Vulnerabilities > Deltaww > High

DATE CVE VULNERABILITY TITLE RISK
2024-07-09 CVE-2024-39880 Out-of-bounds Write vulnerability in Deltaww Cncsoft-G2 2.0.0.5
Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer.
network
low complexity
deltaww CWE-787
8.8
8.8
2024-07-09 CVE-2024-39881 Unspecified vulnerability in Deltaww Cncsoft-G2 2.0.0.5
Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a memory corruption condition.
network
low complexity
deltaww
8.8
8.8
2024-07-09 CVE-2024-39882 Unspecified vulnerability in Deltaww Cncsoft-G2 2.0.0.5
Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a read past the end of an allocated buffer.
network
low complexity
deltaww
8.8
8.8
2024-07-09 CVE-2024-39883 Out-of-bounds Write vulnerability in Deltaww Cncsoft-G2 2.0.0.5
Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer.
network
low complexity
deltaww CWE-787
8.8
8.8
2024-05-03 CVE-2024-34031 Unspecified vulnerability in Deltaww Diaenergie 1.10.00.005
Delta Electronics DIAEnergie is vulnerable to an SQL injection vulnerability that exists in the script Handler_CFG.ashx.
network
low complexity
deltaww
8.8
8.8
2024-05-03 CVE-2024-34032 Unspecified vulnerability in Deltaww Diaenergie 1.10.00.005
Delta Electronics DIAEnergie is vulnerable to an SQL injection vulnerability that exists in the GetDIACloudList endpoint.
network
low complexity
deltaww
8.8
8.8
2024-05-03 CVE-2024-34033 Unspecified vulnerability in Deltaww Diaenergie 1.10.00.005
Delta Electronics DIAEnergie has insufficient input validation which makes it possible to perform a path traversal attack and write outside of the intended directory.
network
low complexity
deltaww
8.8
8.8
2024-03-21 CVE-2024-25937 Unspecified vulnerability in Deltaww Diaenergie
SQL injection vulnerability exists in the script DIAE_tagHandler.ashx.
network
low complexity
deltaww
8.8
8.8
2024-03-21 CVE-2024-28029 Unspecified vulnerability in Deltaww Diaenergie
Privileges are not fully verified server-side, which can be abused by a user with limited privileges to bypass authorization and access privileged functionality.
network
low complexity
deltaww
8.8
8.8
2024-01-18 CVE-2023-43815 Classic Buffer Overflow vulnerability in Deltaww Dopsoft 2.00.07
A buffer overflow vulnerability exists in Delta Electronics Delta Industrial Automation DOPSoft version 2 when parsing the wScreenDESCTextLen field of a DPS file.
local
low complexity
deltaww CWE-120
7.8
7.8