CVE-2020-27280

A use after free issue has been identified in the way ISPSoft(v3.12 and prior) processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution.

CVE-2018-14800

Delta Electronics ISPSoft version 3.0.5 and prior allow an attacker, by opening a crafted file, to cause the application to read past the boundary allocated to a stack object, which could allow execution of code under the context of the application.