EUVD-2025-6679

Malicious code in bioql PyPI...

CVE-2025-1468

CVE-2025-1468 affects CODESYS Control V3 – OPC UA Server. An unauthenticated remote attacker can access sensitive information, including authentication data, when the server uses the non-default Basic128Rsa15 security policy. Impact is information disclosure (CVSS 3.1 base score 7.5; NETWORK, LOW...

CODESYS Runtime Toolkit 安全漏洞

CODESYS Runtime Toolkit is a comprehensive software development kit for programmable controllers from CODESYS, Germany. It is used to convert embedded platforms or industrial PCs into controllers and supports secondary development. A security vulnerability exists in CODESYS Runtime Toolkit versio...

GHSA-H958-FXGG-G7W3 Security Update for the OPC UA .NET Standard Stack

This security update resolves a vulnerability in the OPC UA .NET Standard Stack that allows an unauthorized attacker to bypass application authentication when the deprecated Basic128Rsa15 security policy is enabled. Note that the Basic128Rsa15 is disabled by default so most users will not be...

Security Update for the OPC UA .NET Standard Stack

This security update resolves a vulnerability in the OPC UA .NET Standard Stack that allows an unauthorized attacker to bypass application authentication when the deprecated Basic128Rsa15 security policy is enabled. Note that the Basic128Rsa15 is disabled by default so most users will not be...

Authorization Bypass

OPCFoundation.NetStandard.Opc.Ua is vulnerable to Authorization Bypass. The vulnerability is due to improper authentication enforcement due to the deprecated Basic128Rsa15 security policy being enabled, allowing an unauthorized attacker to bypass application authentication...

CVE-2024-42512

Vulnerability in the OPC UA .NET Standard Stack before 1.5.374.158 allows an unauthorized attacker to bypass application authentication when the deprecated Basic128Rsa15 security policy is enabled...

GHSA-QV5F-57GW-VX3H Duplicate Advisory: Authorization Bypass in OPC UA .NET Standard Stack

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-h958-fxgg-g7w3. This link is maintained to preserve external references. Original Description Vulnerability in the OPC UA .NET Standard Stack before 1.5.374.158 allows an unauthorized attacker to bypass...

CVE-2024-42512

Vulnerability in the OPC UA .NET Standard Stack before 1.5.374.158 allows an unauthorized attacker to bypass application authentication when the deprecated Basic128Rsa15 security policy is enabled...

CVE-2024-42512

Vulnerability in the OPC UA .NET Standard Stack before 1.5.374.158 allows an unauthorized attacker to bypass application authentication when the deprecated Basic128Rsa15 security policy is enabled...

OPC UA .NET Standard Stack 安全漏洞

OPC UA .NET Standard Stack is an open source C++ framework from the OPC Foundation of America. NET Standard Stack is an open source C++ framework for developing and distributing OPC UA client/server applications. A security vulnerability exists in OPC UA .NET Standard Stack versions prior to...

CVE-2024-42512

CVE-2024-42512 affects the OPC UA .NET Standard Stack prior to 1.5.374.158. An unauthorized attacker can bypass application authentication when the deprecated Basic128Rsa15 security policy is enabled. The vulnerability is exploitable over the network with no user interaction; CVSSv3.1 base score ...

Timing Attack

Overview OPCFoundation.NetStandard.Opc.Ua is a package that contains the OPC UA reference implementation and is targeting the .NET Standard Library. Affected versions of this package are vulnerable to Timing Attack when using the deprecated Basic128Rsa15 security policy disabled by default. This...