Vulnerabilities > Deltaww > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-04-30 | CVE-2025-4124 | Out-of-bounds Write vulnerability in Deltaww Ispsoft Delta Electronics ISPSoft version 3.20 is vulnerable to an Out-Of-Bounds Write vulnerability that could allow an attacker to execute arbitrary code when parsing ISP file. | 9.8 |
| 2025-04-30 | CVE-2025-4125 | Out-of-bounds Write vulnerability in Deltaww Ispsoft Delta Electronics ISPSoft version 3.20 is vulnerable to an Out-Of-Bounds Write vulnerability that could allow an attacker to execute arbitrary code when parsing ISP file. | 9.8 |
| 2025-04-30 | CVE-2025-22882 | Out-of-bounds Write vulnerability in Deltaww Ispsoft Delta Electronics ISPSoft version 3.20 is vulnerable to a Stack-Based buffer overflow vulnerability that could allow an attacker to leverage debugging logic to execute arbitrary code when parsing CBDGL file. | 9.8 |
| 2025-04-30 | CVE-2025-22883 | Out-of-bounds Write vulnerability in Deltaww Ispsoft Delta Electronics ISPSoft version 3.20 is vulnerable to an Out-Of-Bounds Write vulnerability that could allow an attacker to execute arbitrary code when parsing DVP file. | 9.8 |
| 2025-04-30 | CVE-2025-22884 | Out-of-bounds Write vulnerability in Deltaww Ispsoft Delta Electronics ISPSoft version 3.20 is vulnerable to a Stack-Based buffer overflow vulnerability that could allow an attacker to execute arbitrary code when parsing DVP file. | 9.8 |
| 2024-10-03 | CVE-2024-43699 | SQL Injection vulnerability in Deltaww Diaenergie Delta Electronics DIAEnergie is vulnerable to an SQL injection in the script AM_RegReport.aspx. | 9.8 |
| 2024-08-29 | CVE-2024-8255 | Deserialization of Untrusted Data vulnerability in Deltaww DTN Soft Delta Electronics DTN Soft version 2.0.1 and prior are vulnerable to an attacker achieving remote code execution through a deserialization of untrusted data vulnerability. | 9.8 |
| 2024-04-01 | CVE-2024-25574 | Unspecified vulnerability in Deltaww Diaenergie SQL injection vulnerability exists in GetDIAE_usListParameters. | 9.8 |
| 2023-11-30 | CVE-2023-39226 | Unspecified vulnerability in Deltaww Infrasuite Device Master 1.0.7 In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an unauthenticated attacker to execute arbitrary code through a single UDP packet. | 9.8 |
| 2023-11-30 | CVE-2023-47207 | Deserialization of Untrusted Data vulnerability in Deltaww Infrasuite Device Master 1.0.7 In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an unauthenticated attacker to execute code with local administrator privileges. | 9.8 |