Vulnerabilities > Deltaww

DATE CVE VULNERABILITY TITLE RISK
2022-05-24 CVE-2021-32965 Type Confusion vulnerability in Deltaww Diascreen
Delta Electronics DIAScreen versions prior to 1.1.0 are vulnerable to type confusion, which may allow an attacker to remotely execute arbitrary code.
local
low complexity
deltaww CWE-843
7.8
7.8
2022-05-24 CVE-2021-32969 Out-of-bounds Write vulnerability in Deltaww Diascreen
Delta Electronics DIAScreen versions prior to 1.1.0 are vulnerable to an out-of-bounds write condition, which may result in a system crash or allow an attacker to remotely execute arbitrary code.
local
low complexity
deltaww CWE-787
7.8
7.8
2022-05-03 CVE-2022-1331 XXE vulnerability in Deltaww Dmars
In four instances DMARS (All versions prior to v2.1.10.24) does not properly restrict references of XML external entities while processing specific project files, which may allow unauthorized information disclosure.
local
low complexity
deltaww CWE-611
5.5
5.5
2022-05-02 CVE-2022-1367 SQL Injection vulnerability in Deltaww Diaenergie 1.08.00/1.7.5/1.8.0
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in Handler_TCV.ashx.
network
low complexity
deltaww CWE-89
critical
 9.8
9.8
2022-05-02 CVE-2022-1369 SQL Injection vulnerability in Deltaww Diaenergie 1.08.00/1.7.5/1.8.0
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in ReadRegIND.
network
low complexity
deltaww CWE-89
critical
 9.8
9.8
2022-05-02 CVE-2022-1370 SQL Injection vulnerability in Deltaww Diaenergie 1.08.00/1.7.5/1.8.0
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in ReadREGbyID.
network
low complexity
deltaww CWE-89
critical
 9.8
9.8
2022-05-02 CVE-2022-1371 SQL Injection vulnerability in Deltaww Diaenergie 1.08.00/1.7.5/1.8.0
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in ReadRegf.
network
low complexity
deltaww CWE-89
critical
 9.8
9.8
2022-05-02 CVE-2022-1372 SQL Injection vulnerability in Deltaww Diaenergie 1.08.00/1.7.5/1.8.0
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in dlSlog.aspx.
network
low complexity
deltaww CWE-89
critical
 9.8
9.8
2022-05-02 CVE-2022-1374 SQL Injection vulnerability in Deltaww Diaenergie 1.08.00/1.7.5/1.8.0
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in DIAE_unHandler.ashx.
network
low complexity
deltaww CWE-89
critical
 9.8
9.8
2022-05-02 CVE-2022-1375 SQL Injection vulnerability in Deltaww Diaenergie 1.08.00/1.7.5/1.8.0
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in DIAE_slogHandler.ashx.
network
low complexity
deltaww CWE-89
critical
 9.8
9.8