47 matches found
EUVD-2026-9386
Delta Electronics CNCSoft-G2 lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process...
EUVD-2025-30949
Malicious code in bioql PyPI...
Delta Electronics CNCSoft-G2 DPAX File Parsing Memory Corruption Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-G2. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2025-47728
Delta Electronics CNCSoft-G2 lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process...
CVE-2025-47728
CVE-2025-47728 affects Delta Electronics CNCSoft-G2. The issue is a parsing/memory-corruption flaw in DPAX file handling that can allow code execution in the context of the current process when a user opens a malicious file. Metrics indicate LOCAL attack vector with low complexity and user intera...
Delta Electronics CNCSoft-G2
RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute code remotely. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. CISA reminds organizations to perform proper impact...
CVE-2024-47963
Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can manipulate users to visit a malicious page or file to leverage this vulnerability to execute code in the context of the current process...
CVE-2024-47962
Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can manipulate an insider to visit a malicious page or file to leverage this vulnerability to execute code in the context of the current...
CVE-2024-47965
Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can manipulate users to visit a malicious page or file to leverage this vulnerability to execute code in the context of the current process...
CVE-2024-47966 Use of Uninitialized Variable vulnerability in Delta Electronics CNCSoft-G2
Delta Electronics CNCSoft-G2 lacks proper initialization of memory prior to accessing it. An attacker can manipulate users to visit a malicious page or file to leverage this vulnerability to execute code in the context of the current process...
CVE-2024-47965
CVE-2024-47965 concerns Delta Electronics CNCSoft-G2. The vulnerability is an out-of-bounds read in the DPAX file parsing path caused by insufficient validation of user-supplied data, enabling an attacker to run code in the current process context after a user visits a malicious page/file. Affect...
CVE-2024-47964 Heap-based Buffer Overflow vulnerability in Delta Electronics CNCSoft-G2
Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can manipulate users to visit a malicious page or file to leverage this vulnerability to execute code in the context of the current process...
CVE-2024-47964
Delta Electronics CNCSoft-G2 has a heap-based buffer overflow due to insufficient validation of user-supplied data length before copying to a fixed-length heap buffer. The issue can allow code execution in the current process when a user is lured to a malicious page/file. Affected product: CNCSof...
CVE-2024-47962 Stack-based Buffer Overflow vulnerability in Delta Electronics CNCSoft-G2
Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can manipulate an insider to visit a malicious page or file to leverage this vulnerability to execute code in the context of the current...
CVE-2024-39882
Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current proce...
CVE-2024-39883 Heap-based Buffer Overflow in Delta Electronics CNCSoft-G2
Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current...
CVE-2024-39883 Heap-based Buffer Overflow in Delta Electronics CNCSoft-G2
Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current...
CVE-2024-39882 Out-of-bounds Read in Delta Electronics CNCSoft-G2
Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current proce...
CVE-2024-39881 Out-of-bounds Write in Delta Electronics CNCSoft-G2
Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a memory corruption condition. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process...
CVE-2024-39880 Stack-based Buffer Overflow in Delta Electronics CNCSoft-G2
Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the curren...