| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Delta Electronics CNCSoft-G2 lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process. |
| Delta Electronics CNCSoft-G2 lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process. |
| Delta Electronics CNCSoft-G2 lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process. |
| Delta Electronics COMMGR2 has
Stack-based Buffer Overflow vulnerability. |
| Delta Electronics COMMGR2 has
Buffer Over-read DoS vulnerability. |
| Delta Industrial Automation's DIAEnergy, an industrial energy management system, is vulnerable to CWE-798, Use of Hard-coded Credentials. Versions prior to
1.9.03.009
have this vulnerability. Executable files could be uploaded to certain directories using hard-coded bearer authorization, allowing remote code execution. |
| ASDA-Soft Stack-based Buffer Overflow Vulnerability |
| Delta Electronics DIAView has Command Injection vulnerability. |
| Delta Electronics DIAView has multiple vulnerabilities. |
| Delta Electronics DIAView has multiple vulnerabilities. |
| DVP-12SE - Modbus/TCP Cleartext Transmission of Sensitive Information |
| Delta Electronics DVP15MC11T lacks proper validation of the modbus/tcp packets and can lead to denial of service. |
| DVP-12SE11T - Password Protection Bypass |
| DVP-12SE11T - Authentication Bypass via Partial Password Disclosure |
| DVP-12SE11T - Denial of Service Vulnerability |
| DVP-12SE11T - Out-of-bound memory write Vulnerability |
|
SQL injection vulnerability exists in GetDIAE_unListParameters.
|
|
SQL injection vulnerability exists in the script Handler_CFG.ashx.
|
|
SQL injection vulnerability exists in GetDIAE_slogListParameters.
|
|
Path traversal attack is possible and write outside of the intended directory and may access sensitive information. If a file name is specified that already exists on the file system, then the original file will be overwritten.
|
