Vulnerabilities > Deltaww
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-30 | CVE-2023-47207 | Deserialization of Untrusted Data vulnerability in Deltaww Infrasuite Device Master 1.0.7 In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an unauthenticated attacker to execute code with local administrator privileges. | 9.8 |
| 2023-10-09 | CVE-2023-5461 | Cleartext Transmission of Sensitive Information vulnerability in Deltaww Wplsoft 2.51 A vulnerability was found in Delta Electronics WPLSoft 2.51. | 5.9 |
| 2023-10-09 | CVE-2023-5459 | Improper Resource Shutdown or Release vulnerability in Deltaww products A vulnerability has been found in Delta Electronics DVP32ES2 PLC 1.48 and classified as critical. | 7.5 |
| 2023-10-09 | CVE-2023-5460 | Heap-based Buffer Overflow vulnerability in Deltaww Wplsoft A vulnerability was found in Delta Electronics WPLSoft up to 2.51 and classified as problematic. | 5.7 |
| 2023-09-21 | CVE-2023-5068 | Out-of-bounds Write vulnerability in Deltaww Diascreen 1.2.1.23 Delta Electronics DIAScreen may write past the end of an allocated buffer while parsing a specially crafted input file. | 7.8 |
| 2023-09-07 | CVE-2023-4685 | Stack-based Buffer Overflow vulnerability in Deltaww Cncsoft-B and Dopsoft Delta Electronics' CNCSoft-B version 1.0.0.4 and DOPSoft versions 4.0.0.82 and prior are vulnerable to stack-based buffer overflow, which could allow an attacker to execute arbitrary code. | 7.8 |
| 2023-07-10 | CVE-2023-30765 | Improper Access Control vulnerability in Deltaww Infrasuite Device Master 00.00.01A/00.00.02A/1.0.5 ?Delta Electronics InfraSuite Device Master versions prior to 1.0.7 contain improper access controls that could allow an attacker to alter privilege management configurations, resulting in privilege escalation. | 9.8 |
| 2023-07-10 | CVE-2023-34316 | Improper Access Control vulnerability in Deltaww Infrasuite Device Master 00.00.01A/00.00.02A/1.0.5 ?An attacker could bypass the latest Delta Electronics InfraSuite Device Master (versions prior to 1.0.7) patch, which could allow an attacker to retrieve file contents. | 7.5 |
| 2023-07-10 | CVE-2023-34347 | Deserialization of Untrusted Data vulnerability in Deltaww Infrasuite Device Master 00.00.01A/00.00.02A/1.0.5 ?Delta Electronics InfraSuite Device Master versions prior to 1.0.7 contains classes that cannot be deserialized, which could allow an attack to remotely execute arbitrary code. | 9.8 |
| 2023-06-07 | CVE-2023-24014 | Out-of-bounds Write vulnerability in Deltaww Cncsoft-B 1.0.0.2/1.0.0.4 Delta Electronics' CNCSoft-B DOPSoft versions 1.0.0.4 and prior are vulnerable to heap-based buffer overflow, which could allow an attacker to execute arbitrary code. | 7.8 |