Vulnerabilities > Deltaww > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-31 | CVE-2022-2759 | Unspecified vulnerability in Deltaww Delta Robot Automation Studio Delta Electronics Delta Robot Automation Studio (DRAS) versions prior to 1.13.20 are affected by improper restrictions where the software processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output. | 8.6 |
| 2022-05-24 | CVE-2021-32965 | Unspecified vulnerability in Deltaww Diascreen Delta Electronics DIAScreen versions prior to 1.1.0 are vulnerable to type confusion, which may allow an attacker to remotely execute arbitrary code. | 7.8 |
| 2022-05-24 | CVE-2021-32969 | Out-of-bounds Write vulnerability in Deltaww Diascreen Delta Electronics DIAScreen versions prior to 1.1.0 are vulnerable to an out-of-bounds write condition, which may result in a system crash or allow an attacker to remotely execute arbitrary code. | 7.8 |
| 2022-04-29 | CVE-2022-1402 | Unspecified vulnerability in Deltaww Asda Soft 5.4.1.0 ASDA-Soft: Version 5.4.1.0 and prior does not properly sanitize input while processing a specific project file, allowing a possible out-of-bounds read condition. | 7.1 |
| 2022-04-29 | CVE-2022-1403 | Out-of-bounds Write vulnerability in Deltaww Asda Soft 5.4.1.0 ASDA-Soft: Version 5.4.1.0 and prior does not properly sanitize input while processing a specific project file, allowing a possible out-of-bounds write condition. | 7.8 |
| 2022-04-01 | CVE-2022-1098 | Uncontrolled Search Path Element vulnerability in Deltaww Diaenergie 1.08.00/1.7.5/1.8.0 Delta Electronics DIAEnergie (all versions prior to 1.8.02.004) are vulnerable to a DLL hijacking condition. | 7.8 |
| 2022-03-29 | CVE-2022-25347 | Path Traversal vulnerability in Deltaww Diaenergie 1.08.00/1.7.5/1.8.0 Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) is vulnerable to path traversal attacks, which may allow an attacker to write arbitrary files to locations on the file system. | 7.5 |
| 2022-03-29 | CVE-2022-26839 | Incorrect Default Permissions vulnerability in Deltaww Diaenergie 1.08.00/1.7.5/1.8.0 Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) is vulnerable to an incorrect default permission in the DIAEnergie application, which may allow an attacker to plant new files (such as DLLs) or replace existing executable files. | 7.8 |
| 2022-03-25 | CVE-2022-0988 | Cleartext Transmission of Sensitive Information vulnerability in Deltaww Diaenergie 1.7.5 Delta Electronics DIAEnergie (Version 1.7.5 and prior) is vulnerable to cleartext transmission as the web application runs by default on HTTP. | 7.5 |
| 2021-12-09 | CVE-2021-43982 | Unspecified vulnerability in Deltaww Cncsoft 1.00.83/1.01.30 Delta Electronics CNCSoft Versions 1.01.30 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code. | 7.8 |