Vulnerabilities > GE > Toolboxst > High

DATE CVE VULNERABILITY TITLE RISK
2023-04-11 CVE-2023-1552 Deserialization of Untrusted Data vulnerability in GE Toolboxst 04.07.05C/07.09.07C
ToolboxST prior to version 7.10 is affected by a deserialization vulnerability.
local
low complexity
ge CWE-502
7.8
2022-03-25 CVE-2021-44477 XXE vulnerability in GE Toolboxst 04.07.05C
GE Gas Power ToolBoxST Version v04.07.05C suffers from an XML external entity (XXE) vulnerability using the DTD parameter entities technique that could result in disclosure and retrieval of arbitrary data on the affected node via an out-of-band (OOB) attack.
network
low complexity
ge CWE-611
7.5