Vulnerabilities > Opcfoundation > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-20 | CVE-2021-27432 | Unspecified vulnerability in Opcfoundation Ua-.Net-Legacy and UA .Net Standard Stack OPC Foundation UA .NET Standard versions prior to 1.4.365.48 and OPC UA .NET Legacy are vulnerable to an uncontrolled recursion, which may allow an attacker to trigger a stack overflow. | 7.5 |
| 2020-04-22 | CVE-2020-8867 | Insufficient Session Expiration vulnerability in Opcfoundation Unified Architecture .Net-Standard This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of OPC Foundation UA .NET Standard 1.04.358.30. | 7.5 |
| 2020-03-16 | CVE-2019-19135 | Use of Insufficiently Random Values vulnerability in Opcfoundation Netstandard.Opc.Ua and Ua-.Netstandard In OPC Foundation OPC UA .NET Standard codebase 1.4.357.28, servers do not create sufficiently random numbers in OPCFoundation.NetStandard.Opc.Ua before 1.4.359.31, which allows man in the middle attackers to reuse encrypted user credentials sent over the network. | 7.4 |
| 2018-09-14 | CVE-2018-12585 | XXE vulnerability in Opcfoundation Ua-.Net-Legacy and Ua-Java An XXE vulnerability in the OPC UA Java and .NET Legacy Stack can allow remote attackers to trigger a denial of service. | 8.2 |
| 2018-09-14 | CVE-2018-12086 | Out-of-bounds Write vulnerability in multiple products Buffer overflow in OPC UA applications allows remote attackers to trigger a stack overflow with carefully structured requests. | 7.5 |
| 2018-06-14 | CVE-2017-12070 | Improper Input Validation vulnerability in Opcfoundation Ua-.Net-Legacy 1.02.336.0 Unsigned versions of the DLLs distributed by the OPC Foundation may be replaced with malicious code. | 8.8 |
| 2018-06-13 | CVE-2017-11672 | Unquoted Search Path or Element vulnerability in Opcfoundation Local Discovery Server 1.03.355 The OPC Foundation Local Discovery Server (LDS) before 1.03.367 is installed as a Windows Service without adding double quotes around the opcualds.exe executable path, which might allow local users to gain privileges. | 7.8 |