Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
deltaww vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2022-26839
Delta Electronics DIAEnergie (All versions before 1.8.02.004) is vulnerable to an incorrect default permission in the DIAEnergie application, which may allow an malicious user to plant new files (such as DLLs) or replace existing executable files.
Deltaww Diaenergie
9.8
CVSSv3
CVE-2022-26887
Delta Electronics DIAEnergie (All versions before 1.8.02.004) has a blind SQL injection vulnerability exists in DIAE_loopmapHandler.ashx. This allows an malicious user to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.
Deltaww Diaenergie
8.8
CVSSv3
CVE-2022-40967
The affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a SQL injection that exists in CheckIoTHubNameExisted. A low-privileged authenticated attacker could exploit this issue to inject arbitrary SQL queries.
Deltaww Diaenergie
9.8
CVSSv3
CVE-2018-10594
Delta Industrial Automation COMMGR from Delta Electronics versions 1.08 and prior with accompanying PLC Simulators (DVPSimulator EH2, EH3, ES2, SE, SS2 and AHSIM_5x0, AHSIM_5x1) utilize a fixed-length stack buffer where an unverified length value can be read from the network pack...
Deltaww Commgr
2 EDB exploits
7.8
CVSSv3
CVE-2023-5068
Delta Electronics DIAScreen may write past the end of an allocated buffer while parsing a specially crafted input file. This could allow an malicious user to execute code in the context of the current process.
Deltaww Diascreen
7.8
CVSSv3
CVE-2020-16223
Delta Electronics TPEditor Versions 1.97 and prior. A heap-based buffer overflow may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an malicious user to read/modify information, execute arbitrary code, and/or c...
Deltaww Tpeditor
7.8
CVSSv3
CVE-2020-16225
Delta Electronics TPEditor Versions 1.97 and prior. A write-what-where condition may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an malicious user to read/modify information, execute arbitrary code, and/or c...
Deltaww Tpeditor
4.8
CVSSv3
CVE-2021-38403
Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to cross-site scripting because an authenticated attacker can inject arbitrary JavaScript code into the parameter supplier of the API maintenance, which may allow an malicious user to remotely execute code.
Deltaww Dialink
4.8
CVSSv3
CVE-2021-38407
Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to cross-site scripting because an authenticated attacker can inject arbitrary JavaScript code into the parameter name of the API devices, which may allow an malicious user to remotely execute code.
Deltaww Dialink
4.8
CVSSv3
CVE-2021-38411
Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to cross-site scripting because an authenticated attacker can inject arbitrary JavaScript code into the parameter deviceName of the API modbusWriter-Reader, which may allow an malicious user to remotely execute co...
Deltaww Dialink
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »