Lucene search
K

47 matches found

EUVD
EUVD
added 2026/03/04 9:31 a.m.8 views

EUVD-2026-9386

Delta Electronics CNCSoft-G2 lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process...

7.8CVSS6.1AI score0.00351EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-30949

Malicious code in bioql PyPI...

7.8CVSS6.6AI score0.00284EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2025/06/19 12:0 a.m.5 views

Delta Electronics CNCSoft-G2 DPAX File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-G2. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS6.5AI score0.00361EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/06/06 9:21 a.m.16 views

CVE-2025-47728

Delta Electronics CNCSoft-G2 lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process...

7.3CVSS7.1AI score0.00361EPSS
Exploits0References1
CVE
CVE
added 2025/06/04 8:11 a.m.62 views

CVE-2025-47728

CVE-2025-47728 affects Delta Electronics CNCSoft-G2. The issue is a parsing/memory-corruption flaw in DPAX file handling that can allow code execution in the context of the current process when a user opens a malicious file. Metrics indicate LOCAL attack vector with low complexity and user intera...

7.3CVSS6.7AI score0.00361EPSS
Exploits0References1Affected Software1
ICS
ICS
added 2025/03/04 7:0 a.m.11 views

Delta Electronics CNCSoft-G2

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute code remotely. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. CISA reminds organizations to perform proper impact...

8.4CVSS7.1AI score0.00266EPSS
Exploits0References10
OSV
OSV
added 2024/10/10 6:15 p.m.6 views

CVE-2024-47963

Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can manipulate users to visit a malicious page or file to leverage this vulnerability to execute code in the context of the current process...

7.8CVSS5.9AI score0.00275EPSS
Exploits0References1
NVD
NVD
added 2024/10/10 6:15 p.m.14 views

CVE-2024-47962

Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can manipulate an insider to visit a malicious page or file to leverage this vulnerability to execute code in the context of the current...

8.4CVSS0.03407EPSS
Exploits0References1
NVD
NVD
added 2024/10/10 6:15 p.m.41 views

CVE-2024-47965

Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can manipulate users to visit a malicious page or file to leverage this vulnerability to execute code in the context of the current process...

8.4CVSS0.00238EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/10 5:18 p.m.34 views

CVE-2024-47966 Use of Uninitialized Variable vulnerability in Delta Electronics CNCSoft-G2

Delta Electronics CNCSoft-G2 lacks proper initialization of memory prior to accessing it. An attacker can manipulate users to visit a malicious page or file to leverage this vulnerability to execute code in the context of the current process...

8.4CVSS0.00247EPSS
Exploits0References1
CVE
CVE
added 2024/10/10 5:18 p.m.53 views

CVE-2024-47965

CVE-2024-47965 concerns Delta Electronics CNCSoft-G2. The vulnerability is an out-of-bounds read in the DPAX file parsing path caused by insufficient validation of user-supplied data, enabling an attacker to run code in the current process context after a user visits a malicious page/file. Affect...

8.4CVSS7.6AI score0.00238EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/10/10 5:16 p.m.12 views

CVE-2024-47964 Heap-based Buffer Overflow vulnerability in Delta Electronics CNCSoft-G2

Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can manipulate users to visit a malicious page or file to leverage this vulnerability to execute code in the context of the current process...

8.4CVSS6.9AI score0.00275EPSS
Exploits0References1
CVE
CVE
added 2024/10/10 5:16 p.m.54 views

CVE-2024-47964

Delta Electronics CNCSoft-G2 has a heap-based buffer overflow due to insufficient validation of user-supplied data length before copying to a fixed-length heap buffer. The issue can allow code execution in the current process when a user is lured to a malicious page/file. Affected product: CNCSof...

8.4CVSS7.6AI score0.00275EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/10/10 5:14 p.m.19 views

CVE-2024-47962 Stack-based Buffer Overflow vulnerability in Delta Electronics CNCSoft-G2

Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can manipulate an insider to visit a malicious page or file to leverage this vulnerability to execute code in the context of the current...

8.4CVSS0.03407EPSS
Exploits0References1
NVD
NVD
added 2024/07/09 10:15 p.m.17 views

CVE-2024-39882

Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current proce...

8.8CVSS0.00697EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/09 9:25 p.m.16 views

CVE-2024-39883 Heap-based Buffer Overflow in Delta Electronics CNCSoft-G2

Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current...

8.4CVSS7AI score0.00738EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/09 9:25 p.m.17 views

CVE-2024-39883 Heap-based Buffer Overflow in Delta Electronics CNCSoft-G2

Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current...

8.4CVSS0.00738EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/09 9:25 p.m.18 views

CVE-2024-39882 Out-of-bounds Read in Delta Electronics CNCSoft-G2

Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current proce...

8.4CVSS0.00697EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/09 9:23 p.m.12 views

CVE-2024-39881 Out-of-bounds Write in Delta Electronics CNCSoft-G2

Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a memory corruption condition. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process...

8.4CVSS7.2AI score0.00697EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/09 9:21 p.m.18 views

CVE-2024-39880 Stack-based Buffer Overflow in Delta Electronics CNCSoft-G2

Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the curren...

8.4CVSS0.00738EPSS
Exploits0References1
Rows per page
Query Builder