VYPR

Vendor CVEs

Softx

All CVEs

60 total · sorted by risk
  • CVE-2021-40873Nov 10, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in Softing Industrial Automation OPC UA C++ SDK before 5.66, and uaToolkit Embedded before 1.40. Remote attackers to cause a denial of service (DoS) by sending crafted messages to a client or server. The server process may crash unexpectedly because of a…

  • CVE-2021-40872Nov 10, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in Softing Industrial Automation uaToolkit Embedded before 1.40. Remote attackers to cause a denial of service (DoS) or login as an anonymous user (bypassing security checks) by sending crafted messages to a OPC/UA server. The server process may crash…

  • CVE-2021-40871Nov 10, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in Softing Industrial Automation OPC UA C++ SDK before 5.66. Remote attackers to cause a denial of service (DoS) by sending crafted messages to a OPC/UA client. The client process may crash unexpectedly because of a wrong type cast, and must be restarted.

  • CVE-2020-14524Aug 25, 2020
    risk 0.00cvss epss 0.03

    Softing Industrial Automation all versions prior to the latest build of version 4.47.0, The affected product is vulnerable to a heap-based buffer overflow, which may allow an attacker to remotely execute arbitrary code.

  • CVE-2020-14522Aug 25, 2020
    risk 0.00cvss epss 0.01

    Softing Industrial Automation all versions prior to the latest build of version 4.47.0, The affected product is vulnerable to uncontrolled resource consumption, which may allow an attacker to cause a denial-of-service condition.

  • CVE-2019-11528Oct 10, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in Softing uaGate SI 1.60.01. A system default path for executables is user writable.

  • CVE-2019-15051Oct 10, 2019
    risk 0.00cvss epss 0.03

    An issue was discovered in Softing uaGate (SI, MB, 840D) firmware through 1.71.00.1225. A CGI script is vulnerable to command injection via a maliciously crafted form parameter.

  • CVE-2019-11526Oct 10, 2019
    risk 0.00cvss epss 0.02

    An issue was discovered in Softing uaGate SI 1.60.01. A maintenance script, that is executable via sudo, is vulnerable to file path injection. This enables the Attacker to write files with superuser privileges in specific locations.

  • CVE-2014-6616Aug 31, 2015
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in Softing FG-100 PROFIBUS Single Channel (FG-100-PB) with firmware FG-x00-PB_V2.02.0.00 allows remote attackers to inject arbitrary web script or HTML via the DEVICE_NAME parameter to cgi-bin/CFGhttp/.

  • CVE-2010-3096Aug 20, 2010
    risk 0.00cvss epss 0.01

    Directory traversal vulnerability in SoftX FTP Client 3.3 and possibly earlier allows remote FTP servers to write arbitrary files via "..\" (dot dot backslash) sequences in a filename.

Page 2 of 2