PT-2026-3203

Name of the Vulnerable Software and Affected Versions Delta Electronics DIAView affected versions not specified Description DIAView, a data collection and process control automation system, contains issues related to security. One issue involves a lack of authentication for a critical function,...

Delta Electronics DVP15MC11T Denial of Service Vulnerability

The Delta Electronics DVP15MC11T is a multi-axis motion controller from Delta Electronics China. A denial of service vulnerability exists in the Delta Electronics DVP15MC11T, which stems from improper validation of modbus/tcp packets and can be exploited by an attacker to cause a denial of servic...

Delta Electronics DVP-12SE11T Improper Input Validation Vulnerability

Delta Electronics DVP-12SE11T is a networked mainframe from Delta Electronics China. The Delta Electronics DVP-12SE11T suffers from an improper input validation vulnerability that can be exploited by an attacker to cause a denial of service...

Delta Electronics DVP-12SE11T Out-of-Bounds Write Vulnerability

Delta Electronics DVP-12SE11T is a networked mainframe from Delta Electronics China. The Delta Electronics DVP-12SE11T is vulnerable to an out-of-bounds write vulnerability, no details of the vulnerability are available at this time...

CVE-2021-27455

Delta Electronics DOPSoft Versions 4.0.10.17 and prior are vulnerable to an out-of-bounds read while processing project files, which may allow an attacker to disclose information...

CVE-2021-33019

A stack-based buffer overflow vulnerability in Delta Electronics DOPSoft Version 4.00.11 and prior may be exploited by processing a specially crafted project file, which may allow an attacker to execute arbitrary code...

CVE-2021-33003

Delta Electronics DIAEnergie Version 1.7.5 and prior may allow an attacker to retrieve passwords in cleartext due to a weak hashing algorithm...

CVE-2021-33007

A heap-based buffer overflow in Delta Electronics TPEditor: v1.98.06 and prior may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code...

CVE-2022-33005

A cross-site scripting XSS vulnerability in the System Settings/IOT Settings module of Delta Electronics DIAEnergie v1.08.00 allows attackers to execute arbitrary web scripts via a crafted payload injected into the Name text field...

CVE-2022-33321

Cleartext Transmission of Sensitive Information vulnerability due to the use of Basic Authentication for HTTP connections in Mitsubishi Electric consumer electronics products PHOTOVOLTAIC COLOR MONITOR ECO-GUIDE, HEMS adapter, Wi-Fi Interface, Air Conditioning, Induction hob, Mitsubishi Electric...

CVE-2022-42139

Delta Electronics DVW-W02W2-E2 1.5.0.10 is vulnerable to Command Injection via Crafted URL...

CVE-2022-42140

Delta Electronics DX-2100-L1-CN 2.42 is vulnerable to Command Injection via lform/netdiagnose...

CVE-2022-42141

Delta Electronics DX-2100-L1-CN 2.42 is vulnerable to Cross Site Scripting XSS via lform/urlfilter...

CVE-2020-7807

A vulnerability that can hijack a DLL file that is loaded during productsLGPCSuiteSetup, IPSFULLHD, LGULTRAWIDE, ULTRAHDDriver Setup installation into a DLL file that the hacker wants. Missing Support for Integrity Check vulnerability in COMPONENT of LG Electronics LGPCSuiteSetup, IPSFULLHD,...

CVE-2023-25177

Delta Electronics' CNCSoft-B DOPSoft versions 1.0.0.4 and prior are vulnerable to stack-based buffer overflow, which could allow an attacker to execute arbitrary code...

CVE-2023-43821

A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wLogTitlesActionLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code...

CVE-2023-43817

A buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft version 2 when parsing the wMailContentLen field of a DPS file. An anonymous attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve code execution...

CVE-2024-34033

Delta Electronics DIAEnergie has insufficient input validation which makes it possible to perform a path traversal attack and write outside of the intended directory. If a file name is specified that already exists on the file system, then the original file will be overwritten...

CVE-2024-39881

Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a memory corruption condition. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process...

CVE-2024-39882

Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current proce...