Filtered by vendor Deltaww
Subscribe
Total
238 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-22882 | 1 Deltaww | 1 Ispsoft | 2025-05-16 | N/A | 7.8 HIGH |
| Delta Electronics ISPSoft version 3.20 is vulnerable to a Stack-Based buffer overflow vulnerability that could allow an attacker to leverage debugging logic to execute arbitrary code when parsing CBDGL file. | |||||
| CVE-2025-22883 | 1 Deltaww | 1 Ispsoft | 2025-05-16 | N/A | 7.8 HIGH |
| Delta Electronics ISPSoft version 3.20 is vulnerable to an Out-Of-Bounds Write vulnerability that could allow an attacker to execute arbitrary code when parsing DVP file. | |||||
| CVE-2025-22884 | 1 Deltaww | 1 Ispsoft | 2025-05-16 | N/A | 7.8 HIGH |
| Delta Electronics ISPSoft version 3.20 is vulnerable to a Stack-Based buffer overflow vulnerability that could allow an attacker to execute arbitrary code when parsing DVP file. | |||||
| CVE-2025-4124 | 1 Deltaww | 1 Ispsoft | 2025-05-16 | N/A | 7.8 HIGH |
| Delta Electronics ISPSoft version 3.20 is vulnerable to an Out-Of-Bounds Write vulnerability that could allow an attacker to execute arbitrary code when parsing ISP file. | |||||
| CVE-2025-4125 | 1 Deltaww | 1 Ispsoft | 2025-05-16 | N/A | 7.8 HIGH |
| Delta Electronics ISPSoft version 3.20 is vulnerable to an Out-Of-Bounds Write vulnerability that could allow an attacker to execute arbitrary code when parsing ISP file. | |||||
| CVE-2022-43775 | 1 Deltaww | 1 Diaenergie | 2025-05-07 | N/A | 9.8 CRITICAL |
| The HICT_Loop class in Delta Electronics DIAEnergy v1.9 contains a SQL Injection flaw that could allow an attacker to gain code execution on a remote system. | |||||
| CVE-2022-43774 | 1 Deltaww | 1 Diaenergie | 2025-05-07 | N/A | 9.8 CRITICAL |
| The HandlerPageP_KID class in Delta Electronics DIAEnergy v1.9 contains a SQL Injection flaw that could allow an attacker to gain code execution on a remote system. | |||||
| CVE-2022-42141 | 1 Deltaww | 2 Dx-2100-l1-cn, Dx-2100-l1-cn Firmware | 2025-04-22 | N/A | 5.4 MEDIUM |
| Delta Electronics DX-2100-L1-CN 2.42 is vulnerable to Cross Site Scripting (XSS) via lform/urlfilter. | |||||
| CVE-2022-42140 | 1 Deltaww | 2 Dx-2100-l1-cn, Dx-2100-l1-cn Firmware | 2025-04-22 | N/A | 7.2 HIGH |
| Delta Electronics DX-2100-L1-CN 2.42 is vulnerable to Command Injection via lform/net_diagnose. | |||||
| CVE-2022-42139 | 1 Deltaww | 2 Dvw-w02w2-e2, Dvw-w02w2-e2 Firmware | 2025-04-22 | N/A | 8.8 HIGH |
| Delta Electronics DVW-W02W2-E2 1.5.0.10 is vulnerable to Command Injection via Crafted URL. | |||||
| CVE-2023-47279 | 1 Deltaww | 1 Infrasuite Device Master | 2025-04-15 | N/A | 7.5 HIGH |
| In Delta Electronics InfraSuite Device Master v.1.0.7, A vulnerability exists that allows an unauthenticated attacker to disclose user information through a single UDP packet, obtain plaintext credentials, or perform NTLM relaying. | |||||
| CVE-2023-0444 | 1 Deltaww | 1 Infrasuite Device Master | 2025-04-03 | N/A | 8.8 HIGH |
| A privilege escalation vulnerability exists in Delta Electronics InfraSuite Device Master 00.00.02a. A default user 'User', which is in the 'Read Only User' group, can view the password of another default user 'Administrator', which is in the 'Administrator' group. This allows any lower privileged user to log in as an administrator. | |||||
| CVE-2024-25574 | 1 Deltaww | 1 Diaenergie | 2025-02-27 | N/A | 8.8 HIGH |
| SQL injection vulnerability exists in GetDIAE_usListParameters. | |||||
| CVE-2021-38406 | 1 Deltaww | 1 Dopsoft | 2025-02-12 | 6.8 MEDIUM | 7.8 HIGH |
| Delta Electronic DOPSoft 2 (Version 2.00.07 and prior) lacks proper validation of user-supplied data when parsing specific project files. This could result in multiple out-of-bounds write instances. An attacker could leverage this vulnerability to execute code in the context of the current process. | |||||
| CVE-2024-39354 | 1 Deltaww | 1 Diascreen | 2025-01-30 | N/A | 7.8 HIGH |
| If an attacker tricks a valid user into running Delta Electronics DIAScreen with a file containing malicious code, a stack-based buffer overflow in CEtherIPTagItem can be exploited, allowing the attacker to remotely execute arbitrary code. | |||||
| CVE-2024-47131 | 1 Deltaww | 1 Diascreen | 2025-01-30 | N/A | 7.8 HIGH |
| If an attacker tricks a valid user into running Delta Electronics DIAScreen with a file containing malicious code, a stack-based buffer overflow in BACnetObjectInfo can be exploited, allowing the attacker to remotely execute arbitrary code. | |||||
| CVE-2024-39605 | 1 Deltaww | 1 Diascreen | 2025-01-30 | N/A | 7.8 HIGH |
| If an attacker tricks a valid user into running Delta Electronics DIAScreen with a file containing malicious code, a stack-based buffer overflow in BACnetParameter can be exploited, allowing the attacker to remotely execute arbitrary code. | |||||
| CVE-2024-34033 | 1 Deltaww | 1 Diaenergie | 2025-01-30 | N/A | 8.8 HIGH |
| Delta Electronics DIAEnergie has insufficient input validation which makes it possible to perform a path traversal attack and write outside of the intended directory. If a file name is specified that already exists on the file system, then the original file will be overwritten. | |||||
| CVE-2024-34032 | 1 Deltaww | 1 Diaenergie | 2025-01-30 | N/A | 8.8 HIGH |
| Delta Electronics DIAEnergie is vulnerable to an SQL injection vulnerability that exists in the GetDIACloudList endpoint. An authenticated attacker can exploit this issue to potentially compromise the system on which DIAEnergie is deployed. | |||||
| CVE-2024-34031 | 1 Deltaww | 1 Diaenergie | 2025-01-30 | N/A | 8.8 HIGH |
| Delta Electronics DIAEnergie is vulnerable to an SQL injection vulnerability that exists in the script Handler_CFG.ashx. An authenticated attacker can exploit this issue to potentially compromise the system on which DIAEnergie is deployed. | |||||