Cncsoft Screeneditor | 2020-10-02 | 6.8 MEDIUM | 7.8 HIGH |
| Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor Version 1.00.88 and prior. Multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, allowing an attacker to remotely execute arbitrary code. This may occur because CNCSoft lacks user input validation before copying data from project files onto the stack. | |||||
| CVE-2019-10951 | 1 Deltaww | 1 Cncsoft Screeneditor | 2020-10-02 | 6.8 MEDIUM | 7.8 HIGH |
| Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor Version 1.00.88 and prior. Multiple heap-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, allowing an attacker to remotely execute arbitrary code. There is a lack of user input validation before copying data from project files onto the heap. | |||||
| CVE-2019-10982 | 1 Deltaww | 1 Cnssoft Screeneditor | 2020-10-02 | 6.8 MEDIUM | 7.8 HIGH |
| Delta Electronics CNCSoft ScreenEditor, Versions 1.00.89 and prior. Multiple heap-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, allowing an attacker to remotely execute arbitrary code. There is a lack of user input validation before copying data from project files onto the heap. | |||||
| CVE-2018-8839 | 1 Deltaww | 1 Pmsoft | 2020-09-29 | 4.6 MEDIUM | 7.8 HIGH |
| Delta PMSoft versions 2.10 and prior have multiple stack-based buffer overflow vulnerabilities where a .ppm file can introduce a value larger than is readable by PMSoft's fixed-length stack buffer. This can cause the buffer to be overwritten, which may allow arbitrary code execution or cause the application to crash. CVSS v3 base score: 7.1; CVSS vector string: AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H. Delta Electronics recommends affected users update to at least PMSoft v2.11, which was made available as of March 22, 2018, or the latest available version. | |||||
| CVE-2018-17929 | 1 Deltaww | 1 Tpeditor | 2020-09-18 | 6.8 MEDIUM | 7.8 HIGH |
| In Delta Industrial Automation TPEditor, TPEditor Versions 1.90 and prior, multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files lacking user input validation before copying data from project files onto the stack and may allow an attacker to remotely execute arbitrary code. | |||||
| CVE-2018-5476 | 1 Deltaww | 1 Delta Industrial Automation Dopsoft | 2020-09-18 | 6.8 MEDIUM | 7.8 HIGH |
| A Stack-based Buffer Overflow issue was discovered in Delta Electronics Delta Industrial Automation DOPSoft, Version 4.00.01 or prior. Stack-based buffer overflow vulnerabilities caused by processing specially crafted .dop or .dpb files may allow an attacker to remotely execute arbitrary code. | |||||
| CVE-2018-10636 | 1 Deltaww | 2 Cncsoft, Screeneditor | 2020-08-31 | 9.3 HIGH | 8.8 HIGH |
| CNCSoft Version 1.00.83 and prior with ScreenEditor Version 1.00.54 has multiple stack-based buffer overflow vulnerabilities that could cause the software to crash due to lacking user input validation before copying data from project files onto the stack. Which may allow an attacker to gain remote code execution with administrator privileges if exploited. | |||||
| CVE-2019-16247 | 1 Deltaww | 1 Dcisoft | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| Delta DCISoft 1.21 has a User Mode Write AV starting at CommLib!CCommLib::SetSerializeData+0x000000000000001b. | |||||
| CVE-2020-16225 | 1 Deltaww | 1 Tpeditor | 2020-08-10 | 6.8 MEDIUM | 7.8 HIGH |
| Delta Electronics TPEditor Versions 1.97 and prior. A write-what-where condition may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application. | |||||
| CVE-2020-16221 | 1 Deltaww | 1 Tpeditor | 2020-08-10 | 6.8 MEDIUM | 7.8 HIGH |
| Delta Electronics TPEditor Versions 1.97 and prior. A stack-based buffer overflow may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application. | |||||
| CVE-2020-16223 | 1 Deltaww | 1 Tpeditor | 2020-08-10 | 6.8 MEDIUM | 7.8 HIGH |
| Delta Electronics TPEditor Versions 1.97 and prior. A heap-based buffer overflow may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application. | |||||
| CVE-2020-16219 | 1 Deltaww | 1 Tpeditor | 2020-08-10 | 6.8 MEDIUM | 7.8 HIGH |
| Delta Electronics TPEditor Versions 1.97 and prior. An out-of-bounds read may be exploited by processing specially crafted project files. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application. | |||||
| CVE-2020-16203 | 1 Deltaww | 1 Cncsoft Screeneditor | 2020-08-06 | 6.8 MEDIUM | 7.8 HIGH |
| Delta Industrial Automation CNCSoft ScreenEditor, Versions 1.01.23 and prior. An uninitialized pointer may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application. | |||||
| CVE-2020-16199 | 1 Deltaww | 1 Cncsoft Screeneditor | 2020-08-06 | 6.8 MEDIUM | 7.8 HIGH |
| Delta Industrial Automation CNCSoft ScreenEditor, Versions 1.01.23 and prior. Multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application. | |||||
| CVE-2020-14482 | 1 Deltaww | 1 Dopsoft | 2020-07-10 | 6.8 MEDIUM | 7.8 HIGH |
| Delta Industrial Automation DOPSoft, Version 4.00.08.15 and prior. Opening a specially crafted project file may overflow the heap, which may allow remote code execution, disclosure/modification of information, or cause the application to crash. | |||||
| CVE-2020-7002 | 1 Deltaww | 1 Cncsoft Screeneditor | 2020-03-20 | 6.8 MEDIUM | 7.8 HIGH |
| Delta Industrial Automation CNCSoft ScreenEditor, v1.00.96 and prior. Multiple stack-based buffer overflows can be exploited when a valid user opens a specially crafted, malicious input file. | |||||