Lucene search
+L

58 matches found

OSV
OSV
added 2026/07/06 8:3 a.m.3 views

PYSEC-2026-888 Uncontrolled Resource Consumption in asyncua and opcua

All versions of package opcua; all versions of package asyncua are vulnerable to Denial of Service DoS due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited numb...

7.5CVSS7.1AI score0.01063EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-0048

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.01031EPSS
Exploits1References12
EUVD
EUVD
added 2025/10/03 8:7 p.m.20 views

EUVD-2023-0047

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00454EPSS
Exploits1References13
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-6584

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.01063EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2023-26151

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Versions of the package asyncua before 0.9.96 are vulnerable to Denial of Service DoS such that an attacker can send a malformed packet and as a result, the...

7.5CVSS7AI score0.01031EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/21 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-26150

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Versions of the package asyncua before 0.9.96 are vulnerable to Improper Authentication such that it is possible to access Address Space without encryption and...

7.5CVSS7AI score0.00454EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/23 5:38 a.m.5 views

CVE-2023-26151

Versions of the package asyncua before 0.9.96 are vulnerable to Denial of Service DoS such that an attacker can send a malformed packet and as a result, the server will enter into an infinite loop and consume excessive memory...

7.5CVSS6.7AI score0.01031EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:39 a.m.6 views

CVE-2023-26150

Versions of the package asyncua before 0.9.96 are vulnerable to Improper Authentication such that it is possible to access Address Space without encryption and authentication. Note: This issue is a result of missing checks for services that require an active session...

7.5CVSS6.7AI score0.00454EPSS
Exploits1References1
Veracode
Veracode
added 2023/10/06 6:37 a.m.15 views

Denial Of Service(DoS)

asyncua is vulnerable to Denial Of Service DoS. The vulnerability is due to datareceived function in binaryserverasyncio.py which lacks proper error handling for malformed headers. An attacker can keep sending incomplete or malformed packets without a proper header and that cause memory exhaustio...

7.5CVSS7.1AI score0.01031EPSS
Exploits1References6Affected Software1
vulnersOsv
vulnersOsv
added 2023/10/03 6:30 a.m.7 views

datapoints (>=0.0.1 <=0.0.2), hvl-ccb (>=0.12.0 <=0.12.3) potentially affected by CVE-2023-26151 via asyncua (>=0.9.94 <=0.9.95)

asyncua PYPI version =0.9.94, =0.0.1, =0.12.0, =0.12.3 Source cves: CVE-2023-26151 Source advisory: OSV:GHSA-GFVQ-MXW3-MFQ3...

7.5CVSS7.1AI score0.01031EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2023/10/03 6:30 a.m.4 views

datapoints (>=0.0.1 <=0.0.2), hvl-ccb (>=0.12.0 <=0.12.3) potentially affected by CVE-2023-26150 via asyncua (>=0.9.94 <=0.9.95)

asyncua PYPI version =0.9.94, =0.0.1, =0.12.0, =0.12.3 Source cves: CVE-2023-26150 Source advisory: OSV:GHSA-2894-QCQF-G23G...

7.5CVSS7.1AI score0.00454EPSS
Exploits1
OSV
OSV
added 2023/10/03 6:30 a.m.3 views

GHSA-2894-QCQF-G23G asyncua Improper Authentication vulnerability

Versions of the package asyncua before 0.9.96 are vulnerable to Improper Authentication such that it is possible to access Address Space without encryption and authentication. Note: This issue is a result of missing checks for services that require an active session...

7.5CVSS7.1AI score0.00454EPSS
Exploits1References10
OSV
OSV
added 2023/10/03 6:30 a.m.2 views

GHSA-GFVQ-MXW3-MFQ3 asyncua vulnerable to denial of service via infinite loop

Versions of the package asyncua before 0.9.96 are vulnerable to Denial of Service DoS such that an attacker can send a malformed packet and as a result, the server will enter into an infinite loop and consume excessive memory...

7.5CVSS5.9AI score0.01031EPSS
Exploits1References9
Github Security Blog
Github Security Blog
added 2023/10/03 6:30 a.m.28 views

asyncua vulnerable to denial of service via infinite loop

Versions of the package asyncua before 0.9.96 are vulnerable to Denial of Service DoS such that an attacker can send a malformed packet and as a result, the server will enter into an infinite loop and consume excessive memory...

7.5CVSS6.8AI score0.01031EPSS
Exploits1References9Affected Software1
Github Security Blog
Github Security Blog
added 2023/10/03 6:30 a.m.37 views

asyncua Improper Authentication vulnerability

Versions of the package asyncua before 0.9.96 are vulnerable to Improper Authentication such that it is possible to access Address Space without encryption and authentication. Note: This issue is a result of missing checks for services that require an active session...

7.5CVSS6.8AI score0.00454EPSS
Exploits1References10Affected Software1
NVD
NVD
added 2023/10/03 5:15 a.m.27 views

CVE-2023-26151

Versions of the package asyncua before 0.9.96 are vulnerable to Denial of Service DoS such that an attacker can send a malformed packet and as a result, the server will enter into an infinite loop and consume excessive memory...

7.5CVSS6.2AI score0.01031EPSS
Exploits1References6
vulnersOsv
vulnersOsv
added 2023/10/03 5:15 a.m.5 views

datapoints (>=0.0.1 <=0.0.2), hvl-ccb (>=0.12.0 <=0.12.3) potentially affected by CVE-2023-26150 via asyncua (>=0.9.94 <=0.9.95)

asyncua PYPI version =0.9.94, =0.0.1, =0.12.0, =0.12.3 Source cves: CVE-2023-26150 Source advisory: OSV:PYSEC-2023-189...

7.5CVSS7.1AI score0.00454EPSS
Exploits1
PyPA
PyPA
added 2023/10/03 5:15 a.m.8 views

PYSEC-2023-189

Versions of the package asyncua before 0.9.96 are vulnerable to Improper Authentication such that it is possible to access Address Space without encryption and authentication. Note: This issue is a result of missing checks for services that require an active session...

7.5CVSS6.8AI score0.00454EPSS
Exploits1References12Affected Software1
Prion
Prion
added 2023/10/03 5:15 a.m.18 views

Code injection

Versions of the package asyncua before 0.9.96 are vulnerable to Denial of Service DoS such that an attacker can send a malformed packet and as a result, the server will enter into an infinite loop and consume excessive memory...

5CVSS7.5AI score0.01031EPSS
Exploits1References6Affected Software1
Prion
Prion
added 2023/10/03 5:15 a.m.14 views

Authentication flaw

Versions of the package asyncua before 0.9.96 are vulnerable to Improper Authentication such that it is possible to access Address Space without encryption and authentication. Note: This issue is a result of missing checks for services that require an active session...

5CVSS7.5AI score0.00454EPSS
Exploits1References7Affected Software1
Rows per page
Query Builder