Vendor
Softx
Products
5
CVEs
10
Across products
10
Status
Private
Products
5- 3 CVEs
- 3 CVEs
- 2 CVEs
- 1 CVE
- 1 CVE
Recent CVEs
10| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-13406 | 0.00 | — | 0.00 | Mar 17, 2026 | NULL Pointer Dereference vulnerability in Softing Industrial Automation GmbH smartLink SW-HT (Webserver modules) allows HTTP DoS.This issue affects smartLink SW-HT: 1.43. | ||
| CVE-2025-10461 | 0.00 | — | 0.00 | Mar 16, 2026 | Global file reads caused by improper URL checks in webserver in Softing Industrial Automation GmbH smartLinks on docker (filesystem modules) allows file access. This issue affects smartLink SW-HT: through 1.42 smartLink SW-PN: through 1.03. | ||
| CVE-2025-10685 | 0.00 | — | 0.00 | Mar 16, 2026 | Heap-based buffer overflow vulnerability in Softing Industrial Automation GmbH smartLink SW-PN and smartLink SW-HT (Webserver modules) allows overflow buffers.This issue affects: smartLink SW-PN: through 1.03 smartLink SW-HT: through 1.42 | ||
| CVE-2023-45085 | 0.00 | — | 0.00 | Dec 5, 2023 | An issue exists in SoftIron HyperCloud where compute nodes may come online immediately without following the correct initialization process. In this instance, workloads may be scheduled on these nodes and deploy to a failed or erroneous state, which impacts the availability of these workloads that may be deployed during this time window. This issue impacts HyperCloud versions from 2.0.0 to before 2.0.3. | ||
| CVE-2023-45084 | 0.00 | — | 0.00 | Dec 5, 2023 | An issue exists in SoftIron HyperCloud where drive caddy removal and reinsertion without a reboot may erroneously cause the system to recognize the caddy as new media and wipe all data on the drives due to a missing synchronization flaw, which impacts data availability and integrity. This issue only impacts SoftIron HyperCloud "density" storage nodes running HyperCloud software versions 1.0 to before 2.0.3. | ||
| CVE-2023-45083 | 0.00 | — | 0.00 | Dec 5, 2023 | An Improper Privilege Management vulnerability exists in HyperCloud that will impact the ability for a user to authenticate against the management plane. An authenticated admin-level user may be able to delete the "admin" or "serveradmin" users, which prevents authentication from subsequently succeeding. This issue affects HyperCloud versions 1.0 to any release before 2.1. | ||
| CVE-2022-1748 | 0.00 | — | 0.00 | Aug 17, 2022 | Softing OPC UA C++ Server SDK, Secure Integration Server, edgeConnector, edgeAggregator, OPC Suite, and uaGate are affected by a NULL pointer dereference vulnerability. | ||
| CVE-2022-2336 | 0.00 | — | 0.00 | Aug 17, 2022 | Softing Secure Integration Server, edgeConnector, and edgeAggregator software ships with the default administrator credentials as `admin` and password as `admin`. This allows Softing to log in to the server directly to perform administrative functions. Upon installation or upon first login, the application does not ask the user to change the `admin` password. There is no warning or prompt to ask the user to change the default password, and to change the password, many steps are required. | ||
| CVE-2014-6616 | 0.00 | — | 0.00 | Aug 31, 2015 | Cross-site scripting (XSS) vulnerability in Softing FG-100 PROFIBUS Single Channel (FG-100-PB) with firmware FG-x00-PB_V2.02.0.00 allows remote attackers to inject arbitrary web script or HTML via the DEVICE_NAME parameter to cgi-bin/CFGhttp/. | ||
| CVE-2010-3096 | 0.00 | — | 0.00 | Aug 20, 2010 | Directory traversal vulnerability in SoftX FTP Client 3.3 and possibly earlier allows remote FTP servers to write arbitrary files via "..\" (dot dot backslash) sequences in a filename. |