CVE-2021-38402
7.8 HIGHDelta Electronic DOPSoft 2 (Version 2.00.07 and prior) lacks proper validation of user-supplied data when parsing specific project files
Published: 2021-09-17 · Last updated: 2026-06-17
Severity and scoring
- CVSS
- 7.8 HIGH
- Vector
- CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- CWE
- CWE-121
Affected products
| Vendor | Product |
|---|---|
| deltaww | dopsoft |
Description
Delta Electronic DOPSoft 2 (Version 2.00.07 and prior) lacks proper validation of user-supplied data when parsing specific project files. This could lead to a stack-based buffer overflow while trying to copy to a buffer during font string handling. An attacker could leverage this vulnerability to execute code in the context of the current process.
Source: NVD
References
Related CVEs
Same vendor
- CVE-2025-62582 — Delta Electronics DIAView has multiple vulnerabilities (9.8 CRITICAL)
- CVE-2025-62581 — Delta Electronics DIAView has multiple vulnerabilities (9.8 CRITICAL)
- CVE-2021-38418 — Delta Electronics DIALink versions 1.2.4.0 and prior runs by default on HTTP, which may allow an attacker to be positioned between the tr... (8.8 HIGH)
- CVE-2021-38416 — Delta Electronics DIALink versions 1.2.4.0 and prior insecurely loads libraries, which may allow an attacker to use DLL hijacking and tak... (7.8 HIGH)
- CVE-2021-38411 — Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to cross-site scripting because an authenticated attacker can inject a... (5.5 MEDIUM)
Same CWE
- CVE-2026-10829 — A stack-based buffer overflow vulnerability has been found in the NPort W2150A-W4/W2250A-W4 Series version 1.5 and earlier
- CVE-2026-7273 — A stack-based buffer overflow vulnerability in the CGI program of Zyxel GS1900-48HPv2 firmware versions through 2.90(ABTQ.1)C0 could allo... (8.8 HIGH)
- CVE-2025-55660 — A stack overflow in the gf_opus_read_length function (media_tools/av_parsers.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of... (5.5 MEDIUM)
- CVE-2026-8356 — LibreOffice can import presentations in the legacy binary PPT format
- CVE-2026-12222 — A vulnerability was determined in Yealink SIP-T46U 108.86.0.118 (8.0 HIGH)