NuGet package
opcfoundation.netstandard.opc.ua
pkg:nuget/opcfoundation.netstandard.opc.ua
Vulnerabilities (5)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-45526 | Med | 5.3 | < 1.5.374.118 | 1.5.374.118 | Oct 22, 2024 | An issue was discovered in OPC Foundation OPCFoundation/UA-.NETStandard through 1.5.374.78. A remote attacker can send requests with invalid credentials and cause the server performance to degrade gradually. | |
| CVE-2020-8867 | — | < 1.4.359.31 | 1.4.359.31 | Apr 22, 2020 | This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of OPC Foundation UA .NET Standard 1.04.358.30. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of sessions. The | ||
| CVE-2018-12087 | — | < 1.4.353.15 | 1.4.353.15 | Oct 3, 2018 | Failure to validate certificates in OPC Foundation UA Client Applications communicating without security allows attackers with control over a piece of network infrastructure to decrypt passwords. | ||
| CVE-2018-12086 | — | < 1.4.353.15 | 1.4.353.15 | Sep 14, 2018 | Buffer overflow in OPC UA applications allows remote attackers to trigger a stack overflow with carefully structured requests. | ||
| CVE-2018-7559 | — | < 1.3.352.12 | 1.3.352.12 | Jun 13, 2018 | An issue was discovered in OPC UA .NET Standard Stack and Sample Code before GitHub commit 2018-04-12, and OPC UA .NET Legacy Stack and Sample Code before GitHub commit 2018-03-13. A vulnerability in OPC UA applications can allow a remote attacker to determine a Server's private |
- affected < 1.5.374.118fixed 1.5.374.118
An issue was discovered in OPC Foundation OPCFoundation/UA-.NETStandard through 1.5.374.78. A remote attacker can send requests with invalid credentials and cause the server performance to degrade gradually.
- CVE-2020-8867Apr 22, 2020affected < 1.4.359.31fixed 1.4.359.31
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of OPC Foundation UA .NET Standard 1.04.358.30. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of sessions. The
- CVE-2018-12087Oct 3, 2018affected < 1.4.353.15fixed 1.4.353.15
Failure to validate certificates in OPC Foundation UA Client Applications communicating without security allows attackers with control over a piece of network infrastructure to decrypt passwords.
- CVE-2018-12086Sep 14, 2018affected < 1.4.353.15fixed 1.4.353.15
Buffer overflow in OPC UA applications allows remote attackers to trigger a stack overflow with carefully structured requests.
- CVE-2018-7559Jun 13, 2018affected < 1.3.352.12fixed 1.3.352.12
An issue was discovered in OPC UA .NET Standard Stack and Sample Code before GitHub commit 2018-04-12, and OPC UA .NET Legacy Stack and Sample Code before GitHub commit 2018-03-13. A vulnerability in OPC UA applications can allow a remote attacker to determine a Server's private