Authentication Bypass

OPCFoundation.NetStandard.Opc.Ua is vulnerable to an Authentication Bypass. The vulnerability is due to improper authentication enforcement due to weaknesses in HTTPS endpoint handling, allowing an unauthorized attacker to bypass application authentication...

CVE-2024-42513

Vulnerability in the OPC UA .NET Standard Stack before 1.5.374.158 allows an unauthorized attacker to bypass application authentication when using HTTPS endpoints...

Fedora 41 : bind / bind-dyndb-ldap (2025-3551f3ba1b)

The remote Fedora 41 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2025-3551f3ba1b advisory. Update to 9.16.33 2342784 Security Fixes: - DNS-over-HTTPS flooding fixes. CVE-2024-12705 - Limit additional section processing for large RDATA sets...

Astra Linux - уязвимость в curl

When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than otherwise intended. This affects curl using applications that enable HSTS and use URLs with the insecure HTTP:// scheme and perform transfers with host...

Duplicate Advisory: Authentication Bypass by Spoofing in OPC UA .NET Standard Stack

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-4rcc-7pg7-f57f. This link is maintained to preserve external references. Original Description Vulnerability in the OPC UA .NET Standard Stack before 1.5.374.158 allows an unauthorized attacker to bypass...

GHSA-7WWR-H8CM-9JF7 Duplicate Advisory: Authentication Bypass by Spoofing in OPC UA .NET Standard Stack

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-4rcc-7pg7-f57f. This link is maintained to preserve external references. Original Description Vulnerability in the OPC UA .NET Standard Stack before 1.5.374.158 allows an unauthorized attacker to bypass...

CVE-2024-42513

Vulnerability in the OPC UA .NET Standard Stack before 1.5.374.158 allows an unauthorized attacker to bypass application authentication when using HTTPS endpoints...

CVE-2024-42513

Vulnerability in the OPC UA .NET Standard Stack before 1.5.374.158 allows an unauthorized attacker to bypass application authentication when using HTTPS endpoints...

EulerOS 2.0 SP11 : curl (EulerOS-SA-2025-1132)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than...

OPC UA .NET Standard Stack 安全漏洞

OPC UA .NET Standard Stack is an open source C++ framework from the OPC Foundation of America. NET Standard Stack is an open source C++ framework for developing and distributing OPC UA client/server applications. A security vulnerability exists in OPC UA .NET Standard Stack versions prior to...

CVE-2024-42513

CVE-2024-42513 affects the OPC UA .NET Standard Stack prior to 1.5.374.158, allowing an unauthorized attacker to bypass application authentication when using HTTPS endpoints. Affected component: OPC UA .NET Standard Stack. Root cause: authentication bypass due to vulnerability in the stack (exact...

CVE-2024-42513

Vulnerability in the OPC UA .NET Standard Stack before 1.5.374.158 allows an unauthorized attacker to bypass application authentication when using HTTPS endpoints...

EulerOS 2.0 SP11 : curl (EulerOS-SA-2025-1151)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than...

EulerOS 2.0 SP12 : curl (EulerOS-SA-2025-1186)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than...

CVE-2024-42513

Vulnerability in the OPC UA .NET Standard Stack before 1.5.374.158 allows an unauthorized attacker to bypass application authentication when using HTTPS endpoints...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : bind (SUSE-SU-2025:0355-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0355-1 advisory. Update to release 9.18.33 Security Fixes: - CVE-2024-11187: Fixes CPU exhaustion caused by many...

Authentication Bypass by Primary Weakness

Overview OPCFoundation.NetStandard.Opc.Ua is a package that contains the OPC UA reference implementation and is targeting the .NET Standard Library. Affected versions of this package are vulnerable to Authentication Bypass by Primary Weakness when using HTTPS endpoints with a security policy othe...

CVE-2022-3174

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/rdiffweb prior to 2.4.2...

CVE-2022-3251

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/minarca prior to 4.2.2...

MGASA-2025-0036 Updated bind packages fix security vulnerabilities

Many records in the additional section cause CPU exhaustion. CVE-2024-11187 DNS-over-HTTPS implementation suffers from multiple issues under heavy query load. CVE-2024-12705...