Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
softing opc vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2021-29661
Softing AG OPC Toolbox up to and including 4.10.1.13035 allows /en/diag_values.html Stored XSS via the ITEMLISTVALUES##ITEMID parameter, resulting in JavaScript payload injection into the trace file. This payload will then be triggered every time an authenticated user browses the...
Softing Opc Toolbox
445
VMScore
CVE-2021-32994
Softing OPC UA C++ SDK (Software Development Kit) versions from 5.59 to 5.64 exported library functions don't properly validate received extension objects, which may allow an malicious user to crash the software by sending a variety of specially crafted packets to access sev...
Softing Opc Ua C\\+\\+ Software Development Kit
445
VMScore
CVE-2021-40872
An issue exists in Softing Industrial Automation uaToolkit Embedded prior to 1.40. Remote malicious users to cause a denial of service (DoS) or login as an anonymous user (bypassing security checks) by sending crafted messages to a OPC/UA server. The server process may crash unex...
Softing Smartlink Hw-dp
Softing Uatoolkit Embedded
NA
CVE-2023-39479
Softing Secure Integration Server OPC UA Gateway Directory Creation Vulnerability. This vulnerability allows remote malicious users to create directories on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerabil...
NA
CVE-2023-39480
Softing Secure Integration Server FileDirectory OPC UA Object Arbitrary File Creation Vulnerability. This vulnerability allows remote malicious users to create arbitrary files on affected installations of Softing Secure Integration Server. Although authentication is required to e...
NA
CVE-2023-27336
Softing edgeConnector Siemens OPC UA Server Null Pointer Dereference Denial-of-Service Vulnerability. This vulnerability allows remote malicious users to create a denial-of-service condition on affected installations of Softing edgeConnector Siemens. Authentication is not require...
NA
CVE-2023-27334
Softing edgeConnector Siemens ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. This vulnerability allows remote malicious users to create a denial-of-service condition on affected installations of Softing edgeConnector Siemens. Authentication is not required ...
NA
CVE-2023-29377
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists ...
NA
CVE-2023-39478
Softing Secure Integration Server Exposure of Resource to Wrong Sphere Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Softing Secure Integration Server. Although authentication is requir...
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3