Filtered by vendor Deltaww
Subscriptions
Total
218 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-2969 | 1 Deltaww | 1 Dialink | 2024-08-03 | 8.1 High |
| Delta Industrial Automation DIALink versions prior to v1.5.0.0 Beta 4 uses an external input to construct a pathname intended to identify a file or directory located underneath a restricted parent directory. However, the software does not properly neutralize special elements within the pathname, which can cause the pathname to resolve to a location outside of the restricted directory. | ||||
| CVE-2022-2966 | 1 Deltaww | 1 Dopsoft | 2024-08-03 | 3.3 Low |
| Out-of-bounds Read vulnerability in Delta Electronics DOPSoft.This issue affects DOPSoft: All Versions. | ||||
| CVE-2022-2660 | 1 Deltaww | 1 Dialink | 2024-08-03 | 9.8 Critical |
| Delta Industrial Automation DIALink versions 1.4.0.0 and prior are vulnerable to the use of a hard-coded cryptographic key which could allow an attacker to decrypt sensitive data and compromise the machine. | ||||
| CVE-2022-1377 | 1 Deltaww | 1 Diaenergie | 2024-08-03 | 9.8 Critical |
| Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in DIAE_rltHandler.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands. | ||||
| CVE-2022-1374 | 1 Deltaww | 1 Diaenergie | 2024-08-03 | 9.8 Critical |
| Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in DIAE_unHandler.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands. | ||||
| CVE-2022-1375 | 1 Deltaww | 1 Diaenergie | 2024-08-03 | 9.8 Critical |
| Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in DIAE_slogHandler.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands. | ||||
| CVE-2022-1376 | 1 Deltaww | 1 Diaenergie | 2024-08-03 | 9.8 Critical |
| Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in DIAE_privgrpHandler.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands. | ||||
| CVE-2022-1370 | 1 Deltaww | 1 Diaenergie | 2024-08-03 | 9.8 Critical |
| Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in ReadREGbyID. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands. | ||||
| CVE-2022-1366 | 1 Deltaww | 1 Diaenergie | 2024-08-03 | 9.8 Critical |
| Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in HandlerChart.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands. | ||||
| CVE-2022-1369 | 1 Deltaww | 1 Diaenergie | 2024-08-03 | 9.8 Critical |
| Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in ReadRegIND. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands. | ||||
| CVE-2022-1372 | 1 Deltaww | 1 Diaenergie | 2024-08-03 | 9.8 Critical |
| Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in dlSlog.aspx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands. | ||||
| CVE-2022-1378 | 1 Deltaww | 1 Diaenergie | 2024-08-03 | 9.8 Critical |
| Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in DIAE_pgHandler.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands. | ||||
| CVE-2022-1371 | 1 Deltaww | 1 Diaenergie | 2024-08-03 | 9.8 Critical |
| Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in ReadRegf. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands. | ||||
| CVE-2022-1367 | 1 Deltaww | 1 Diaenergie | 2024-08-03 | 9.8 Critical |
| Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in Handler_TCV.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands. | ||||
| CVE-2023-47279 | 1 Deltaww | 1 Infrasuite Device Master | 2024-08-02 | 7.5 High |
| In Delta Electronics InfraSuite Device Master v.1.0.7, A vulnerability exists that allows an unauthenticated attacker to disclose user information through a single UDP packet, obtain plaintext credentials, or perform NTLM relaying. | ||||
| CVE-2023-47207 | 1 Deltaww | 1 Infrasuite Device Master | 2024-08-02 | 9.8 Critical |
| In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an unauthenticated attacker to execute code with local administrator privileges. | ||||
| CVE-2023-46690 | 1 Deltaww | 1 Infrasuite Device Master | 2024-08-02 | 8.8 High |
| In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an attacker to write to any file to any location of the filesystem, which could lead to remote code execution. | ||||
| CVE-2023-43819 | 1 Deltaww | 1 Dopsoft | 2024-08-02 | 8.8 High |
| A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the InitialMacroLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution. | ||||
| CVE-2023-43816 | 1 Deltaww | 1 Dopsoft | 2024-08-02 | 6.3 Medium |
| A buffer overflow vulnerability exists in Delta Electronics Delta Industrial Automation DOPSoft version 2 when parsing the wKPFStringLen field of a DPS file. An anonymous attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve code execution. | ||||
| CVE-2023-43822 | 1 Deltaww | 1 Dopsoft | 2024-08-02 | 8.8 High |
| A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wLogTitlesTimeLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution. | ||||