Vulnerabilities > Deltaww > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-24 | CVE-2021-32969 | Out-of-bounds Write vulnerability in Deltaww Diascreen Delta Electronics DIAScreen versions prior to 1.1.0 are vulnerable to an out-of-bounds write condition, which may result in a system crash or allow an attacker to remotely execute arbitrary code. | 6.8 |
| 2022-05-03 | CVE-2022-1331 | XXE vulnerability in Deltaww Dmars In four instances DMARS (All versions prior to v2.1.10.24) does not properly restrict references of XML external entities while processing specific project files, which may allow unauthorized information disclosure. | 4.3 |
| 2022-04-29 | CVE-2022-1402 | Out-of-bounds Read vulnerability in Deltaww Asda Soft ASDA-Soft: Version 5.4.1.0 and prior does not properly sanitize input while processing a specific project file, allowing a possible out-of-bounds read condition. | 5.8 |
| 2022-04-29 | CVE-2022-1403 | Out-of-bounds Write vulnerability in Deltaww Asda Soft ASDA-Soft: Version 5.4.1.0 and prior does not properly sanitize input while processing a specific project file, allowing a possible out-of-bounds write condition. | 6.8 |
| 2022-04-01 | CVE-2022-1098 | Uncontrolled Search Path Element vulnerability in Deltaww Diaenergie 1.7.5 Delta Electronics DIAEnergie (all versions prior to 1.8.02.004) are vulnerable to a DLL hijacking condition. | 4.4 |
| 2022-03-29 | CVE-2022-25347 | Path Traversal vulnerability in Deltaww Diaenergie 1.7.5 Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) is vulnerable to path traversal attacks, which may allow an attacker to write arbitrary files to locations on the file system. | 5.0 |
| 2022-03-29 | CVE-2022-26839 | Incorrect Default Permissions vulnerability in Deltaww Diaenergie 1.7.5 Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) is vulnerable to an incorrect default permission in the DIAEnergie application, which may allow an attacker to plant new files (such as DLLs) or replace existing executable files. | 4.6 |
| 2022-03-25 | CVE-2021-44768 | Out-of-bounds Read vulnerability in Deltaww Cncsoft Screeneditor Delta Electronics CNCSoft (Version 1.01.30) and prior) is vulnerable to an out-of-bounds read while processing a specific project file, which may allow an attacker to disclose information. | 4.3 |
| 2022-03-25 | CVE-2022-0988 | Cleartext Transmission of Sensitive Information vulnerability in Deltaww Diaenergie 1.7.5 Delta Electronics DIAEnergie (Version 1.7.5 and prior) is vulnerable to cleartext transmission as the web application runs by default on HTTP. | 5.0 |
| 2021-12-22 | CVE-2021-23228 | Cross-site Scripting vulnerability in Deltaww Diaenergie 1.7.5 DIAEnergie Version 1.7.5 and prior is vulnerable to a reflected cross-site scripting attack through error pages that are returned by “.NET Request.QueryString”. | 4.3 |