115 matches found
PYSEC-2026-888 Uncontrolled Resource Consumption in asyncua and opcua
All versions of package opcua; all versions of package asyncua are vulnerable to Denial of Service DoS due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited numb...
CVE-2025-11482
The vulnerability CVE-2025-11482 concerns the OPC-UA Server component used in PPT30. An unauthenticated, network-based attacker can exploit an Allocation of Resources Without Limits or Throttling vulnerability on affected systems running operating system versions before 1.8.0, potentially renderi...
EUVD-2009-3224
Malware in sbrugna...
EUVD-2019-9400
Malware in sbrugna...
EUVD-2022-6609
Malicious code in bioql PyPI...
EUVD-2022-6517
Malicious code in bioql PyPI...
EUVD-2022-6479
Malicious code in bioql PyPI...
EUVD-2022-6567
Malicious code in bioql PyPI...
EUVD-2024-53528
Malicious code in bioql PyPI...
EUVD-2022-6584
Malicious code in bioql PyPI...
EUVD-2022-6631
Malicious code in bioql PyPI...
CVE-2019-19802
In Gallagher Command Centre Server v8.10 prior to v8.10.1134MR4, v8.00 prior to v8.00.1161MR5, v7.90 prior to v7.90.991MR5, v7.80 prior to v7.80.960MR2 and v7.70 or earlier, an authenticated user connecting to OPCUA can view all data that would be replicated in a multi-server setup without...
CVE-2024-57086
A prototype pollution in the function fieldsToJson of node-opcua-alarm-condition v2.134.0 allows attackers to cause a Denial of Service DoS via supplying a crafted payload...
@frangoteam/fuxa (>=1.1.19 <=1.2.4), @frangoteam/fuxa-min (>=1.1.19 <=1.2.4) +11 more potentially affected by CVE-2024-57086 via node-opcua-alarm-condition (>=2.119.0 <=2.134.0)
node-opcua-alarm-condition NPM version =2.119.0, =1.1.19, =1.1.19, =2.3.1, =2.119.0, =2.119.0, =2.119.0, =2.119.0, =2.119.0, =2.119.0, =2.119.0, =2.119.0, =0.1.0, =0.1.7 - node-red-contrib-opcua-test =0.0.3 Source cves: CVE-2024-57086 Source advisory: OSV:GHSA-GVWQ-6FMX-28XM...
GHSA-GVWQ-6FMX-28XM node-opcua-alarm-condition prototype pollution vulnerability
A prototype pollution in the function fieldsToJson of node-opcua-alarm-condition v2.134.0 allows attackers to cause a Denial of Service DoS via supplying a crafted payload...
node-opcua-alarm-condition prototype pollution vulnerability
A prototype pollution in the function fieldsToJson of node-opcua-alarm-condition v2.134.0 allows attackers to cause a Denial of Service DoS via supplying a crafted payload...
CVE-2024-57086
A prototype pollution in the function fieldsToJson of node-opcua-alarm-condition v2.134.0 allows attackers to cause a Denial of Service DoS via supplying a crafted payload...
CVE-2024-57086
A prototype pollution in the function fieldsToJson of node-opcua-alarm-condition v2.134.0 allows attackers to cause a Denial of Service DoS via supplying a crafted payload...
CVE-2024-57086
A prototype pollution in the function fieldsToJson of node-opcua-alarm-condition v2.134.0 allows attackers to cause a Denial of Service DoS via supplying a crafted payload...
node-opcua 安全漏洞
node-opcua is a French Sterfive SAS open source implementation of an OPC UA stack written entirely in Typescript for NodeJS. A security vulnerability exists in node-opcua version v2.134.0, which stems from the fieldsToJson function containing a prototype contamination vulnerability...