Vulnerabilities > Deltaww > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-31 | CVE-2022-41688 | Unspecified vulnerability in Deltaww Infrasuite Device Master 00.00.01A Delta Electronics InfraSuite Device Master versions 00.00.01a and prior lack proper authentication for functions that create and modify user groups. | 7.5 |
| 2022-10-31 | CVE-2022-41776 | Unspecified vulnerability in Deltaww Infrasuite Device Master 00.00.01A Delta Electronics InfraSuite Device Master versions 00.00.01a and prior allow unauthenticated users to trigger the WriteConfiguration method, which could allow an attacker to provide new values for user configuration files such as UserListInfo.xml. | 7.5 |
| 2022-10-27 | CVE-2022-40967 | SQL Injection vulnerability in Deltaww Diaenergie The affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a SQL injection that exists in CheckIoTHubNameExisted. | 8.8 |
| 2022-10-27 | CVE-2022-41133 | SQL Injection vulnerability in Deltaww Diaenergie The affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a SQL injection that exists in GetDIAE_line_message_settingsListParameters. | 8.8 |
| 2022-10-27 | CVE-2022-41773 | SQL Injection vulnerability in Deltaww Diaenergie The affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a SQL injection that exists in CheckDIACloud. | 8.8 |
| 2022-08-31 | CVE-2022-1404 | Unspecified vulnerability in Deltaww Cncsoft 1.00.83/1.01.30 Delta Electronics CNCSoft (All versions prior to 1.01.32) does not properly sanitize input while processing a specific project file, allowing a possible out-of-bounds read condition. | 7.1 |
| 2022-08-31 | CVE-2022-1405 | Unspecified vulnerability in Deltaww Cncsoft 1.00.83/1.01.30 CNCSoft: All versions prior to 1.01.32 does not properly sanitize input while processing a specific project file, allowing a possible stack-based buffer overflow condition. | 7.8 |
| 2022-08-31 | CVE-2022-2759 | Unspecified vulnerability in Deltaww Delta Robot Automation Studio Delta Electronics Delta Robot Automation Studio (DRAS) versions prior to 1.13.20 are affected by improper restrictions where the software processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output. | 8.6 |
| 2022-05-24 | CVE-2021-32965 | Unspecified vulnerability in Deltaww Diascreen Delta Electronics DIAScreen versions prior to 1.1.0 are vulnerable to type confusion, which may allow an attacker to remotely execute arbitrary code. | 7.8 |
| 2022-05-24 | CVE-2021-32969 | Out-of-bounds Write vulnerability in Deltaww Diascreen Delta Electronics DIAScreen versions prior to 1.1.0 are vulnerable to an out-of-bounds write condition, which may result in a system crash or allow an attacker to remotely execute arbitrary code. | 7.8 |