Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
deltaww vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2020-14482
Delta Industrial Automation DOPSoft, Version 4.00.08.15 and prior. Opening a specially crafted project file may overflow the heap, which may allow remote code execution, disclosure/modification of information, or cause the application to crash.
Deltaww Dopsoft
10
CVSSv2
CVE-2021-38393
A Blind SQL injection vulnerability exists in the /DataHandler/HandlerAlarmGroup.ashx endpoint of Delta Electronics DIAEnergie Version 1.7.5 and prior. The application does not properly validate the user-controlled value supplied through the parameter agid before using it as part...
Deltaww Diaenergie
3.5
CVSSv2
CVE-2021-38407
Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to cross-site scripting because an authenticated attacker can inject arbitrary JavaScript code into the parameter name of the API devices, which may allow an malicious user to remotely execute code.
Deltaww Dialink
3.5
CVSSv2
CVE-2021-38411
Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to cross-site scripting because an authenticated attacker can inject arbitrary JavaScript code into the parameter deviceName of the API modbusWriter-Reader, which may allow an malicious user to remotely execute co...
Deltaww Dialink
6.8
CVSSv2
CVE-2018-14800
Delta Electronics ISPSoft version 3.0.5 and prior allow an attacker, by opening a crafted file, to cause the application to read past the boundary allocated to a stack object, which could allow execution of code under the context of the application.
Deltaww Ispsoft
4.3
CVSSv2
CVE-2022-1331
In four instances DMARS (All versions prior to v2.1.10.24) does not properly restrict references of XML external entities while processing specific project files, which may allow unauthorized information disclosure.
Deltaww Dmars
10
CVSSv2
CVE-2022-1370
Delta Electronics DIAEnergie (All versions before 1.8.02.004) has a blind SQL injection vulnerability exists in ReadREGbyID. This allows an malicious user to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.
Deltaww Diaenergie
10
CVSSv2
CVE-2022-1376
Delta Electronics DIAEnergie (All versions before 1.8.02.004) has a blind SQL injection vulnerability exists in DIAE_privgrpHandler.ashx. This allows an malicious user to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.
Deltaww Diaenergie
NA
CVE-2022-1405
CNCSoft: All versions before 1.01.32 does not properly sanitize input while processing a specific project file, allowing a possible stack-based buffer overflow condition.
Deltaww Cncsoft
6.8
CVSSv2
CVE-2021-43982
Delta Electronics CNCSoft Versions 1.01.30 and prior are vulnerable to a stack-based buffer overflow, which may allow an malicious user to execute arbitrary code.
Deltaww Cncsoft
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30078
CVE-2024-37896
code injection
CVE-2024-3080
CVE-2024-5172
cross-site request forgery
CVE-2024-6111
firmware
CVE-2024-38504
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »