CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-41151
https://notcve.org/view.php?id=CVE-2023-41151
14 Dec 2023 — An uncaught exception issue discovered in Softing OPC UA C++ SDK before 6.30 for Windows operating system may cause the application to crash when the server wants to send an error packet, while socket is blocked on writing. Un problema de excepción no detectado descubierto en Softing OPC UA C++ SDK anterior a 6.30 para el sistema operativo Windows puede causar que la aplicación falle cuando el servidor quiere enviar un paquete de error, mientras el socket está bloqueado al escribir. • https://industrial.softing.com/fileadmin/psirt/downloads/2023/syt-2023-3.html • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-40828 – TLS hostname validation issues within AWS IoT Device SDKs on Windows
https://notcve.org/view.php?id=CVE-2021-40828
22 Nov 2021 — Connections initialized by the AWS IoT Device SDK v2 for Java (versions prior to 1.3.3), Python (versions prior to 1.5.18), C++ (versions prior to 1.12.7) and Node.js (versions prior to 1.5.1) did not verify server certificate hostname during TLS handshake when overriding Certificate Authorities (CA) in their trust stores on Windows. This issue has been addressed in aws-c-io submodule versions 0.9.13 onward. This issue affects: Amazon Web Services AWS IoT Device SDK v2 for Java versions prior to 1.3.3 on Mi... • https://github.com/aws/aws-iot-device-sdk-cpp-v2 • CWE-295: Improper Certificate Validation •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-8479
https://notcve.org/view.php?id=CVE-2018-8479
13 Sep 2018 — A spoofing vulnerability exists for the Azure IoT Device Provisioning for the C SDK library using the HTTP protocol on Windows platform, aka "Azure IoT SDK Spoofing Vulnerability." This affects C SDK. Existe una vulnerabilidad de suplantación en la biblioteca Azure IoT Device Provisioning para C SDK al emplear el protocolo HTTP en una plataforma Windows. Esto también se conoce como "Azure IoT SDK Spoofing Vulnerability". Esto afecta a C SDK. • http://www.securityfocus.com/bid/105323 • CWE-295: Improper Certificate Validation •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2018-8119
https://notcve.org/view.php?id=CVE-2018-8119
09 May 2018 — A spoofing vulnerability exists when the Azure IoT Device Provisioning AMQP Transport library improperly validates certificates over the AMQP protocol, aka "Azure IoT SDK Spoofing Vulnerability." This affects C# SDK, C SDK, Java SDK. Existe una vulnerabilidad de suplantación cuando la biblioteca Azure IoT Device Provisioning AMQP Transport valida certificados incorrectamente con el protocolo AMQP. Esto también se conoce como "Azure IoT SDK Spoofing Vulnerability". Esto afecta a C# SDK, C SDK y Java SDK. • http://www.securityfocus.com/bid/104070 • CWE-295: Improper Certificate Validation •