Lucene search
K

3858 matches found

Vulnrichment
Vulnrichment
added 2024/05/03 12:18 a.m.15 views

CVE-2024-34031 SQL Injection vulnerability in Delta Electronics DIAEnergie

Delta Electronics DIAEnergie is vulnerable to an SQL injection vulnerability that exists in the script HandlerCFG.ashx. An authenticated attacker can exploit this issue to potentially compromise the system on which DIAEnergie is deployed...

8.8CVSS9.1AI score0.00499EPSS
Exploits0References1
CVE
CVE
added 2024/05/03 12:18 a.m.45 views

CVE-2024-34031

Delta Electronics DIAEnergie is vulnerable to an SQL injection in Handler_CFG.ashx (CVE-2024-34031). Affected product: DIAEnergie; version cited by ICS is v1.10.00.005. The root cause is improper neutralization of SQL commands in the endpoint, leading to potential system compromise when exploited...

8.8CVSS7.5AI score0.00499EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/05/03 12:16 a.m.25 views

CVE-2024-34032 SQL Injection in Delta Electronics DIAEnergie

Delta Electronics DIAEnergie is vulnerable to an SQL injection vulnerability that exists in the GetDIACloudList endpoint. An authenticated attacker can exploit this issue to potentially compromise the system on which DIAEnergie is deployed...

8.8CVSS9.1AI score0.08742EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/03 12:16 a.m.21 views

CVE-2024-34032 SQL Injection in Delta Electronics DIAEnergie

Delta Electronics DIAEnergie is vulnerable to an SQL injection vulnerability that exists in the GetDIACloudList endpoint. An authenticated attacker can exploit this issue to potentially compromise the system on which DIAEnergie is deployed...

8.8CVSS9.1AI score0.08742EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/05/03 12:0 a.m.6 views

PT-2024-25658 · Delta Electronics · Diaenergie

Name of the Vulnerable Software and Affected Versions: Delta Electronics DIAEnergie affected versions not specified Description: The issue is related to insufficient input validation, which allows for a path traversal attack. This enables writing outside of the intended directory. If a file name...

8.8CVSS6.5AI score0.01EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/05/03 12:0 a.m.3 views

Delta Electronics DIAEnergie 路径遍历漏洞

Delta Electronics DIAEnergie is an industrial energy management system from Delta Electronics, Taiwan, China. A path traversal vulnerability exists in Delta Electronics DIAEnergie, which can be exploited by an attacker to write an arbitrary file on the system by sending a specially crafted URL...

8.8CVSS6.9AI score0.01EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/03 12:0 a.m.3 views

Delta Electronics DIAEnergie SQL注入漏洞

Delta Electronics DIAEnergie is an industrial energy management system from Delta Electronics Taiwan, China used to monitor and analyze energy consumption in real time, calculate energy consumption and load characteristics, optimize equipment performance, improve production processes, and maximiz...

8.8CVSS7.8AI score0.00499EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/05/03 12:0 a.m.5 views

PT-2024-25657 · Delta Electronics · Diaenergie

Name of the Vulnerable Software and Affected Versions: Delta Electronics DIAEnergie affected versions not specified Description: The issue is related to an SQL injection vulnerability existing in the "GetDIACloudList" endpoint. An authenticated attacker can exploit this to potentially compromise...

8.8CVSS7.2AI score0.08742EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/05/03 12:0 a.m.5 views

PT-2024-25656 · Delta Electronics · Diaenergie

Name of the Vulnerable Software and Affected Versions: Delta Electronics DIAEnergie affected versions not specified Description: The issue is an SQL injection vulnerability that exists in the script Handler CFG.ashx. An authenticated attacker can exploit this issue to potentially compromise the...

8.8CVSS7.3AI score0.00499EPSS
Exploits0References4
CISA
CISA
added 2024/05/02 12:0 p.m.4 views

CISA Releases Three Industrial Control Systems Advisories

CISA released three Industrial Control Systems ICS advisories on May 02, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-123-01 CyberPower PowerPanel ICSA-24-123-02 Delta Electronics DIAEnergie ICSA-24-067-01...

7AI score
Exploits0References3
ICS
ICS
added 2024/05/02 6:0 a.m.47 views

Delta Electronics DIAEnergie

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : Delta Electronics Equipment : DIAEnergie Vulnerabilities : SQL Injection, Path Traversal 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an authenticated...

8.8CVSS9.6AI score0.08742EPSS
Exploits0References10
OSV
OSV
added 2024/04/30 11:15 p.m.4 views

CVE-2024-4192

Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process...

7.8CVSS6AI score0.00322EPSS
Exploits0References1
NVD
NVD
added 2024/04/30 11:15 p.m.62 views

CVE-2024-4192

Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process...

7.8CVSS7.7AI score0.00322EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/30 11:1 p.m.54 views

CVE-2024-4192 Stack-based Buffer Overflow vulnerability in Delta Electronics CNCSoft-G2 DOPSoft

Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process...

7.8CVSS7.8AI score0.00322EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/30 11:1 p.m.10 views

CVE-2024-4192 Stack-based Buffer Overflow vulnerability in Delta Electronics CNCSoft-G2 DOPSoft

Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process...

7.8CVSS7.2AI score0.00322EPSS
Exploits0References1
CVE
CVE
added 2024/04/30 11:1 p.m.74 views

CVE-2024-4192

The CVE-2024-4192 entry concerns Delta Electronics CNCSoft-G2, specifically the DOPSoft DPAX file parsing component. The vulnerability arises from failing to validate the length of user-supplied data before copying it into a fixed-size stack-based buffer, enabling remote code execution in the con...

7.8CVSS6.9AI score0.00322EPSS
Exploits0References1Affected Software1
ICS
ICS
added 2024/04/30 6:0 a.m.55 views

Delta Electronics CNCSoft-G2 DOPSoft (Update A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION : Low attack complexity Vendor : Delta Electronics Equipment : CNCSoft-G2 DOPSoft Vulnerability : Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code...

7.8CVSS7.7AI score0.00322EPSS
Exploits0References10
CNNVD
CNNVD
added 2024/04/30 12:0 a.m.2 views

Delta Electronics CNCSoft 安全漏洞

Delta Electronics CNCSoft is a CNC machine simulation system software from Delta Electronics Taiwan, China. A buffer overflow vulnerability exists in Delta Electronics CNCSoft-G2, which stems from a lack of proper validation of the length of user-supplied data before copying it into a stack-based...

7.8CVSS7.6AI score0.00322EPSS
Exploits0References2
OSV
OSV
added 2024/04/17 11:15 a.m.7 views

UBUNTU-CVE-2024-26876

In the Linux kernel, the following vulnerability has been resolved: drm/bridge: adv7511: fix crash on irq during probe Moved IRQ registration down to end of adv7511probe. If an IRQ already is pending during adv7511probe before adv7511cecinit then cecreceivedmsgts could crash using uninitialized...

5.5CVSS6.1AI score0.00225EPSS
Exploits0References11
NVD
NVD
added 2024/04/16 9:15 a.m.21 views

CVE-2024-3871

The Delta Electronics DVW-W02W2-E2 devices expose a web administration interface to users. This interface implements multiple features that are affected by command injections and stack overflows vulnerabilities. Successful exploitation of these flaws would allow remote unauthenticated attackers t...

9.8CVSS10AI score0.01699EPSS
Exploits0References1
Rows per page
Query Builder