VYPR

DOPSoft 2

by Delta Electronics

CVEs (26)

  • CVE-2021-38406HigKEVSep 17, 2021
    risk 0.69cvss 7.8epss 0.78

    Delta Electronic DOPSoft 2 (Version 2.00.07 and prior) lacks proper validation of user-supplied data when parsing specific project files. This could result in multiple out-of-bounds write instances. An attacker could leverage this vulnerability to execute code in the context of…

  • CVE-2018-10623CriJun 18, 2018
    risk 0.64cvss 9.8epss 0.04

    Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior performs read operations on a memory buffer where the position can be determined by a value read from a .dpa file. This may cause improper restriction of operations within the bounds of the memory…

  • CVE-2018-10617CriJun 18, 2018
    risk 0.64cvss 9.8epss 0.04

    Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior utilizes a fixed-length heap buffer where a value larger than the buffer can be read from a .dpa file into the buffer, causing the buffer to be overwritten. This may allow remote code execution or…

  • CVE-2023-43824HigJan 18, 2024
    risk 0.57cvss 8.8epss 0.01

    A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wTitleTextLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve…

  • CVE-2023-43823HigJan 18, 2024
    risk 0.57cvss 8.8epss 0.01

    A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wTTitleLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve…

  • CVE-2023-43822HigJan 18, 2024
    risk 0.57cvss 8.8epss 0.01

    A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wLogTitlesTimeLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to…

  • CVE-2023-43821HigJan 18, 2024
    risk 0.57cvss 8.8epss 0.01

    A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wLogTitlesActionLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to…

  • CVE-2023-43820HigJan 18, 2024
    risk 0.57cvss 8.8epss 0.01

    A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wLogTitlesPrevValueLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to…

  • CVE-2023-43819HigJan 18, 2024
    risk 0.57cvss 8.8epss 0.01

    A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the InitialMacroLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to…

  • CVE-2023-43818HigJan 18, 2024
    risk 0.57cvss 8.8epss 0.01

    A buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution.

  • CVE-2024-1595HigFeb 29, 2024
    risk 0.51cvss 7.8epss 0.00

    Delta Electronics CNCSoft-B DOPSoft prior to v4.0.0.82 insecurely loads libraries, which may allow an attacker to use DLL hijacking and take over the system where the software is installed.

  • CVE-2023-5944HigDec 4, 2023
    risk 0.51cvss 7.8epss 0.00

    Delta Electronics DOPSoft is vulnerable to a stack-based buffer overflow, which may allow for arbitrary code execution if an attacker can lead a legitimate user to execute a specially crafted file.

  • CVE-2023-4685HigSep 7, 2023
    risk 0.51cvss 7.8epss 0.00

    Delta Electronics' CNCSoft-B version 1.0.0.4 and DOPSoft versions 4.0.0.82 and prior are vulnerable to stack-based buffer overflow, which could allow an attacker to execute arbitrary code.

  • CVE-2023-0124HigFeb 3, 2023
    risk 0.51cvss 7.8epss 0.00

    Delta Electronics DOPSoft versions 4.00.16.22 and prior are vulnerable to an out-of-bounds write, which could allow an attacker to remotely execute arbitrary code when a malformed file is introduced to the software.

  • CVE-2023-0123HigFeb 3, 2023
    risk 0.51cvss 7.8epss 0.00

    Delta Electronics DOPSoft versions 4.00.16.22 and prior are vulnerable to a stack-based buffer overflow, which could allow an attacker to remotely execute arbitrary code when a malformed file is introduced to the software.

  • CVE-2021-38404HigSep 17, 2021
    risk 0.51cvss 7.8epss 0.01

    Delta Electronic DOPSoft 2 (Version 2.00.07 and prior) lacks proper validation of user-supplied data when parsing specific project files. This could result in a heap-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the…

  • CVE-2021-38402HigSep 17, 2021
    risk 0.51cvss 7.8epss 0.08

    Delta Electronic DOPSoft 2 (Version 2.00.07 and prior) lacks proper validation of user-supplied data when parsing specific project files. This could lead to a stack-based buffer overflow while trying to copy to a buffer during font string handling. An attacker could leverage…

  • CVE-2021-33019HigAug 30, 2021
    risk 0.51cvss 7.8epss 0.02

    A stack-based buffer overflow vulnerability in Delta Electronics DOPSoft Version 4.00.11 and prior may be exploited by processing a specially crafted project file, which may allow an attacker to execute arbitrary code.

  • CVE-2021-27412HigJul 2, 2021
    risk 0.51cvss 7.8epss 0.01

    Delta Electronics DOPSoft Versions 4.0.10.17 and prior are vulnerable to an out-of-bounds read, which may allow an attacker to execute arbitrary code.

  • CVE-2020-27277HigJan 11, 2021
    risk 0.51cvss 7.8epss 0.02

    Delta Electronics DOPSoft Version 4.0.8.21 and prior has a null pointer dereference issue while processing project files, which may allow an attacker to execute arbitrary code.

Page 1 of 2