Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
deltaww vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-38418
Delta Electronics DIALink versions 1.2.4.0 and prior runs by default on HTTP, which may allow an malicious user to be positioned between the traffic and perform a machine-in-the-middle attack to access information without authorization.
Deltaww Dialink
6.8
CVSSv2
CVE-2021-38424
The tag interface of Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to an attacker injecting formulas into the tag data. Those formulas may then be executed when it is opened with a spreadsheet application.
Deltaww Dialink
3.5
CVSSv2
CVE-2021-38428
Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to cross-site scripting because an authenticated attacker can inject arbitrary JavaScript code into the parameter name of the API schedule, which may allow an malicious user to remotely execute code.
Deltaww Dialink
NA
CVE-2022-2966
Out-of-bounds Read vulnerability in Delta Electronics DOPSoft.This issue affects DOPSoft: All Versions.
Deltaww Dopsoft
6.8
CVSSv2
CVE-2020-16219
Delta Electronics TPEditor Versions 1.97 and prior. An out-of-bounds read may be exploited by processing specially crafted project files. Successful exploitation of this vulnerability may allow an malicious user to read/modify information, execute arbitrary code, and/or crash the...
Deltaww Tpeditor
6.8
CVSSv2
CVE-2020-16221
Delta Electronics TPEditor Versions 1.97 and prior. A stack-based buffer overflow may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an malicious user to read/modify information, execute arbitrary code, and/or ...
Deltaww Tpeditor
10
CVSSv2
CVE-2022-26013
Delta Electronics DIAEnergie (All versions before 1.8.02.004) has a blind SQL injection vulnerability that exists in DIAE_dmdsetHandler.ashx. This allows an malicious user to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.
Deltaww Diaenergie
NA
CVE-2022-41133
The affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a SQL injection that exists in GetDIAE_line_message_settingsListParameters. A low-privileged authenticated attacker could exploit this issue to inject arbitrary SQL queries.
Deltaww Diaenergie
6.8
CVSSv2
CVE-2021-32965
Delta Electronics DIAScreen versions before 1.1.0 are vulnerable to type confusion, which may allow an malicious user to remotely execute arbitrary code.
Deltaww Diascreen
10
CVSSv2
CVE-2022-26836
Delta Electronics DIAEnergie (All versions before 1.8.02.004) has a blind SQL injection vulnerability that exists in HandlerExport.ashx/Calendar. This allows an malicious user to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.
Deltaww Diaenergie
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »