VYPR

CNCSoft-G2

by Delta Electronics

CVEs (26)

  • CVE-2024-39883HigJul 9, 2024
    risk 0.57cvss 8.8epss 0.01

    Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the…

  • CVE-2024-39882HigJul 9, 2024
    risk 0.57cvss 8.8epss 0.01

    Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of…

  • CVE-2024-39881HigJul 9, 2024
    risk 0.57cvss 8.8epss 0.01

    Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a memory corruption condition. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current…

  • CVE-2025-22881HigFeb 26, 2025
    risk 0.51cvss 7.8epss 0.00

    Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the…

  • CVE-2025-22880HigFeb 7, 2025
    risk 0.51cvss 7.8epss 0.00

    Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the…

  • CVE-2024-47966HigOct 10, 2024
    risk 0.51cvss 7.8epss 0.00

    Delta Electronics CNCSoft-G2 lacks proper initialization of memory prior to accessing it. An attacker can manipulate users to visit a malicious page or file to leverage this vulnerability to execute code in the context of the current process.

  • CVE-2024-47965HigOct 10, 2024
    risk 0.51cvss 7.8epss 0.00

    Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can manipulate users to visit a malicious page or file to leverage this vulnerability to execute code in the context of the…

  • CVE-2024-47964HigOct 10, 2024
    risk 0.51cvss 7.8epss 0.00

    Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can manipulate users to visit a malicious page or file to leverage this vulnerability to execute code in the context of…

  • CVE-2024-47963HigOct 10, 2024
    risk 0.51cvss 7.8epss 0.00

    Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can manipulate users to visit a malicious page or file to leverage this vulnerability to execute code in the context of the…

  • CVE-2024-47962HigOct 10, 2024
    risk 0.51cvss 7.8epss 0.03

    Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can manipulate an insider to visit a malicious page or file to leverage this vulnerability to execute code in the…

  • CVE-2024-39880HigJul 9, 2024
    risk 0.51cvss 7.8epss 0.01

    Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the…

  • CVE-2024-4192HigApr 30, 2024
    risk 0.51cvss 7.8epss 0.00

    Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.

  • CVE-2024-1941HigMar 1, 2024
    risk 0.51cvss 7.8epss 0.01

    Delta Electronics CNCSoft-B versions 1.0.0.4 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code.

  • CVE-2022-4634HigFeb 3, 2023
    risk 0.51cvss 7.8epss 0.05

    All versions prior to Delta Electronic’s CNCSoft version 1.01.34 (running ScreenEditor versions 1.01.5 and prior) are vulnerable to a stack-based buffer overflow, which could allow an attacker to remotely execute arbitrary code.

  • CVE-2022-1405HigAug 31, 2022
    risk 0.51cvss 7.8epss 0.02

    CNCSoft: All versions prior to 1.01.32 does not properly sanitize input while processing a specific project file, allowing a possible stack-based buffer overflow condition.

  • CVE-2021-43982HigDec 9, 2021
    risk 0.51cvss 7.8epss 0.10

    Delta Electronics CNCSoft Versions 1.01.30 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code.

  • CVE-2025-47728HigJun 4, 2025
    risk 0.47cvss 7.3epss 0.00

    Delta Electronics CNCSoft-G2 lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process.

  • CVE-2025-47727HigJun 4, 2025
    risk 0.47cvss 7.3epss 0.00

    Delta Electronics CNCSoft lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process.

  • CVE-2025-47726HigJun 4, 2025
    risk 0.47cvss 7.3epss 0.00

    Delta Electronics CNCSoft lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process.

  • CVE-2025-47725HigJun 4, 2025
    risk 0.47cvss 7.3epss 0.00

    Delta Electronics CNCSoft lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process.

Page 1 of 2