Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
softing vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-37572
Softing OPC Suite version 5.25 and before has Incorrect Access Control, allows malicious users to obtain sensitive information via weak permissions in OSF_discovery service. The service executable could be changed or the service could be deleted.
Softing Opc
801
VMScore
CVE-2019-11527
An issue exists in Softing uaGate SI 1.60.01. A CGI script is vulnerable to command injection with a maliciously crafted url parameter.
Softing Uagate Si Firmware 1.60.01
NA
CVE-2022-45920
In Softing uaToolkit Embedded prior to 1.41, a malformed CreateMonitoredItems request may cause a memory leak.
Softing Uatoolkit Embedded
890
VMScore
CVE-2019-11526
An issue exists in Softing uaGate SI 1.60.01. A maintenance script, that is executable via sudo, is vulnerable to file path injection. This enables the malicious user to write files with superuser privileges in specific locations.
Softing Uagate Si Firmware 1.60.01
445
VMScore
CVE-2019-11528
An issue exists in Softing uaGate SI 1.60.01. A system default path for executables is user writable.
Softing Uagate Si Firmware 1.60.01
NA
CVE-2022-44018
In Softing uaToolkit Embedded prior to 1.40.1, a malformed PubSub discovery announcement message can cause a NULL pointer dereference or out-of-bounds memory access in the subscriber application.
Softing Uatoolkit Embedded
NA
CVE-2023-37571
Softing TH SCOPE up to and including 3.70 allows XSS.
Softing Th Scope
NA
CVE-2023-38126
Softing edgeAggregator Restore Configuration Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Softing edgeAggregator. Authentication is required to exploit this vulnera...
Softing Edgeaggregator 3.4.0
605
VMScore
CVE-2021-29660
A Cross-Site Request Forgery (CSRF) vulnerability in en/cfg_setpwd.html in Softing AG OPC Toolbox up to and including 4.10.1.13035 allows malicious users to reset the administrative password by inducing the Administrator user to browse a URL controlled by an attacker.
Softing Opc Toolbox
312
VMScore
CVE-2021-29661
Softing AG OPC Toolbox up to and including 4.10.1.13035 allows /en/diag_values.html Stored XSS via the ITEMLISTVALUES##ITEMID parameter, resulting in JavaScript payload injection into the trace file. This payload will then be triggered every time an authenticated user browses the...
Softing Opc Toolbox
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »