CVE-2024-42513

Vulnerability in the OPC UA .NET Standard Stack before 1.5.374.158 allows an unauthorized attacker to bypass application authentication when using HTTPS endpoints...

CVE-2024-42512

Vulnerability in the OPC UA .NET Standard Stack before 1.5.374.158 allows an unauthorized attacker to bypass application authentication when the deprecated Basic128Rsa15 security policy is enabled...

Duplicate Advisory: Authentication Bypass by Spoofing in OPC UA .NET Standard Stack

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-4rcc-7pg7-f57f. This link is maintained to preserve external references. Original Description Vulnerability in the OPC UA .NET Standard Stack before 1.5.374.158 allows an unauthorized attacker to bypass...

Duplicate Advisory: Authorization Bypass in OPC UA .NET Standard Stack

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-h958-fxgg-g7w3. This link is maintained to preserve external references. Original Description Vulnerability in the OPC UA .NET Standard Stack before 1.5.374.158 allows an unauthorized attacker to bypass...

GHSA-QV5F-57GW-VX3H Duplicate Advisory: Authorization Bypass in OPC UA .NET Standard Stack

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-h958-fxgg-g7w3. This link is maintained to preserve external references. Original Description Vulnerability in the OPC UA .NET Standard Stack before 1.5.374.158 allows an unauthorized attacker to bypass...

GHSA-7WWR-H8CM-9JF7 Duplicate Advisory: Authentication Bypass by Spoofing in OPC UA .NET Standard Stack

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-4rcc-7pg7-f57f. This link is maintained to preserve external references. Original Description Vulnerability in the OPC UA .NET Standard Stack before 1.5.374.158 allows an unauthorized attacker to bypass...

CVE-2024-42513

Vulnerability in the OPC UA .NET Standard Stack before 1.5.374.158 allows an unauthorized attacker to bypass application authentication when using HTTPS endpoints...

CVE-2024-42512

Vulnerability in the OPC UA .NET Standard Stack before 1.5.374.158 allows an unauthorized attacker to bypass application authentication when the deprecated Basic128Rsa15 security policy is enabled...

CVE-2024-42512

CVE-2024-42512 affects the OPC UA .NET Standard Stack prior to 1.5.374.158. An unauthorized attacker can bypass application authentication when the deprecated Basic128Rsa15 security policy is enabled. The vulnerability is exploitable over the network with no user interaction; CVSSv3.1 base score ...

CVE-2024-42513

CVE-2024-42513 affects the OPC UA .NET Standard Stack prior to 1.5.374.158, allowing an unauthorized attacker to bypass application authentication when using HTTPS endpoints. Affected component: OPC UA .NET Standard Stack. Root cause: authentication bypass due to vulnerability in the stack (exact...

CVE-2024-42513

Vulnerability in the OPC UA .NET Standard Stack before 1.5.374.158 allows an unauthorized attacker to bypass application authentication when using HTTPS endpoints...

Timing Attack

Overview OPCFoundation.NetStandard.Opc.Ua is a package that contains the OPC UA reference implementation and is targeting the .NET Standard Library. Affected versions of this package are vulnerable to Timing Attack when using the deprecated Basic128Rsa15 security policy disabled by default. This...

CVE-2024-50338

Git Credential Manager (GCM) on Windows/macOS/Linux is affected by CVE-2024-50338 due to a newline handling mismatch with Git. GCM’s ReadLineAsync accepts LF, CRLF, and CR, while Git’s credential parsing forbids an isolated CR, enabling an attacker to craft a malicious remote URL (for example, ht...

Memory Consumption

opcfoundation.netstandard.opc.ua is vulnerable to a Memory Consumption. The vulnerability is due to insufficient safeguards in the OPC UA .NET Standard Stack that fail to limit memory consumption during certain operations, allowing an attacker to trigger a rapid increase in memory usage, which ma...

Allocation of Resources Without Limits or Throttling

Overview OPCFoundation.NetStandard.Opc.Ua is a package that contains the OPC UA reference implementation and is targeting the .NET Standard Library. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to the improper handling of certain...

Security Update for the OPC UA .NET Standard Stack

This security update resolves a vulnerability in the OPC UA .NET Standard Stack that allows an unauthorized attacker to trigger a gradual degradation in performance...

GHSA-7VFH-CQPC-4267 Security Update for the OPC UA .NET Standard Stack

This security update resolves a vulnerability in the OPC UA .NET Standard Stack that allows an unauthorized attacker to trigger a gradual degradation in performance...

GHSA-QM9F-C3V9-WPHV Security Update for the OPC UA .NET Standard Stack

This security update resolves a vulnerability in the OPC UA .NET Standard Stack that enables an unauthorized attacker to trigger a rapid increase in memory consumption...

Denial Of Service (DOS)

OPCFoundation.NetStandard.Opc.Ua.Core is vulnerable to Denial Of Service. The vulnerability is due to improper buffer management when the system receives an excessive number of messages from a remote source, which could allow remote attackers to exhaust memory resources and potentially lead to a...

CVE-2023-27321

OPC Foundation UA .NET Standard ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of OPC Foundation UA .NET Standard. Authentication is not required to exploit this...