CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-59300 – File Parsing Out-Of-Bounds Write Vulnerability in DIAScreen
https://notcve.org/view.php?id=CVE-2025-59300
03 Oct 2025 — Delta Electronics DIAScreen lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DIAScreen. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the proce... • https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2025-00018_DIAScreen%20File%20Parsing%20Out-Of-Bounds%20Write%20Vulnerability.pdf • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-59299 – File Parsing Out-Of-Bounds Write Vulnerability in DIAScreen
https://notcve.org/view.php?id=CVE-2025-59299
03 Oct 2025 — Delta Electronics DIAScreen lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DIAScreen. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi... • https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2025-00018_DIAScreen%20File%20Parsing%20Out-Of-Bounds%20Write%20Vulnerability.pdf • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-59298 – File Parsing Out-Of-Bounds Write Vulnerability in DIAScreen
https://notcve.org/view.php?id=CVE-2025-59298
03 Oct 2025 — Delta Electronics DIAScreen lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DIAScreen. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi... • https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2025-00018_DIAScreen%20File%20Parsing%20Out-Of-Bounds%20Write%20Vulnerability.pdf • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-59297 – File Parsing Out-Of-Bounds Write Vulnerability in DIAScreen
https://notcve.org/view.php?id=CVE-2025-59297
03 Oct 2025 — Delta Electronics DIAScreen lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DIAScreen. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi... • https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2025-00018_DIAScreen%20File%20Parsing%20Out-Of-Bounds%20Write%20Vulnerability.pdf • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-58319 – File Parsing Memory Corruption in CNCSoft-G2
https://notcve.org/view.php?id=CVE-2025-58319
24 Sep 2025 — Delta Electronics CNCSoft-G2 lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-G2. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the par... • https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2025-00017_CNCSoft-G2_File%20Parsing%20Stack-based%20Buffer%20Overflow%20Vulnerability.pdf • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-58317 – File Parsing Memory Corruption in CNCSoft-G2
https://notcve.org/view.php?id=CVE-2025-58317
24 Sep 2025 — Delta Electronics CNCSoft-G2 lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process. Delta Electronics CNCSoft-G2 lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process. • https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2025-00017_CNCSoft-G2_File%20Parsing%20Stack-based%20Buffer%20Overflow%20Vulnerability.pdf • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-58320 – DIALink - Directory Traversal Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2025-58320
11 Sep 2025 — Delta Electronics DIALink has an Directory Traversal Authentication Bypass Vulnerability. This vulnerability allows remote attackers to overwrite configuration files on affected installations of Delta Electronics DIALink. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 7631 by default. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can lever... • https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2025-00016_DIALink%20-%20Directory%20Traversal%20Authentication%20Bypass%20Vulnerability.pdf • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-58321 – DIALink - Directory Traversal Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2025-58321
11 Sep 2025 — Delta Electronics DIALink has an Directory Traversal Authentication Bypass Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DIALink. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DataCenter service, which listens on TCP port 7631 by default. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can lever... • https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2025-00016_DIALink%20-%20Directory%20Traversal%20Authentication%20Bypass%20Vulnerability.pdf • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-57703 – Reflected Cross-site Scripting in DIAEnergie
https://notcve.org/view.php?id=CVE-2025-57703
18 Aug 2025 — DIAEnergie - Reflected Cross-site Scripting DIAEnergie - Cross-Site Scripting reflejado DIAEnergie - Reflected Cross-site Scripting • https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2025-00012_DIAEnergie%20Cross-Site%20Scripting%20Vulnerabilities.pdf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-57702 – Reflected Cross-site Scripting in DIAEnergie
https://notcve.org/view.php?id=CVE-2025-57702
18 Aug 2025 — DIAEnergie - Reflected Cross-site Scripting DIAEnergie - Cross-Site Scripting reflejado DIAEnergie - Reflected Cross-site Scripting • https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2025-00012_DIAEnergie%20Cross-Site%20Scripting%20Vulnerabilities.pdf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •