CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

3851 matches found

CNNVD•added 2022/04/14 12:0 a.m.•3 views

Delta Electronics DMARS 代码问题漏洞

Delta Electronics DMARS is an Industrial Automation/Embedded Motion Controller from Delta Electronics Taiwan, China. A code issue vulnerability exists in Delta Electronics DMARS that stems from affected products not properly restricting references to XML external entities when processing specific...

5.5CVSS6AI score0.00735EPSS

Exploits0References5

ICS•added 2022/04/14 12:0 a.m.•46 views

Delta Electronics DMARS

1. EXECUTIVE SUMMARY CVSS v3 5.5 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: DMARS Vulnerability: Improper Restriction of XML External Entity Reference 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain sensitive information...

5.5CVSS5.6AI score0.00735EPSS

Exploits0References5

CNVD•added 2022/04/02 12:0 a.m.•27 views

Delta Electronics DIAEnergie Code Issue Vulnerability

Delta Electronics DIAEnergie is an industrial energy management system used to monitor and analyze energy consumption in real time, calculate energy consumption and load characteristics, optimize equipment performance, improve production processes, and maximize energy efficiency.A code issue...

7.8CVSS2AI score0.00235EPSS

Exploits0References1

OSV•added 2022/04/01 11:15 p.m.•1 views

CVE-2022-1098

Delta Electronics DIAEnergie all versions prior to 1.8.02.004 are vulnerable to a DLL hijacking condition. When combined with the Incorrect Default Permissions vulnerability of 4.2.2 above, this makes it possible for an attacker to escalate privileges...

7.8CVSS5.8AI score0.00235EPSS

Exploits0References1

NVD•added 2022/04/01 11:15 p.m.•15 views

CVE-2022-1098

Delta Electronics DIAEnergie all versions prior to 1.8.02.004 are vulnerable to a DLL hijacking condition. When combined with the Incorrect Default Permissions vulnerability of 4.2.2 above, this makes it possible for an attacker to escalate privileges...

7.8CVSS0.00235EPSS

Exploits0References1

Prion•added 2022/04/01 11:15 p.m.•21 views

Design/Logic Flaw

Delta Electronics DIAEnergie all versions prior to 1.8.02.004 are vulnerable to a DLL hijacking condition. When combined with the Incorrect Default Permissions vulnerability of 4.2.2 above, this makes it possible for an attacker to escalate privileges...

4.4CVSS8.3AI score0.00235EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2022/04/01 10:17 p.m.•4 views

CVE-2022-1098 Delta Electronics DIAEnergie Uncontrolledly Search Path Element

Delta Electronics DIAEnergie all versions prior to 1.8.02.004 are vulnerable to a DLL hijacking condition. When combined with the Incorrect Default Permissions vulnerability of 4.2.2 above, this makes it possible for an attacker to escalate privileges...

7.8CVSS7.7AI score0.00235EPSS

Exploits0References1

CVE•added 2022/04/01 10:17 p.m.•139 views

CVE-2022-1098

Delta Electronics DIAEnergie (all versions prior to 1.9) is affected by CVE-2022-1098 through Uncontrolled Search Path Element (DLL hijacking). The root cause is DLL loading order/search path allowing privilege escalation when paired with the Incorrect Default Permissions issue; CVSSv3 base score...

7.8CVSS7.8AI score0.00235EPSS

Exploits0References1Affected Software1

Cvelist•added 2022/04/01 10:17 p.m.•18 views

CVE-2022-1098 Delta Electronics DIAEnergie Uncontrolledly Search Path Element

Delta Electronics DIAEnergie all versions prior to 1.8.02.004 are vulnerable to a DLL hijacking condition. When combined with the Incorrect Default Permissions vulnerability of 4.2.2 above, this makes it possible for an attacker to escalate privileges...

7.8CVSS7.9AI score0.00235EPSS

Exploits0References1

OSV•added 2022/03/29 5:15 p.m.•4 views

CVE-2022-26836

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability that exists in HandlerExport.ashx/Calendar. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...

9.8CVSS7.5AI score0.01172EPSS

Exploits0References1

OSV•added 2022/03/29 5:15 p.m.•1 views

CVE-2022-26839

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 is vulnerable to an incorrect default permission in the DIAEnergie application, which may allow an attacker to plant new files such as DLLs or replace existing executable files...

7.8CVSS7.1AI score0.00208EPSS

Exploits0References1

OSV•added 2022/03/29 5:15 p.m.•4 views

CVE-2022-26887

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability exists in DIAEloopmapHandler.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...

9.8CVSS7.5AI score0.09505EPSS

Exploits0References1

NVD•added 2022/03/29 5:15 p.m.•12 views

CVE-2022-26836

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability that exists in HandlerExport.ashx/Calendar. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...

10CVSS0.01172EPSS

Exploits0References1

NVD•added 2022/03/29 5:15 p.m.•12 views

CVE-2022-26839

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 is vulnerable to an incorrect default permission in the DIAEnergie application, which may allow an attacker to plant new files such as DLLs or replace existing executable files...

7.8CVSS0.00208EPSS

Exploits0References1

NVD•added 2022/03/29 5:15 p.m.•16 views

CVE-2022-26666

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability exists in HandlerECC.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...

10CVSS0.01172EPSS

Exploits0References1

NVD•added 2022/03/29 5:15 p.m.•11 views

CVE-2022-26887

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability exists in DIAEloopmapHandler.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...

10CVSS0.09505EPSS

Exploits0References1

NVD•added 2022/03/29 5:15 p.m.•16 views

CVE-2022-27175

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability that exists in GetCalcTagList. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...

10CVSS0.01172EPSS

Exploits0References1

NVD•added 2022/03/29 5:15 p.m.•11 views

CVE-2022-26667

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability that exists in GetDemandAnalysisData. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...

10CVSS0.01172EPSS

Exploits0References1

OSV•added 2022/03/29 5:15 p.m.•3 views

CVE-2022-26013

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability that exists in DIAEdmdsetHandler.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...

9.8CVSS6AI score0.08924EPSS

Exploits0References1

OSV•added 2022/03/29 5:15 p.m.•1 views

CVE-2022-25980

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability that exists in HandlerCommon.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...

9.8CVSS7.5AI score0.01172EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by