Vulnerabilities > Deltaww
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-29 | CVE-2024-8255 | Deserialization of Untrusted Data vulnerability in Deltaww DTN Soft Delta Electronics DTN Soft version 2.0.1 and prior are vulnerable to an attacker achieving remote code execution through a deserialization of untrusted data vulnerability. | 9.8 |
| 2024-08-06 | CVE-2024-7502 | Out-of-bounds Write vulnerability in Deltaww Diascreen 1.2.1.23/1.3.2 A crafted DPA file could force Delta Electronics DIAScreen to overflow a stack-based buffer, which could allow an attacker to execute arbitrary code. | 7.8 |
| 2024-07-09 | CVE-2024-39880 | Out-of-bounds Write vulnerability in Deltaww Cncsoft-G2 2.0.0.5 Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. | 8.8 |
| 2024-07-09 | CVE-2024-39881 | Unspecified vulnerability in Deltaww Cncsoft-G2 2.0.0.5 Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a memory corruption condition. | 8.8 |
| 2024-07-09 | CVE-2024-39882 | Unspecified vulnerability in Deltaww Cncsoft-G2 2.0.0.5 Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. | 8.8 |
| 2024-07-09 | CVE-2024-39883 | Out-of-bounds Write vulnerability in Deltaww Cncsoft-G2 2.0.0.5 Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. | 8.8 |
| 2024-05-03 | CVE-2024-34031 | Unspecified vulnerability in Deltaww Diaenergie 1.10.00.005 Delta Electronics DIAEnergie is vulnerable to an SQL injection vulnerability that exists in the script Handler_CFG.ashx. | 8.8 |
| 2024-05-03 | CVE-2024-34032 | Unspecified vulnerability in Deltaww Diaenergie 1.10.00.005 Delta Electronics DIAEnergie is vulnerable to an SQL injection vulnerability that exists in the GetDIACloudList endpoint. | 8.8 |
| 2024-05-03 | CVE-2024-34033 | Unspecified vulnerability in Deltaww Diaenergie 1.10.00.005 Delta Electronics DIAEnergie has insufficient input validation which makes it possible to perform a path traversal attack and write outside of the intended directory. | 8.8 |
| 2024-03-21 | CVE-2024-25937 | Unspecified vulnerability in Deltaww Diaenergie SQL injection vulnerability exists in the script DIAE_tagHandler.ashx. | 8.8 |