153 matches found
CVE-2024-37861
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a buffer overflow via the nav2amcl process. This vulnerability is triggered via sending a crafted .yaml file...
CVE-2024-30961
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the error-thrown mechanism in nav2btnavigator...
CVE-2024-30962
Buffer Overflow vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the nav2amcl process...
CVE-2024-30964
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the initialposesub thread created by nav2btnavigator...
CVE-2024-37862
Buffer Overflow vulnerability in Open Robotic Robotic Operating System 2 ROS2 navigation2- ROS2-humble&& navigation2-humble allows a local attacker to execute arbitrary code via a crafted .yaml file to the nav2planner process...
CVE-2024-30964
CVE-2024-30964 affects ROS2 navigation2 (navigation2-humble) with an Insecure Permissions flaw in the nav2_bt_navigator’s initial_pose_sub thread. A local attacker could execute arbitrary code, as the vulnerability allows local code execution with low privileges and no user interaction required. ...
CVE-2024-30961
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the error-thrown mechanism in nav2btnavigator...
CVE-2024-38910
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble version was discovered to contain a use-after-free in the nav2amcl process. This vulnerability is triggered via sending a request to change dynamic parameters...
CVE-2024-30961
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the error-thrown mechanism in nav2btnavigator...
CVE-2024-30964
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the initialposesub thread created by nav2btnavigator...
CVE-2024-30962
The vulnerability CVE-2024-30962 affects Open Robotics ROS 2 navigation2 (navigation2-humble) with a buffer overflow in the nav2_amcl process. A local attacker can exploit this to execute arbitrary code. The issue is documented across multiple sources (e.g., NVD, Red Hat, CNNVD, CIRCL) with a CVS...
CVE-2024-30963
Buffer Overflow vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via a crafted script...
PT-2024-27794 · Open Robotics · Ros2 +1
Name of the Vulnerable Software and Affected Versions: Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions Description: The issue is a buffer overflow vulnerability triggered by sending a crafted .yaml file via the nav2 amcl process. Recommendations: For Open Robotics Robotic...
CVE-2024-38920
CVE-2024-38920 affects Open Robotics ROS 2 (ROS2) and Nav2 humble, describing a use-after-free in the nav2_amcl process. The vulnerability is triggered by remotely sending a request to change the dynamic parameter /amcl max_beams, enabling network-based attack with no user interaction. The CVSS 3...
CVE-2024-37861
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a buffer overflow via the nav2amcl process. This vulnerability is triggered via sending a crafted .yaml file...
CVE-2024-38910
CVE-2024-38910 affects ROS2/Nav2 humble and specifically the nav2_amcl process, where a use-after-free vulnerability is triggered by a request to change dynamic parameters. Reported across Red Hat, NVD, CVE lists and CNVD/CNNVD families, the issue is described as a post-release reuse in nav2_amcl...
CVE-2024-37863
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a buffer overflow via the nav2amcl process. This vulnerability is triggered via sending a crafted .yaml file...
CVE-2024-38910
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble version was discovered to contain a use-after-free in the nav2amcl process. This vulnerability is triggered via sending a request to change dynamic parameters...
PT-2024-27792 · Open Robotics · Ros2 +1
Name of the Vulnerable Software and Affected Versions: Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions Description: The issue is a buffer overflow that occurs via the nav2 amcl process. This is triggered by sending a crafted .yaml file. Recommendations: For Open Robotics...
CVE-2024-30963
Buffer Overflow vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via a crafted script...