Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
softing vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2022-2338
Softing Secure Integration Server V1.22 is vulnerable to authentication bypass via a machine-in-the-middle attack. The default the administration interface is accessible via plaintext HTTP protocol, facilitating the attack. The HTTP request may contain the session cookie in the r...
Softing Edgeaggregator 3.1
Softing Secure Integration Server 1.22
Softing Edgeconnector 3.1
Softing Opc 5.2
Softing Opc Ua C\\+\\+ Software Development Kit 6
Softing Uagates 1.74
7.2
CVSSv3
CVE-2022-1373
The “restore configuration” feature of Softing Secure Integration Server V1.22 is vulnerable to a directory traversal vulnerability when processing zip files. An attacker can craft a zip file to load an arbitrary dll and execute code. Using the "restore configura...
Softing Edgeaggregator 3.1
Softing Secure Integration Server 1.22
Softing Edgeconnector 3.1
Softing Opc 5.2
Softing Opc Ua C\\+\\+ Software Development Kit 6
Softing Uagates 1.74
7.5
CVSSv3
CVE-2022-1748
Softing OPC UA C++ Server SDK, Secure Integration Server, edgeConnector, edgeAggregator, OPC Suite, and uaGate are affected by a NULL pointer dereference vulnerability.
Softing Edgeaggregator 3.1
Softing Secure Integration Server 1.22
Softing Edgeconnector 3.1
Softing Opc 5.2
Softing Opc Ua C\\+\\+ Software Development Kit 6
Softing Uagates 1.74
7.2
CVSSv3
CVE-2022-2334
The application searches for a library dll that is not found. If an attacker can place a dll with this name, then the attacker can leverage it to execute arbitrary code on the targeted Softing Secure Integration Server V1.22.
Softing Edgeaggregator 3.1
Softing Secure Integration Server 1.22
Softing Edgeconnector 3.1
Softing Opc 5.2
Softing Opc Ua C\\+\\+ Software Development Kit 6
Softing Uagates 1.74
6.5
CVSSv3
CVE-2021-42262
An issue exists in Softing OPC UA C++ SDK prior to 5.70. An invalid XML element in the type dictionary makes the OPC/UA client crash due to an out-of-memory condition.
Softing Datafeed Opc Suite
Softing Opc Ua C\\+\\+ Software Development Kit
Softing Secure Integration Server
7.5
CVSSv3
CVE-2021-42577
An issue exists in Softing OPC UA C++ SDK prior to 5.70. A malformed OPC/UA message abort packet makes the client crash with a NULL pointer dereference.
Softing Datafeed Opc Suite
Softing Opc Ua C\\+\\+ Software Development Kit
Softing Secure Integration Server
7.5
CVSSv3
CVE-2021-40872
An issue exists in Softing Industrial Automation uaToolkit Embedded prior to 1.40. Remote malicious users to cause a denial of service (DoS) or login as an anonymous user (bypassing security checks) by sending crafted messages to a OPC/UA server. The server process may crash unex...
Softing Smartlink Hw-dp
Softing Uatoolkit Embedded
7.5
CVSSv3
CVE-2022-39823
An issue exists in Softing OPC UA C++ SDK 5.66 up to and including 6.x prior to 6.10. An OPC/UA browse request exceeding the server limit on continuation points may cause a use-after-free error
Softing Opc
Softing Opc Ua C\\+\\+ Software Development Kit
7.5
CVSSv3
CVE-2020-14522
Softing Industrial Automation all versions prior to the latest build of version 4.47.0, The affected product is vulnerable to uncontrolled resource consumption, which may allow an malicious user to cause a denial-of-service condition.
Softing Opc
9.8
CVSSv3
CVE-2020-14524
Softing Industrial Automation all versions prior to the latest build of version 4.47.0, The affected product is vulnerable to a heap-based buffer overflow, which may allow an malicious user to remotely execute arbitrary code.
Softing Opc
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »