Vulnerabilities > Opcfoundation > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-12 | CVE-2023-31048 | Information Exposure Through an Error Message vulnerability in Opcfoundation Ua-.Netstandard The OPC UA .NET Standard Reference Server before 1.4.371.86. | 5.3 |
| 2022-06-16 | CVE-2022-29863 | Allocation of Resources Without Limits or Throttling vulnerability in Opcfoundation UA .Net Standard Stack OPC UA .NET Standard Stack 1.04.368 allows remote attacker to cause a crash via a crafted message that triggers excessive memory allocation. | 5.0 |
| 2022-06-16 | CVE-2022-29864 | Resource Exhaustion vulnerability in Opcfoundation UA .Net Standard Stack OPC UA .NET Standard Stack 1.04.368 allows a remote attacker to cause a server to crash via a large number of messages that trigger Uncontrolled Resource Consumption. | 5.0 |
| 2022-06-16 | CVE-2022-29866 | Resource Exhaustion vulnerability in Opcfoundation UA .Net Standard Stack OPC UA .NET Standard Stack 1.04.368 allows a remote attacker to exhaust the memory resources of a server via a crafted request that triggers Uncontrolled Resource Consumption. | 5.0 |
| 2022-06-16 | CVE-2022-29862 | Infinite Loop vulnerability in Opcfoundation UA .Net Standard Stack An infinite loop in OPC UA .NET Standard Stack 1.04.368 allows a remote attackers to cause the application to hang via a crafted message. | 5.0 |
| 2022-06-16 | CVE-2022-29865 | Improper Authentication vulnerability in Opcfoundation UA .Net Standard Stack OPC UA .NET Standard Stack allows a remote attacker to bypass the application authentication check via crafted fake credentials. | 5.0 |
| 2022-05-20 | CVE-2022-30551 | Resource Exhaustion vulnerability in Opcfoundation Ua-Java 20220401 OPC UA Legacy Java Stack 2022-04-01 allows a remote attacker to cause a server to stop processing messages by sending crafted messages that exhaust available resources. | 5.0 |
| 2022-03-21 | CVE-2021-45117 | NULL Pointer Dereference vulnerability in multiple products The OPC autogenerated ANSI C stack stubs (in the NodeSets) do not handle all error cases. | 4.3 |
| 2021-08-27 | CVE-2021-40142 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In OPC Foundation Local Discovery Server (LDS) before 1.04.402.463, remote attackers can cause a denial of service (DoS) by sending carefully crafted messages that lead to Access of a Memory Location After the End of a Buffer. | 5.0 |
| 2021-05-20 | CVE-2021-27432 | Uncontrolled Recursion vulnerability in Opcfoundation Ua-.Net-Legacy and UA .Net Standard Stack OPC Foundation UA .NET Standard versions prior to 1.4.365.48 and OPC UA .NET Legacy are vulnerable to an uncontrolled recursion, which may allow an attacker to trigger a stack overflow. | 5.0 |