Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Deltaww Subscribe
Total 170 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-10982 1 Deltaww 1 Cnssoft Screeneditor 2020-10-02 6.8 MEDIUM 7.8 HIGH
Delta Electronics CNCSoft ScreenEditor, Versions 1.00.89 and prior. Multiple heap-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, allowing an attacker to remotely execute arbitrary code. There is a lack of user input validation before copying data from project files onto the heap.
CVE-2018-8839 1 Deltaww 1 Pmsoft 2020-09-29 4.6 MEDIUM 7.8 HIGH
Delta PMSoft versions 2.10 and prior have multiple stack-based buffer overflow vulnerabilities where a .ppm file can introduce a value larger than is readable by PMSoft's fixed-length stack buffer. This can cause the buffer to be overwritten, which may allow arbitrary code execution or cause the application to crash. CVSS v3 base score: 7.1; CVSS vector string: AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H. Delta Electronics recommends affected users update to at least PMSoft v2.11, which was made available as of March 22, 2018, or the latest available version.
CVE-2018-17929 1 Deltaww 1 Tpeditor 2020-09-18 6.8 MEDIUM 7.8 HIGH
In Delta Industrial Automation TPEditor, TPEditor Versions 1.90 and prior, multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files lacking user input validation before copying data from project files onto the stack and may allow an attacker to remotely execute arbitrary code.
CVE-2018-5476 1 Deltaww 1 Delta Industrial Automation Dopsoft 2020-09-18 6.8 MEDIUM 7.8 HIGH
A Stack-based Buffer Overflow issue was discovered in Delta Electronics Delta Industrial Automation DOPSoft, Version 4.00.01 or prior. Stack-based buffer overflow vulnerabilities caused by processing specially crafted .dop or .dpb files may allow an attacker to remotely execute arbitrary code.
CVE-2018-10636 1 Deltaww 2 Cncsoft, Screeneditor 2020-08-31 9.3 HIGH 8.8 HIGH
CNCSoft Version 1.00.83 and prior with ScreenEditor Version 1.00.54 has multiple stack-based buffer overflow vulnerabilities that could cause the software to crash due to lacking user input validation before copying data from project files onto the stack. Which may allow an attacker to gain remote code execution with administrator privileges if exploited.
CVE-2019-16247 1 Deltaww 1 Dcisoft 2020-08-24 4.6 MEDIUM 7.8 HIGH
Delta DCISoft 1.21 has a User Mode Write AV starting at CommLib!CCommLib::SetSerializeData+0x000000000000001b.
CVE-2020-16201 1 Deltaww 1 Cncsoft Screeneditor 2020-08-06 4.3 MEDIUM 3.3 LOW
Delta Industrial Automation CNCSoft ScreenEditor, Versions 1.01.23 and prior. Multiple out-of-bounds read vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to read information.
CVE-2020-16203 1 Deltaww 1 Cncsoft Screeneditor 2020-08-06 6.8 MEDIUM 7.8 HIGH
Delta Industrial Automation CNCSoft ScreenEditor, Versions 1.01.23 and prior. An uninitialized pointer may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application.
CVE-2020-16199 1 Deltaww 1 Cncsoft Screeneditor 2020-08-06 6.8 MEDIUM 7.8 HIGH
Delta Industrial Automation CNCSoft ScreenEditor, Versions 1.01.23 and prior. Multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application.
CVE-2020-14482 1 Deltaww 1 Dopsoft 2020-07-10 6.8 MEDIUM 7.8 HIGH
Delta Industrial Automation DOPSoft, Version 4.00.08.15 and prior. Opening a specially crafted project file may overflow the heap, which may allow remote code execution, disclosure/modification of information, or cause the application to crash.
CVE-2020-6976 1 Deltaww 1 Cncsoft Screeneditor 2020-03-20 4.3 MEDIUM 5.5 MEDIUM
Delta Industrial Automation CNCSoft ScreenEditor, v1.00.96 and prior. An out-of-bounds read overflow can be exploited when a valid user opens a specially crafted, malicious input file due to the lack of validation.
CVE-2020-7002 1 Deltaww 1 Cncsoft Screeneditor 2020-03-20 6.8 MEDIUM 7.8 HIGH
Delta Industrial Automation CNCSoft ScreenEditor, v1.00.96 and prior. Multiple stack-based buffer overflows can be exploited when a valid user opens a specially crafted, malicious input file.
CVE-2019-13544 1 Deltaww 1 Tpeditor 2019-10-09 6.8 MEDIUM 7.8 HIGH
Delta Electronics TPEditor, Versions 1.94 and prior. Multiple out-of-bounds write vulnerabilities may be exploited by processing specially crafted project files, which may allow remote code execution.
CVE-2019-10992 1 Deltaww 1 Cnssoft Screeneditor 2019-10-09 4.3 MEDIUM 5.5 MEDIUM
Delta Electronics CNCSoft ScreenEditor, Versions 1.00.89 and prior. Multiple out-of-bounds read vulnerabilities may cause information disclosure due to lacking user input validation for processing project files.
CVE-2019-10949 1 Deltaww 1 Cncsoft Screeneditor 2019-10-09 4.3 MEDIUM 5.5 MEDIUM
Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor Version 1.00.88 and prior. Multiple out-of-bounds read vulnerabilities may be exploited, allowing information disclosure due to a lack of user input validation for processing specially crafted project files.
CVE-2018-7494 1 Deltaww 1 Wplsoft 2019-10-09 6.8 MEDIUM 8.8 HIGH
WPLSoft in Delta Electronics versions 2.45.0 and prior utilizes a fixed length stack buffer where a value larger than the buffer can be read from a file into the buffer, causing the buffer to be overwritten, which may allow remote code execution or cause the application to crash.
CVE-2018-7509 1 Deltaww 1 Wplsoft 2019-10-09 6.8 MEDIUM 8.8 HIGH
WPLSoft in Delta Electronics versions 2.45.0 and prior writes data from a file outside the bounds of the intended buffer space, which could cause memory corruption or may allow remote code execution.
CVE-2018-7507 1 Deltaww 1 Wplsoft 2019-10-09 6.8 MEDIUM 8.8 HIGH
WPLSoft in Delta Electronics versions 2.45.0 and prior utilizes a fixed length heap buffer where a value larger than the buffer can be read from a file into the buffer, causing the buffer to be overwritten, which may allow remote code execution or cause the application to crash.
CVE-2018-17927 1 Deltaww 1 Tpeditor 2019-10-09 6.8 MEDIUM 7.8 HIGH
In Delta Industrial Automation TPEditor, TPEditor Versions 1.90 and prior, multiple out-of-bounds write vulnerabilities may be exploited by processing specially crafted project files lacking user input validation, which may cause the system to write outside the intended buffer area and may allow remote code execution.
CVE-2018-14800 1 Deltaww 1 Ispsoft 2019-10-09 6.8 MEDIUM 7.8 HIGH
Delta Electronics ISPSoft version 3.0.5 and prior allow an attacker, by opening a crafted file, to cause the application to read past the boundary allocated to a stack object, which could allow execution of code under the context of the application.