Filtered by vendor Deltaww
Subscribe
Total
285 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-3214 | 1 Deltaww | 1 Diaenergie | 2026-02-25 | N/A | 9.8 CRITICAL |
|
Delta Industrial Automation's DIAEnergy, an industrial energy management system, is vulnerable to CWE-798, Use of Hard-coded Credentials. Versions prior to
1.9.03.009
have this vulnerability. Executable files could be uploaded to certain directories using hard-coded bearer authorization, allowing remote code execution.
|
|||||
| CVE-2026-1361 | 1 Deltaww | 1 Asda Soft | 2026-02-17 | N/A | 7.8 HIGH |
|
ASDA-Soft Stack-based Buffer Overflow Vulnerability
|
|||||
| CVE-2026-0975 | 1 Deltaww | 1 Diaview | 2026-01-20 | N/A | 7.8 HIGH |
|
Delta Electronics DIAView has Command Injection vulnerability.
|
|||||
| CVE-2025-62581 | 1 Deltaww | 1 Diaview | 2026-01-20 | N/A | 9.8 CRITICAL |
|
Delta Electronics DIAView has multiple vulnerabilities.
|
|||||
| CVE-2025-62582 | 1 Deltaww | 1 Diaview | 2026-01-20 | N/A | 9.8 CRITICAL |
|
Delta Electronics DIAView has multiple vulnerabilities.
|
|||||
| CVE-2025-62578 | 1 Deltaww | 2 Dvp-12se, Dvp-12se Firmware | 2026-01-08 | N/A | 7.5 HIGH |
|
DVP-12SE - Modbus/TCP Cleartext Transmission of Sensitive Information
|
|||||
| CVE-2025-59301 | 1 Deltaww | 2 Dvp15mc11t, Dvp15mc11t Firmware | 2026-01-08 | N/A | 4.0 MEDIUM |
|
Delta Electronics DVP15MC11T lacks proper validation of the modbus/tcp packets and can lead to denial of service.
|
|||||
| CVE-2025-15102 | 1 Deltaww | 2 Dvp-12se11t, Dvp-12se11t Firmware | 2026-01-06 | N/A | 9.1 CRITICAL |
|
DVP-12SE11T - Password Protection Bypass
|
|||||
| CVE-2025-15103 | 1 Deltaww | 2 Dvp-12se11t, Dvp-12se11t Firmware | 2026-01-06 | N/A | 8.1 HIGH |
|
DVP-12SE11T - Authentication Bypass via Partial Password Disclosure
|
|||||
| CVE-2025-15358 | 1 Deltaww | 2 Dvp-12se11t, Dvp-12se11t Firmware | 2026-01-06 | N/A | 7.5 HIGH |
|
DVP-12SE11T - Denial of Service Vulnerability
|
|||||
| CVE-2025-15359 | 1 Deltaww | 2 Dvp-12se11t, Dvp-12se11t Firmware | 2026-01-05 | N/A | 9.1 CRITICAL |
|
DVP-12SE11T - Out-of-bound memory write Vulnerability
|
|||||
| CVE-2024-23494 | 1 Deltaww | 1 Diaenergie | 2025-11-05 | N/A | 8.8 HIGH |
|
SQL injection vulnerability exists in GetDIAE_unListParameters.
|
|||||
| CVE-2024-28891 | 1 Deltaww | 1 Diaenergie | 2025-11-05 | N/A | 8.8 HIGH |
|
SQL injection vulnerability exists in the script Handler_CFG.ashx.
|
|||||
| CVE-2024-23975 | 1 Deltaww | 1 Diaenergie | 2025-11-05 | N/A | 8.8 HIGH |
|
SQL injection vulnerability exists in GetDIAE_slogListParameters.
|
|||||
| CVE-2024-25567 | 1 Deltaww | 1 Diaenergie | 2025-11-05 | N/A | 8.1 HIGH |
|
Path traversal attack is possible and write outside of the intended directory and may access sensitive information. If a file name is specified that already exists on the file system, then the original file will be overwritten.
|
|||||
| CVE-2024-28040 | 1 Deltaww | 1 Diaenergie | 2025-11-05 | N/A | 8.8 HIGH |
|
SQL injection vulnerability exists in GetDIAE_astListParameters.
|
|||||
| CVE-2024-28045 | 1 Deltaww | 1 Diaenergie | 2025-11-05 | N/A | 4.6 MEDIUM |
|
Improper neutralization of input within the affected product could lead to cross-site scripting.
|
|||||
| CVE-2024-28171 | 1 Deltaww | 1 Diaenergie | 2025-11-05 | N/A | 8.1 HIGH |
|
It is possible to perform a path traversal attack and write outside of the intended directory. If a file name is specified that already exists on the file system, then the original file will be overwritten.
|
|||||
| CVE-2021-38406 | 1 Deltaww | 1 Dopsoft | 2025-10-30 | 6.8 MEDIUM | 7.8 HIGH |
|
Delta Electronic DOPSoft 2 (Version 2.00.07 and prior) lacks proper validation of user-supplied data when parsing specific project files. This could result in multiple out-of-bounds write instances. An attacker could leverage this vulnerability to execute code in the context of the current process.
|
|||||
| CVE-2025-62579 | 1 Deltaww | 1 Asda Soft | 2025-10-28 | N/A | 7.8 HIGH |
|
ASDA-Soft Stack-based Buffer Overflow Vulnerability
|
|||||
| CVE-2025-62580 | 1 Deltaww | 1 Asda Soft | 2025-10-28 | N/A | 7.8 HIGH |
|
ASDA-Soft Stack-based Buffer Overflow Vulnerability
|
|||||
| CVE-2025-59297 | 1 Deltaww | 1 Diascreen | 2025-10-08 | N/A | 7.8 HIGH |
|
Delta Electronics DIAScreen lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process.
|
|||||
| CVE-2025-59298 | 1 Deltaww | 1 Diascreen | 2025-10-08 | N/A | 7.8 HIGH |
|
Delta Electronics DIAScreen lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process.
|
|||||
| CVE-2025-59299 | 1 Deltaww | 1 Diascreen | 2025-10-08 | N/A | 7.8 HIGH |
|
Delta Electronics DIAScreen lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process.
|
|||||
| CVE-2025-59300 | 1 Deltaww | 1 Diascreen | 2025-10-08 | N/A | 7.8 HIGH |
|
Delta Electronics DIAScreen lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process.
|
|||||
| CVE-2025-58320 | 1 Deltaww | 1 Dialink | 2025-09-26 | N/A | 7.3 HIGH |
|
Delta Electronics DIALink has an Directory Traversal Authentication Bypass Vulnerability.
|
|||||
| CVE-2025-58321 | 1 Deltaww | 1 Dialink | 2025-09-26 | N/A | 10.0 CRITICAL |
|
Delta Electronics DIALink has an Directory Traversal Authentication Bypass Vulnerability.
|
|||||
| CVE-2025-58319 | 1 Deltaww | 1 Cncsoft-g2 | 2025-09-25 | N/A | 7.8 HIGH |
|
Delta Electronics CNCSoft-G2 lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process.
|
|||||
| CVE-2025-58317 | 1 Deltaww | 1 Cncsoft-g2 | 2025-09-25 | N/A | 7.8 HIGH |
|
Delta Electronics CNCSoft-G2 lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process.
|
|||||
| CVE-2025-22884 | 1 Deltaww | 1 Ispsoft | 2025-08-25 | N/A | 7.8 HIGH |
|
Delta Electronics ISPSoft version 3.20 is vulnerable to a Stack-Based buffer overflow vulnerability that could allow an attacker to execute arbitrary code when parsing DVP file.
|
|||||
| CVE-2025-22882 | 1 Deltaww | 1 Ispsoft | 2025-08-25 | N/A | 7.8 HIGH |
|
Delta Electronics ISPSoft version 3.20 is vulnerable to a Stack-Based buffer overflow vulnerability that could allow an attacker to leverage debugging logic to execute arbitrary code when parsing CBDGL file.
|
|||||
| CVE-2025-57703 | 1 Deltaww | 1 Diaenergie | 2025-08-21 | N/A | 6.1 MEDIUM |
|
DIAEnergie - Reflected Cross-site Scripting
|
|||||
| CVE-2025-57702 | 1 Deltaww | 1 Diaenergie | 2025-08-21 | N/A | 6.1 MEDIUM |
|
DIAEnergie - Reflected Cross-site Scripting
|
|||||
| CVE-2025-57701 | 1 Deltaww | 1 Diaenergie | 2025-08-21 | N/A | 6.1 MEDIUM |
|
DIAEnergie - Reflected Cross-site Scripting
|
|||||
| CVE-2025-57700 | 1 Deltaww | 1 Diaenergie | 2025-08-21 | N/A | 6.1 MEDIUM |
|
DIAEnergie - Stored Cross-site Scripting
|
|||||
| CVE-2024-12835 | 1 Deltaww | 1 Drasimucad | 2025-07-11 | N/A | 7.8 HIGH |
|
Delta Electronics DRASimuCAD ICS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DRASimuCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of ICS files. The issue results from the lack of proper validation of user-supplied data, wh ...
Show More |
|||||
| CVE-2024-12834 | 1 Deltaww | 1 Drasimucad | 2025-07-11 | N/A | 7.8 HIGH |
|
Delta Electronics DRASimuCAD STP File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DRASimuCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of STP files. The issue results from the lack of proper validation of user-supplied data, which c ...
Show More |
|||||
| CVE-2024-12836 | 1 Deltaww | 1 Drasimucad | 2025-07-11 | N/A | 7.8 HIGH |
|
Delta Electronics DRASimuCAD STP File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DRASimuCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of STP files. The issue results from the lack of proper validation of user-supplied data, which c ...
Show More |
|||||
| CVE-2025-47727 | 1 Deltaww | 1 Cncsoft | 2025-07-11 | N/A | 7.3 HIGH |
|
Delta Electronics CNCSoft lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process.
|
|||||
| CVE-2025-47725 | 1 Deltaww | 1 Cncsoft | 2025-07-11 | N/A | 7.3 HIGH |
|
Delta Electronics CNCSoft lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process.
|
|||||