Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
softing vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-14524
Softing Industrial Automation all versions prior to the latest build of version 4.47.0, The affected product is vulnerable to a heap-based buffer overflow, which may allow an malicious user to remotely execute arbitrary code.
Softing Opc
7.5
CVSSv3
CVE-2022-44018
In Softing uaToolkit Embedded prior to 1.40.1, a malformed PubSub discovery announcement message can cause a NULL pointer dereference or out-of-bounds memory access in the subscriber application.
Softing Uatoolkit Embedded
7.5
CVSSv3
CVE-2019-11528
An issue exists in Softing uaGate SI 1.60.01. A system default path for executables is user writable.
Softing Uagate Si Firmware 1.60.01
9.8
CVSSv3
CVE-2019-11526
An issue exists in Softing uaGate SI 1.60.01. A maintenance script, that is executable via sudo, is vulnerable to file path injection. This enables the malicious user to write files with superuser privileges in specific locations.
Softing Uagate Si Firmware 1.60.01
8.8
CVSSv3
CVE-2019-11527
An issue exists in Softing uaGate SI 1.60.01. A CGI script is vulnerable to command injection with a maliciously crafted url parameter.
Softing Uagate Si Firmware 1.60.01
7.5
CVSSv3
CVE-2022-45920
In Softing uaToolkit Embedded prior to 1.41, a malformed CreateMonitoredItems request may cause a memory leak.
Softing Uatoolkit Embedded
7.2
CVSSv3
CVE-2023-38126
Softing edgeAggregator Restore Configuration Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Softing edgeAggregator. Authentication is required to exploit this vulnera...
Softing Edgeaggregator 3.4.0
8.8
CVSSv3
CVE-2021-29660
A Cross-Site Request Forgery (CSRF) vulnerability in en/cfg_setpwd.html in Softing AG OPC Toolbox up to and including 4.10.1.13035 allows malicious users to reset the administrative password by inducing the Administrator user to browse a URL controlled by an attacker.
Softing Opc Toolbox
5.4
CVSSv3
CVE-2021-29661
Softing AG OPC Toolbox up to and including 4.10.1.13035 allows /en/diag_values.html Stored XSS via the ITEMLISTVALUES##ITEMID parameter, resulting in JavaScript payload injection into the trace file. This payload will then be triggered every time an authenticated user browses the...
Softing Opc Toolbox
6.1
CVSSv3
CVE-2023-37571
Softing TH SCOPE up to and including 3.70 allows XSS.
Softing Th Scope
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »