VYPR
Vendor

Softx

Products
16
CVEs
60
Across products
70
Status
Private

Products

16

Recent CVEs

60
View all 60 CVEs →
  • CVE-2025-34107HigJul 15, 2025
    risk 0.65cvss epss 0.01

    A buffer overflow vulnerability exists in the WinaXe FTP Client version 7.7 within the FTP banner parsing functionality, WCMDPA10.dll. When the client connects to a remote FTP server and receives an overly long '220 Server Ready' response, the vulnerable component responsible…

  • CVE-2014-6617CriMar 9, 2018
    risk 0.64cvss 9.8epss 0.05

    Softing FG-100 PB PROFIBUS firmware version FG-x00-PB_V2.02.0.00 contains a hardcoded password for the root account, which allows remote attackers to obtain administrative access via a TELNET session.

  • CVE-2026-1842MedFeb 20, 2026
    risk 0.40cvss epss 0.00

    HyperCloud versions 2.3.5 through 2.6.8 improperly allowed refresh tokens to be used directly for resource access and failed to invalidate previously issued access tokens when a refresh token was used. Because refresh tokens have a significantly longer lifetime (default one…

  • CVE-2024-25075MedApr 2, 2024
    risk 0.33cvss 5.1epss 0.00

    An issue was discovered in Softing uaToolkit Embedded before 1.41.1. When a subscription with a very low MaxNotificationPerPublish parameter is created, a publish response is mishandled, leading to memory consumption. When that happens often enough, the device will be out of…

  • CVE-2024-13058MedDec 30, 2024
    risk 0.31cvss epss 0.00

    An issue exists in SoftIron HyperCloud where authenticated, but non-admin users can create data pools, which could potentially impact the performance and availability of the backend software-defined storage subsystem. This issue only impacts SoftIron HyperCloud and related…

  • CVE-2025-10650LowSep 18, 2025
    risk 0.12cvss epss 0.00

    SoftIron HyperCloud 2.5.0 through 2.6.3 may incorrectly add user SSH keys to the administrator-level authorized keys under certain conditions, allowing unauthorized privilege escalation to admin via SSH. Affects non-production debug and internal development builds created…

  • CVE-2022-2334Aug 17, 2022
    risk 0.08cvss epss 0.10

    The application searches for a library dll that is not found. If an attacker can place a dll with this name, then the attacker can leverage it to execute arbitrary code on the targeted Softing Secure Integration Server V1.22.

  • CVE-2022-1373Aug 17, 2022
    risk 0.08cvss epss 0.10

    The “restore configuration” feature of Softing Secure Integration Server V1.22 is vulnerable to a directory traversal vulnerability when processing zip files. An attacker can craft a zip file to load an arbitrary dll and execute code. Using the "restore configuration"…

  • CVE-2003-0371Jun 16, 2003
    risk 0.04cvss epss 0.06

    Buffer overflow in Prishtina FTP client 1.x allows remote FTP servers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP banner.

  • CVE-2003-1369Dec 31, 2003
    risk 0.03cvss epss 0.04

    Buffer overflow in ByteCatcher FTP client 1.04b allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP server banner.

  • CVE-2002-0608Jun 18, 2002
    risk 0.03cvss epss 0.04

    Buffer overflow in Matu FTP client 1.74 allows remote FTP servers to execute arbitrary code via a long "220" banner.

  • CVE-2023-38126Dec 19, 2023
    risk 0.01cvss epss 0.69

    Softing edgeAggregator Restore Configuration Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing edgeAggregator. Authentication is required to exploit this…

  • CVE-2019-11527Oct 10, 2019
    risk 0.01cvss epss 0.03

    An issue was discovered in Softing uaGate SI 1.60.01. A CGI script is vulnerable to command injection with a maliciously crafted url parameter.

  • CVE-2023-7339Mar 27, 2026
    risk 0.00cvss epss 0.00

    Stack-based buffer overflow vulnerability in Softing Industrial Automation GmbH gateways allows overflow buffers. This issue affects pnGate: through 1.30 epGate: through 1.30 mbGate: through 1.30 smartLink HW-DP: through 1.30 smartLink HW-PN: through 1.01.

  • CVE-2024-14028Mar 27, 2026
    risk 0.00cvss epss 0.00

    Use after free vulnerability in Softing smartLink HW-DP or smartLink HW-PN webserver allows HTTP DoS. This issue affects: smartLink HW-DP: through 1.31 smartLink HW-PN: before 1.02.

  • CVE-2025-13406Mar 17, 2026
    risk 0.00cvss epss 0.00

    NULL Pointer Dereference vulnerability in Softing Industrial Automation GmbH smartLink SW-HT (Webserver modules) allows HTTP DoS.This issue affects smartLink SW-HT: 1.43.

  • CVE-2025-10461Mar 16, 2026
    risk 0.00cvss epss 0.00

    Global file reads caused by improper URL checks in webserver in Softing Industrial Automation GmbH smartLinks on docker (filesystem modules) allows file access. This issue affects smartLink SW-HT: through 1.42 smartLink SW-PN: through 1.03.

  • CVE-2025-10685Mar 16, 2026
    risk 0.00cvss epss 0.00

    Heap-based buffer overflow vulnerability in Softing Industrial Automation GmbH smartLink SW-PN and smartLink SW-HT (Webserver modules) allows overflow buffers.This issue affects: smartLink SW-PN: through 1.03 smartLink SW-HT: through 1.42

  • CVE-2023-39482May 3, 2024
    risk 0.00cvss epss 0.01

    Softing Secure Integration Server Hardcoded Cryptographic Key Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Softing Secure Integration Server. Although authentication is required to…

  • CVE-2023-39481May 3, 2024
    risk 0.00cvss epss 0.01

    Softing Secure Integration Server Interpretation Conflict Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this…