Vulnerabilities > Deltaww

DATE CVE VULNERABILITY TITLE RISK
2023-02-17 CVE-2023-0822 Files or Directories Accessible to External Parties vulnerability in Deltaww Diaenergie
The affected product DIAEnergie (versions prior to v1.9.03.001) contains improper authorization, which could allow an unauthorized user to bypass authorization and access privileged functionality.
network
low complexity
deltaww CWE-552
8.8
2023-02-08 CVE-2023-0249 Out-of-bounds Write vulnerability in Deltaww Diascreen
Delta Electronics DIAScreen versions 1.2.1.23 and prior are vulnerable to out-of-bounds write, which may allow an attacker to remotely execute arbitrary code.
local
low complexity
deltaww CWE-787
7.8
2023-02-08 CVE-2023-0250 Stack-based Buffer Overflow vulnerability in Deltaww Diascreen
Delta Electronics DIAScreen versions 1.2.1.23 and prior are vulnerable to a stack-based buffer overflow, which could allow an attacker to remotely execute arbitrary code.
local
low complexity
deltaww CWE-121
7.8
2023-02-08 CVE-2023-0251 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Deltaww Diascreen
Delta Electronics DIAScreen versions 1.2.1.23 and prior are vulnerable to a buffer overflow through improper restrictions of operations within memory, which could allow an attacker to remotely execute arbitrary code.
local
low complexity
deltaww CWE-119
7.8
2023-02-03 CVE-2022-4634 Out-of-bounds Write vulnerability in Deltaww Cncsoft and Screeneditor
All versions prior to Delta Electronic’s CNCSoft version 1.01.34 (running ScreenEditor versions 1.01.5 and prior) are vulnerable to a stack-based buffer overflow, which could allow an attacker to remotely execute arbitrary code.
local
low complexity
deltaww CWE-787
7.8
2023-02-03 CVE-2023-0123 Out-of-bounds Write vulnerability in Deltaww Dopsoft
Delta Electronics DOPSoft versions 4.00.16.22 and prior are vulnerable to a stack-based buffer overflow, which could allow an attacker to remotely execute arbitrary code when a malformed file is introduced to the software.
local
low complexity
deltaww CWE-787
7.8
2023-02-03 CVE-2023-0124 Out-of-bounds Write vulnerability in Deltaww Dopsoft
Delta Electronics DOPSoft versions 4.00.16.22 and prior are vulnerable to an out-of-bounds write, which could allow an attacker to remotely execute arbitrary code when a malformed file is introduced to the software.
local
low complexity
deltaww CWE-787
7.8
2023-01-26 CVE-2023-0444 Unspecified vulnerability in Deltaww Infrasuite Device Master 00.00.02A
A privilege escalation vulnerability exists in Delta Electronics InfraSuite Device Master 00.00.02a.
network
low complexity
deltaww
8.8
2023-01-13 CVE-2022-41778 Deserialization of Untrusted Data vulnerability in Deltaww Infrasuite Device Master 00.00.01A
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior deserialize user-supplied data provided through the Device-DataCollect service port without proper verification.
network
low complexity
deltaww CWE-502
8.8
2023-01-13 CVE-2022-4616 Command Injection vulnerability in Deltaww Dx-3021L9 Firmware
The webserver in Delta DX-3021 versions prior to 1.24 is vulnerable to command injection through the network diagnosis page.
network
low complexity
deltaww CWE-77
critical
9.1