Filtered by vendor Softing
Subscriptions
Total
34 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-14524 | 1 Softing | 1 Opc | 2024-09-17 | 9.8 Critical |
| Softing Industrial Automation all versions prior to the latest build of version 4.47.0, The affected product is vulnerable to a heap-based buffer overflow, which may allow an attacker to remotely execute arbitrary code. | ||||
| CVE-2020-14522 | 1 Softing | 1 Opc | 2024-09-16 | 7.5 High |
| Softing Industrial Automation all versions prior to the latest build of version 4.47.0, The affected product is vulnerable to uncontrolled resource consumption, which may allow an attacker to cause a denial-of-service condition. | ||||
| CVE-2022-48192 | 1 Softing | 1 Smartlink Sw-ht | 2024-09-05 | 7.2 High |
| Cross-site Scripting vulnerability in Softing smartLink SW-HT before 1.30, which allows an attacker to execute a dynamic script (JavaScript, VBScript) in the context of the application. | ||||
| CVE-2022-48193 | 1 Softing | 1 Smartlink Sw-ht | 2024-09-05 | 5.9 Medium |
| Weak ciphers in Softing smartLink SW-HT before 1.30 are enabled during secure communication (SSL). | ||||
| CVE-2014-6616 | 1 Softing | 2 Fg-100 Profibus, Fg-x00 Profibus Firmware | 2024-08-06 | N/A |
| Cross-site scripting (XSS) vulnerability in Softing FG-100 PROFIBUS Single Channel (FG-100-PB) with firmware FG-x00-PB_V2.02.0.00 allows remote attackers to inject arbitrary web script or HTML via the DEVICE_NAME parameter to cgi-bin/CFGhttp/. | ||||
| CVE-2019-15051 | 1 Softing | 6 Uagate 840d, Uagate 840d Firmware, Uagate Mb and 3 more | 2024-08-05 | 8.8 High |
| An issue was discovered in Softing uaGate (SI, MB, 840D) firmware through 1.71.00.1225. A CGI script is vulnerable to command injection via a maliciously crafted form parameter. | ||||
| CVE-2019-11528 | 1 Softing | 2 Uagate Si, Uagate Si Firmware | 2024-08-04 | 7.5 High |
| An issue was discovered in Softing uaGate SI 1.60.01. A system default path for executables is user writable. | ||||
| CVE-2019-11526 | 1 Softing | 2 Uagate Si, Uagate Si Firmware | 2024-08-04 | 9.8 Critical |
| An issue was discovered in Softing uaGate SI 1.60.01. A maintenance script, that is executable via sudo, is vulnerable to file path injection. This enables the Attacker to write files with superuser privileges in specific locations. | ||||
| CVE-2019-11527 | 1 Softing | 2 Uagate Si, Uagate Si Firmware | 2024-08-04 | 8.8 High |
| An issue was discovered in Softing uaGate SI 1.60.01. A CGI script is vulnerable to command injection with a maliciously crafted url parameter. | ||||
| CVE-2021-42577 | 1 Softing | 3 Datafeed Opc Suite, Opc Ua C\+\+ Software Development Kit, Secure Integration Server | 2024-08-04 | 7.5 High |
| An issue was discovered in Softing OPC UA C++ SDK before 5.70. A malformed OPC/UA message abort packet makes the client crash with a NULL pointer dereference. | ||||
| CVE-2021-42262 | 1 Softing | 3 Datafeed Opc Suite, Opc Ua C\+\+ Software Development Kit, Secure Integration Server | 2024-08-04 | 6.5 Medium |
| An issue was discovered in Softing OPC UA C++ SDK before 5.70. An invalid XML element in the type dictionary makes the OPC/UA client crash due to an out-of-memory condition. | ||||
| CVE-2021-40871 | 1 Softing | 4 Datafeed Opc Suite, Opc, Secure Integration Server and 1 more | 2024-08-04 | 7.5 High |
| An issue was discovered in Softing Industrial Automation OPC UA C++ SDK before 5.66. Remote attackers to cause a denial of service (DoS) by sending crafted messages to a OPC/UA client. The client process may crash unexpectedly because of a wrong type cast, and must be restarted. | ||||
| CVE-2021-40873 | 1 Softing | 7 Datafeed Opc Suite, Edgeconnector, Opc and 4 more | 2024-08-04 | 7.5 High |
| An issue was discovered in Softing Industrial Automation OPC UA C++ SDK before 5.66, and uaToolkit Embedded before 1.40. Remote attackers to cause a denial of service (DoS) by sending crafted messages to a client or server. The server process may crash unexpectedly because of a double free, and must be restarted. | ||||
| CVE-2021-40872 | 1 Softing | 2 Smartlink Hw-dp, Uatoolkit Embedded | 2024-08-04 | 7.5 High |
| An issue was discovered in Softing Industrial Automation uaToolkit Embedded before 1.40. Remote attackers to cause a denial of service (DoS) or login as an anonymous user (bypassing security checks) by sending crafted messages to a OPC/UA server. The server process may crash unexpectedly because of an invalid type cast, and must be restarted. | ||||
| CVE-2021-32994 | 1 Softing | 1 Opc Ua C\+\+ Software Development Kit | 2024-08-03 | 7.5 High |
| Softing OPC UA C++ SDK (Software Development Kit) versions from 5.59 to 5.64 exported library functions don't properly validate received extension objects, which may allow an attacker to crash the software by sending a variety of specially crafted packets to access several unexpected memory locations. | ||||
| CVE-2021-29661 | 1 Softing | 1 Opc Toolbox | 2024-08-03 | 5.4 Medium |
| Softing AG OPC Toolbox through 4.10.1.13035 allows /en/diag_values.html Stored XSS via the ITEMLISTVALUES##ITEMID parameter, resulting in JavaScript payload injection into the trace file. This payload will then be triggered every time an authenticated user browses the page containing it. | ||||
| CVE-2021-29660 | 1 Softing | 1 Opc Toolbox | 2024-08-03 | 8.8 High |
| A Cross-Site Request Forgery (CSRF) vulnerability in en/cfg_setpwd.html in Softing AG OPC Toolbox through 4.10.1.13035 allows attackers to reset the administrative password by inducing the Administrator user to browse a URL controlled by an attacker. | ||||
| CVE-2022-45920 | 1 Softing | 1 Uatoolkit Embedded | 2024-08-03 | 7.5 High |
| In Softing uaToolkit Embedded before 1.41, a malformed CreateMonitoredItems request may cause a memory leak. | ||||
| CVE-2022-44018 | 1 Softing | 1 Uatoolkit Embedded | 2024-08-03 | 7.5 High |
| In Softing uaToolkit Embedded before 1.40.1, a malformed PubSub discovery announcement message can cause a NULL pointer dereference or out-of-bounds memory access in the subscriber application. | ||||
| CVE-2022-39823 | 1 Softing | 2 Opc, Opc Ua C\+\+ Software Development Kit | 2024-08-03 | 7.5 High |
| An issue was discovered in Softing OPC UA C++ SDK 5.66 through 6.x before 6.10. An OPC/UA browse request exceeding the server limit on continuation points may cause a use-after-free error | ||||