Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
deltaww vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2022-26349
Delta Electronics DIAEnergie (All versions before 1.8.02.004) has a blind SQL injection vulnerability that exists in DIAE_eccoefficientHandler.ashx. This allows an malicious user to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.
Deltaww Diaenergie
9.3
CVSSv2
CVE-2020-27275
Delta Electronics DOPSoft Version 4.0.8.21 and prior is vulnerable to an out-of-bounds write while processing project files, which may allow an malicious user to execute arbitrary code.
Deltaww Dopsoft
6.8
CVSSv2
CVE-2020-27288
An untrusted pointer dereference has been identified in the way TPEditor(v1.98 and prior) processes project files, allowing an malicious user to craft a special project file that may permit arbitrary code execution.
Deltaww Tpeditor
6.8
CVSSv2
CVE-2021-32965
Delta Electronics DIAScreen versions before 1.1.0 are vulnerable to type confusion, which may allow an malicious user to remotely execute arbitrary code.
Deltaww Diascreen
NA
CVE-2022-41651
The affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a stored cross-site scripting vulnerability through the SetPF API.
Deltaww Diaenergie
NA
CVE-2022-41701
The affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a stored cross-site scripting vulnerability through the PutShift API.
Deltaww Diaenergie
NA
CVE-2022-41702
The affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a stored cross-site scripting vulnerability through the InsertReg API.
Deltaww Diaenergie
NA
CVE-2022-1404
Delta Electronics CNCSoft (All versions before 1.01.32) does not properly sanitize input while processing a specific project file, allowing a possible out-of-bounds read condition.
Deltaww Cncsoft
NA
CVE-2022-40965
The affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a stored cross-site scripting vulnerability through the PostEnergyType API.
Deltaww Diaenergie
NA
CVE-2022-40967
The affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a SQL injection that exists in CheckIoTHubNameExisted. A low-privileged authenticated attacker could exploit this issue to inject arbitrary SQL queries.
Deltaww Diaenergie
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »