CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-10992 – Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2019-10992
Delta Electronics CNCSoft ScreenEditor, Versions 1.00.89 and prior. Multiple out-of-bounds read vulnerabilities may cause information disclosure due to lacking user input validation for processing project files. Delta Electronics CNCSoft ScreenEditor, versiones 1.00.89 y anteriores. Varias vulnerabilidades de lectura fuera de los límites pueden causar la divulgación de información debido a la falta de validación de entrada del usuario para procesar archivos de proyecto. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Delta Industrial Automation CNCSoft ScreenEditor. • https://www.us-cert.gov/ics/advisories/icsa-19-192-01 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-10982 – Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-10982
Delta Electronics CNCSoft ScreenEditor, Versions 1.00.89 and prior. Multiple heap-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, allowing an attacker to remotely execute arbitrary code. There is a lack of user input validation before copying data from project files onto the heap. Delta Electronics CNCSoft ScreenEditor, versiones 1.00.89 y anteriores. Se pueden explotar múltiples vulnerabilidades de desbordamiento de búfer basadas en el montón mediante el procesamiento de archivos de proyecto especialmente diseñados, lo que permite a un atacante ejecutar código arbitrario de forma remota. • https://www.us-cert.gov/ics/advisories/icsa-19-192-01 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-10949 – Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2019-10949
Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor Version 1.00.88 and prior. Multiple out-of-bounds read vulnerabilities may be exploited, allowing information disclosure due to a lack of user input validation for processing specially crafted project files. Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor versión 1.00.88 y anteriores. Se pueden aprovechar múltiples vulnerabilidades de lectura fuera de límites, lo que permite la divulgación de información debido a la falta de comprobación de entrada del usuario para procesar archivos de proyectos especialmente creados. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Delta Industrial Automation CNCSoft ScreenEditor. • http://www.securityfocus.com/bid/107989 https://ics-cert.us-cert.gov/advisories/ICSA-19-106-01 https://www.zerodayinitiative.com/advisories/ZDI-19-406 https://www.zerodayinitiative.com/advisories/ZDI-19-407 https://www.zerodayinitiative.com/advisories/ZDI-19-409 https://www.zerodayinitiative.com/advisories/ZDI-19-411 https://www.zerodayinitiative.com/advisories/ZDI-19-412 https://www.zerodayinitiative.com/advisories/ZDI-19-413 https://www.zerodayinitiative.com/advisories/ZDI-19-414 https:&#x • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 7%CPEs: 1EXPL: 0CVE-2019-10947 – Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing wKPFStringLen Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-10947
Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor Version 1.00.88 and prior. Multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, allowing an attacker to remotely execute arbitrary code. This may occur because CNCSoft lacks user input validation before copying data from project files onto the stack. Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor versión 1.00.88 y anteriores. Se pueden aprovechar múltiples vulnerabilidades de desbordamiento de búfer en la región stack de la memoria al procesar archivos de proyecto especialmente creados, lo que permite a un atacante ejecutar código arbitrario de forma remota. • http://www.securityfocus.com/bid/107989 https://ics-cert.us-cert.gov/advisories/ICSA-19-106-01 https://www.zerodayinitiative.com/advisories/ZDI-19-399 https://www.zerodayinitiative.com/advisories/ZDI-19-400 https://www.zerodayinitiative.com/advisories/ZDI-19-401 https://www.zerodayinitiative.com/advisories/ZDI-19-402 https://www.zerodayinitiative.com/advisories/ZDI-19-403 https://www.zerodayinitiative.com/advisories/ZDI-19-404 https://www.zerodayinitiative.com/advisories/ZDI-19-410 https:&#x • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-10951 – Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing wLanguageNameLen Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-10951
Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor Version 1.00.88 and prior. Multiple heap-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, allowing an attacker to remotely execute arbitrary code. There is a lack of user input validation before copying data from project files onto the heap. Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor versión 1.00.88 y anteriores. Se pueden aprovechar múltiples vulnerabilidades de desbordamiento de búfer en la región heap de la memoria, mediante el procesamiento de archivos de proyecto especialmente creados, lo que permite a un atacante ejecutar código arbitrario de forma remota. • http://www.securityfocus.com/bid/107989 https://ics-cert.us-cert.gov/advisories/ICSA-19-106-01 https://www.zerodayinitiative.com/advisories/ZDI-19-405 https://www.zerodayinitiative.com/advisories/ZDI-19-408 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •