3858 matches found
CVE-2024-34031 SQL Injection vulnerability in Delta Electronics DIAEnergie
Delta Electronics DIAEnergie is vulnerable to an SQL injection vulnerability that exists in the script HandlerCFG.ashx. An authenticated attacker can exploit this issue to potentially compromise the system on which DIAEnergie is deployed...
CVE-2024-34031
Delta Electronics DIAEnergie is vulnerable to an SQL injection in Handler_CFG.ashx (CVE-2024-34031). Affected product: DIAEnergie; version cited by ICS is v1.10.00.005. The root cause is improper neutralization of SQL commands in the endpoint, leading to potential system compromise when exploited...
CVE-2024-34032 SQL Injection in Delta Electronics DIAEnergie
Delta Electronics DIAEnergie is vulnerable to an SQL injection vulnerability that exists in the GetDIACloudList endpoint. An authenticated attacker can exploit this issue to potentially compromise the system on which DIAEnergie is deployed...
CVE-2024-34032 SQL Injection in Delta Electronics DIAEnergie
Delta Electronics DIAEnergie is vulnerable to an SQL injection vulnerability that exists in the GetDIACloudList endpoint. An authenticated attacker can exploit this issue to potentially compromise the system on which DIAEnergie is deployed...
PT-2024-25658 · Delta Electronics · Diaenergie
Name of the Vulnerable Software and Affected Versions: Delta Electronics DIAEnergie affected versions not specified Description: The issue is related to insufficient input validation, which allows for a path traversal attack. This enables writing outside of the intended directory. If a file name...
Delta Electronics DIAEnergie 路径遍历漏洞
Delta Electronics DIAEnergie is an industrial energy management system from Delta Electronics, Taiwan, China. A path traversal vulnerability exists in Delta Electronics DIAEnergie, which can be exploited by an attacker to write an arbitrary file on the system by sending a specially crafted URL...
Delta Electronics DIAEnergie SQL注入漏洞
Delta Electronics DIAEnergie is an industrial energy management system from Delta Electronics Taiwan, China used to monitor and analyze energy consumption in real time, calculate energy consumption and load characteristics, optimize equipment performance, improve production processes, and maximiz...
PT-2024-25657 · Delta Electronics · Diaenergie
Name of the Vulnerable Software and Affected Versions: Delta Electronics DIAEnergie affected versions not specified Description: The issue is related to an SQL injection vulnerability existing in the "GetDIACloudList" endpoint. An authenticated attacker can exploit this to potentially compromise...
PT-2024-25656 · Delta Electronics · Diaenergie
Name of the Vulnerable Software and Affected Versions: Delta Electronics DIAEnergie affected versions not specified Description: The issue is an SQL injection vulnerability that exists in the script Handler CFG.ashx. An authenticated attacker can exploit this issue to potentially compromise the...
CISA Releases Three Industrial Control Systems Advisories
CISA released three Industrial Control Systems ICS advisories on May 02, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-123-01 CyberPower PowerPanel ICSA-24-123-02 Delta Electronics DIAEnergie ICSA-24-067-01...
Delta Electronics DIAEnergie
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : Delta Electronics Equipment : DIAEnergie Vulnerabilities : SQL Injection, Path Traversal 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an authenticated...
CVE-2024-4192
Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process...
CVE-2024-4192
Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process...
CVE-2024-4192 Stack-based Buffer Overflow vulnerability in Delta Electronics CNCSoft-G2 DOPSoft
Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process...
CVE-2024-4192 Stack-based Buffer Overflow vulnerability in Delta Electronics CNCSoft-G2 DOPSoft
Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process...
CVE-2024-4192
The CVE-2024-4192 entry concerns Delta Electronics CNCSoft-G2, specifically the DOPSoft DPAX file parsing component. The vulnerability arises from failing to validate the length of user-supplied data before copying it into a fixed-size stack-based buffer, enabling remote code execution in the con...
Delta Electronics CNCSoft-G2 DOPSoft (Update A)
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION : Low attack complexity Vendor : Delta Electronics Equipment : CNCSoft-G2 DOPSoft Vulnerability : Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code...
Delta Electronics CNCSoft 安全漏洞
Delta Electronics CNCSoft is a CNC machine simulation system software from Delta Electronics Taiwan, China. A buffer overflow vulnerability exists in Delta Electronics CNCSoft-G2, which stems from a lack of proper validation of the length of user-supplied data before copying it into a stack-based...
UBUNTU-CVE-2024-26876
In the Linux kernel, the following vulnerability has been resolved: drm/bridge: adv7511: fix crash on irq during probe Moved IRQ registration down to end of adv7511probe. If an IRQ already is pending during adv7511probe before adv7511cecinit then cecreceivedmsgts could crash using uninitialized...
CVE-2024-3871
The Delta Electronics DVW-W02W2-E2 devices expose a web administration interface to users. This interface implements multiple features that are affected by command injections and stack overflows vulnerabilities. Successful exploitation of these flaws would allow remote unauthenticated attackers t...