Vulnerabilities > Opcfoundation > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-12 | CVE-2023-31048 | Information Exposure Through an Error Message vulnerability in Opcfoundation Ua-.Netstandard The OPC UA .NET Standard Reference Server before 1.4.371.86. | 5.3 |
| 2022-03-21 | CVE-2021-45117 | NULL Pointer Dereference vulnerability in multiple products The OPC autogenerated ANSI C stack stubs (in the NodeSets) do not handle all error cases. | 6.5 |
| 2021-02-16 | CVE-2020-29457 | Improper Certificate Validation vulnerability in Opcfoundation Ua-.Netstandard A Privilege Elevation vulnerability in OPC UA .NET Standard Stack 1.4.363.107 could allow a rogue application to establish a secure connection. | 4.4 |
| 2018-10-03 | CVE-2018-12087 | Improper Certificate Validation vulnerability in Opcfoundation Ua-.Net-Legacy and Ua-.Netstandard Failure to validate certificates in OPC Foundation UA Client Applications communicating without security allows attackers with control over a piece of network infrastructure to decrypt passwords. | 5.3 |
| 2018-06-13 | CVE-2018-7559 | Key Management Errors vulnerability in Opcfoundation Ua-.Net-Legacy and Ua-.Netstandard An issue was discovered in OPC UA .NET Standard Stack and Sample Code before GitHub commit 2018-04-12, and OPC UA .NET Legacy Stack and Sample Code before GitHub commit 2018-03-13. | 5.3 |
| 2018-06-13 | CVE-2017-17443 | Improper Input Validation vulnerability in Opcfoundation Local Discovery Server 1.03.370 OPC Foundation Local Discovery Server (LDS) 1.03.370 required a security update to resolve multiple vulnerabilities that allow attackers to trigger a crash by placing invalid data into the configuration file. | 6.5 |