Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Opcfoundation Subscribe
Filtered by product Ua-.net-legacy
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-27432 1 Opcfoundation 2 Ua-.net-legacy, Ua .net Standard Stack 2021-06-01 5.0 MEDIUM 7.5 HIGH
OPC Foundation UA .NET Standard versions prior to 1.4.365.48 and OPC UA .NET Legacy are vulnerable to an uncontrolled recursion, which may allow an attacker to trigger a stack overflow.
CVE-2018-7559 1 Opcfoundation 2 Ua-.net-legacy, Ua-.netstandard 2019-06-10 3.5 LOW 5.3 MEDIUM
An issue was discovered in OPC UA .NET Standard Stack and Sample Code before GitHub commit 2018-04-12, and OPC UA .NET Legacy Stack and Sample Code before GitHub commit 2018-03-13. A vulnerability in OPC UA applications can allow a remote attacker to determine a Server's private key by sending carefully constructed bad UserIdentityTokens as part of an oracle attack.
CVE-2018-12087 1 Opcfoundation 2 Ua-.net-legacy, Ua-.netstandard 2019-01-14 2.1 LOW 5.3 MEDIUM
Failure to validate certificates in OPC Foundation UA Client Applications communicating without security allows attackers with control over a piece of network infrastructure to decrypt passwords.
CVE-2018-12585 1 Opcfoundation 2 Ua-.net-legacy, Ua-java 2018-11-27 6.4 MEDIUM 8.2 HIGH
An XXE vulnerability in the OPC UA Java and .NET Legacy Stack can allow remote attackers to trigger a denial of service.
CVE-2017-12070 1 Opcfoundation 1 Ua-.net-legacy 2018-08-07 6.8 MEDIUM 8.8 HIGH
Unsigned versions of the DLLs distributed by the OPC Foundation may be replaced with malicious code.