Lucene search
K

3858 matches found

Cvelist
Cvelist
added 2024/07/09 9:25 p.m.18 views

CVE-2024-39882 Out-of-bounds Read in Delta Electronics CNCSoft-G2

Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current proce...

8.4CVSS0.00697EPSS
Exploits0References1
CVE
CVE
added 2024/07/09 9:23 p.m.52 views

CVE-2024-39881

Delta Electronics CNCSoft-G2 is affected via its DPAX file parsing, where insufficient validation of user-supplied data can cause memory corruption. This can enable remote code execution in the context of the current process when a target visits a malicious page or opens a malicious file. Documen...

8.8CVSS8.9AI score0.00697EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/07/09 9:23 p.m.11 views

CVE-2024-39881 Out-of-bounds Write in Delta Electronics CNCSoft-G2

Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a memory corruption condition. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process...

8.4CVSS7.2AI score0.00697EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/09 9:23 p.m.16 views

CVE-2024-39881 Out-of-bounds Write in Delta Electronics CNCSoft-G2

Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a memory corruption condition. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process...

8.4CVSS0.00697EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/09 9:21 p.m.17 views

CVE-2024-39880 Stack-based Buffer Overflow in Delta Electronics CNCSoft-G2

Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the curren...

8.4CVSS7AI score0.00738EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/09 9:21 p.m.17 views

CVE-2024-39880 Stack-based Buffer Overflow in Delta Electronics CNCSoft-G2

Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the curren...

8.4CVSS0.00738EPSS
Exploits0References1
ICS
ICS
added 2024/07/09 6:0 a.m.55 views

Delta Electronics CNCSoft-G2 (Update A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION : Low attack complexity Vendor : Delta Electronics Equipment : CNCSoft-G2 Vulnerabilities : Stack-based Buffer Overflow, Out-of-bounds Write, Out-of-bounds Read, Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these...

8.8CVSS9.2AI score0.00738EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2024/07/09 12:0 a.m.2 views

PT-2024-28709 · Delta Electronics · Cncsoft-G2

Name of the Vulnerable Software and Affected Versions: Delta Electronics CNCSoft-G2 affected versions not specified Description: The issue is related to a lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This can be exploited i...

8.8CVSS7.5AI score0.00738EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/07/09 12:0 a.m.2 views

PT-2024-28707 · Delta Electronics · Cncsoft-G2

Name of the Vulnerable Software and Affected Versions: Delta Electronics CNCSoft-G2 affected versions not specified Description: The issue is related to a lack of proper validation of user-supplied data, which can result in a memory corruption condition. This can be exploited if a target visits a...

8.8CVSS7.3AI score0.00697EPSS
Exploits0References11
CNNVD
CNNVD
added 2024/07/09 12:0 a.m.3 views

Delta Electronics CNCSoft-G2 缓冲区错误漏洞

Delta Electronics CNCSoft-G2 is a human-machine interface HMI software from Delta Electronics, China. Delta Electronics CNCSoft-G2 suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to execute code in the context of the current process...

8.8CVSS7.4AI score0.00697EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/07/09 12:0 a.m.2 views

Delta Electronics CNCSoft-G2 安全漏洞

Delta Electronics CNCSoft-G2 is a human-machine interface HMI software from Delta Electronics, China. The Delta Electronics CNCSoft-G2 suffers from a buffer overflow vulnerability that can be exploited by an attacker to execute code in the context of the current process...

8.8CVSS7.6AI score0.00738EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/07/09 12:0 a.m.2 views

Delta Electronics CNCSoft-G2 安全漏洞

Delta Electronics CNCSoft-G2 is a human-machine interface HMI software from Delta Electronics, China. Delta Electronics CNCSoft-G2 suffers from a buffer overflow vulnerability that can be exploited by a remote attacker to execute code in the context of the current process...

8.8CVSS7.7AI score0.00738EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/07/09 12:0 a.m.3 views

Delta Electronics CNCSoft-G2 缓冲区错误漏洞

Delta Electronics CNCSoft-G2 is a human-machine interface HMI software from Delta Electronics, China. Delta Electronics CNCSoft-G2 suffers from an out-of-bounds read vulnerability that can be exploited by a remote attacker to execute code in the context of the current process...

8.8CVSS7.3AI score0.00697EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/07/09 12:0 a.m.3 views

PT-2024-28708 · Delta Electronics · Cncsoft-G2

Name of the Vulnerable Software and Affected Versions: Delta Electronics CNCSoft-G2 affected versions not specified Description: The issue is related to a lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. This can be leveraged by an...

8.8CVSS7.4AI score0.00697EPSS
Exploits0References7
Packet Storm
Packet Storm
added 2024/07/03 12:0 a.m.206 views

Deep Sea Electronics DSE855 Remote Authentication Bypass

Deep Sea Electronics DSE855 Remote Authentication Bypass Vendor: Deep Sea Electronics plc Product web page: https://www.deepseaelectronics.com Affected version: Model: DSE855 Software version: 1.0.26 Module version: 1.0.78 Bootloader version: 1.0.3 Firmware version: 1.1.0 Summary: The DSE855...

6.5CVSS7.1AI score0.02418EPSS
Exploits3
0day.today
0day.today
added 2024/07/03 12:0 a.m.445 views

Deep Sea Electronics DSE855 Remote Authentication Bypass Vulnerability

Deep Sea Electronics DSE855 is vulnerable to configuration disclosure when direct object reference is made to the Backup.bin file using an HTTP GET request. This will enable an attacker to disclose sensitive information and help her in authentication bypass, privilege escalation, and full system...

6.5CVSS6.7AI score0.02418EPSS
Exploits3
CNVD
CNVD
added 2024/06/21 12:0 a.m.4 views

TOTOLINK A3700R setIpPortFilterRules function buffer overflow vulnerability

The TOTOLINK A3700R is a wireless router from China's Gion Electronics TOTOLINK. A buffer overflow vulnerability exists in TOTOLINK A3700R version V9.1.2u.616520211012, which originates from eport failing to properly validate the length size of the input data in the function setIpPortFilterRules,...

8.8CVSS8.3AI score0.00614EPSS
Exploits1References1
NVD
NVD
added 2024/06/20 2:15 a.m.28 views

CVE-2024-6178

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LG Electronics SuperSign CMS allows Reflected XSS. This issue affects SuperSign CMS: from 4.1.3 before 4.3.1...

6.1CVSS0.00253EPSS
Exploits0References1
OSV
OSV
added 2024/06/20 2:15 a.m.2 views

CVE-2024-6177

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in LG Electronics SuperSign CMS allows Reflected XSS. This issue affects SuperSign CMS: from 4.1.3 before 4.3.1...

6.1CVSS5.8AI score0.00253EPSS
Exploits0References1
NVD
NVD
added 2024/06/20 2:15 a.m.21 views

CVE-2024-6177

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in LG Electronics SuperSign CMS allows Reflected XSS. This issue affects SuperSign CMS: from 4.1.3 before 4.3.1...

6.1CVSS0.00253EPSS
Exploits0References1
Rows per page
Query Builder