Filtered by vendor Deltaww
Subscribe
Total
217 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-8255 | 1 Deltaww | 1 Dtn Soft | 2024-09-06 | N/A | 9.8 CRITICAL |
| Delta Electronics DTN Soft version 2.0.1 and prior are vulnerable to an attacker achieving remote code execution through a deserialization of untrusted data vulnerability. | |||||
| CVE-2024-39880 | 1 Deltaww | 1 Cncsoft-g2 | 2024-08-29 | N/A | 8.8 HIGH |
| Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process. | |||||
| CVE-2024-39881 | 1 Deltaww | 1 Cncsoft-g2 | 2024-08-29 | N/A | 8.8 HIGH |
| Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a memory corruption condition. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process. | |||||
| CVE-2024-39882 | 1 Deltaww | 1 Cncsoft-g2 | 2024-08-29 | N/A | 8.8 HIGH |
| Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process. | |||||
| CVE-2024-39883 | 1 Deltaww | 1 Cncsoft-g2 | 2024-08-29 | N/A | 8.8 HIGH |
| Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process. | |||||
| CVE-2024-7502 | 1 Deltaww | 1 Diascreen | 2024-08-12 | N/A | 7.8 HIGH |
| A crafted DPA file could force Delta Electronics DIAScreen to overflow a stack-based buffer, which could allow an attacker to execute arbitrary code. | |||||
| CVE-2023-5461 | 1 Deltaww | 1 Wplsoft | 2024-05-17 | 2.6 LOW | 5.9 MEDIUM |
| A vulnerability was found in Delta Electronics WPLSoft 2.51. It has been classified as problematic. Affected is an unknown function of the component Modbus Handler. The manipulation leads to cleartext transmission of sensitive information. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-241584. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2023-5460 | 1 Deltaww | 1 Wplsoft | 2024-05-17 | 2.7 LOW | 5.7 MEDIUM |
| A vulnerability was found in Delta Electronics WPLSoft up to 2.51 and classified as problematic. This issue affects some unknown processing of the component Modbus Data Packet Handler. The manipulation leads to heap-based buffer overflow. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-241583. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2023-5459 | 1 Deltaww | 14 Dvp32es200r, Dvp32es200r Firmware, Dvp32es200rc and 11 more | 2024-05-17 | 6.1 MEDIUM | 7.5 HIGH |
| A vulnerability has been found in Delta Electronics DVP32ES2 PLC 1.48 and classified as critical. This vulnerability affects unknown code of the component Password Transmission Handler. The manipulation leads to denial of service. The exploit has been disclosed to the public and may be used. VDB-241582 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-28029 | 1 Deltaww | 1 Diaenergie | 2024-03-25 | N/A | 8.8 HIGH |
| Privileges are not fully verified server-side, which can be abused by a user with limited privileges to bypass authorization and access privileged functionality. | |||||
| CVE-2023-43816 | 1 Deltaww | 1 Dopsoft | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
| A buffer overflow vulnerability exists in Delta Electronics Delta Industrial Automation DOPSoft version 2 when parsing the wKPFStringLen field of a DPS file. An anonymous attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve code execution. | |||||
| CVE-2023-5131 | 1 Deltaww | 1 Ispsoft | 2024-02-28 | 7.3 HIGH | 8.8 HIGH |
| A heap buffer-overflow exists in Delta Electronics ISPSoft. An anonymous attacker can exploit this vulnerability by enticing a user to open a specially crafted DVP file to achieve code execution. | |||||
| CVE-2023-43815 | 1 Deltaww | 1 Dopsoft | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
| A buffer overflow vulnerability exists in Delta Electronics Delta Industrial Automation DOPSoft version 2 when parsing the wScreenDESCTextLen field of a DPS file. An anonymous attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve code execution. | |||||
| CVE-2023-46690 | 1 Deltaww | 1 Infrasuite Device Master | 2024-02-28 | N/A | 8.8 HIGH |
| In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an attacker to write to any file to any location of the filesystem, which could lead to remote code execution. | |||||
| CVE-2023-39226 | 1 Deltaww | 1 Infrasuite Device Master | 2024-02-28 | N/A | 9.8 CRITICAL |
| In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an unauthenticated attacker to execute arbitrary code through a single UDP packet. | |||||
| CVE-2023-47207 | 1 Deltaww | 1 Infrasuite Device Master | 2024-02-28 | N/A | 9.8 CRITICAL |
| In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an unauthenticated attacker to execute code with local administrator privileges. | |||||
| CVE-2023-43820 | 1 Deltaww | 1 Dopsoft | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
| A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wLogTitlesPrevValueLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution. | |||||
| CVE-2023-43821 | 1 Deltaww | 1 Dopsoft | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
| A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wLogTitlesActionLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution. | |||||
| CVE-2023-43818 | 1 Deltaww | 1 Dopsoft | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
| A buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution. | |||||
| CVE-2023-43817 | 1 Deltaww | 1 Dopsoft | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
| A buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft version 2 when parsing the wMailContentLen field of a DPS file. An anonymous attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve code execution. | |||||