An XXE vulnerability in the OPC UA Java and .NET Legacy Stack can allow remote malicious users to trigger a denial of service.
opcfoundation ua-.net-legacy
opcfoundation ua-java