282 matches found
PT-2024-23592 · Ros2 · Ros2
Name of the Vulnerable Software and Affected Versions: ROS2 Dashing Diademata versions 2 Description: An insecure logging issue allows attacks to obtain sensitive information due to inadequate security measures. Recommendations: For ROS2 Dashing Diademata version 2, update the logging configurati...
PT-2024-23606 · Unknown · Ros Kinetic Kame
Name of the Vulnerable Software and Affected Versions: ROS Kinetic Kame affected versions not specified Description: A buffer overflow issue has been identified. The estimated number of potentially affected devices and details about real-world incidents are not provided. Recommendations: At the...
PT-2024-23589 · Ros2 · Ros2
Name of the Vulnerable Software and Affected Versions: ROS2 Robot Operating System 2 versions 2 Description: A shell injection issue was discovered, allowing remote attackers to potentially exploit the system. Recommendations: For ROS2 version 2, at the moment, there is no information about a new...
PT-2024-23603 · Unknown · Ros Kinetic Kame
Name of the Vulnerable Software and Affected Versions: ROS Kinetic Kame affected versions not specified Description: The issue is related to an OS Command Injection Vulnerability. The estimated number of potentially affected devices worldwide is not available. There is no information about...
PT-2024-23590 · Unknown · Ros2 Dashing Diademata
Name of the Vulnerable Software and Affected Versions: ROS2 Dashing Diademata versions 2 Description: A command injection issue has been found, allowing remote attackers to execute arbitrary commands. Recommendations: For ROS2 Dashing Diademata version 2, update to a version that includes a fix f...
PT-2024-23585 · Ros2 · Ros2
Name of the Vulnerable Software and Affected Versions: ROS2 Dashing Diademata versions 2 Description: An issue in ROS2 allows remote attackers to cause a denial of service DoS via the ROS2 network. Recommendations: For ROS2 Dashing Diademata version 2, update to a version that includes a fix for...
PT-2024-22901 · Ros2 · Ros2
Name of the Vulnerable Software and Affected Versions: ROS2 Robot Operating System 2 Humble Hawksbill versions 2 Description: A command injection issue has been found, allowing remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via External Command...
PT-2024-20809 · Open Robotics · Ros2 +1
Name of the Vulnerable Software and Affected Versions: Open Robotics Robotic Operating Sytstem 2 ROS2 and Nav2 humble versions Description: A NULL pointer dereference issue was discovered via the isCurrent function at /src/layered costmap.cpp. This issue affects the navigation capabilities of the...
Nav2 Security Vulnerability
Nav2 is a navigation framework and system for ROS2. A security vulnerability exists in Nav2 that stems from an incorrect pointer order that can lead to reuse after release...
PT-2024-20810 · Open Robotics · Ros2
Name of the Vulnerable Software and Affected Versions: Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions Description: The issue arises from an inappropriate pointer order of laser scan filter .reset and tf listener .reset in the amcl node.cpp file, leading to a use-after-free...
PT-2024-20811 · Open Robotics · Ros2 +1
Name of the Vulnerable Software and Affected Versions: Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions Description: The issue is related to an inappropriate pointer order of map sub and map freemap in the amcl node.cpp file, leading to a use-after-free. Recommendations: For...
Nav2 Security Vulnerability
Nav2 is a navigation framework and system for ROS2. A security vulnerability exists in Nav2 that stems from a buffer overflow that can be caused by sending a carefully crafted yaml file...
Command injection
OS command injection vulnerability in command processing or system call componentsROS2 Robot Operating System 2 Foxy Fitzroy, with ROSVERSION=2 and ROSPYTHONVERSION=3 allows attackers to run arbitrary commands...
PT-2024-14069 · Ros2 · Ros2
Name of the Vulnerable Software and Affected Versions: ROS2 Robot Operating System 2 versions Foxy Fitzroy Description: The issue is an OS command injection vulnerability in command processing or system call components. This allows attackers to run arbitrary commands. The ROS VERSION is 2 and ROS...
PT-2024-14064 · Ros2 · Ros2
Name of the Vulnerable Software and Affected Versions: ROS2 Robot Operating System 2 Foxy Fitzroy Description: An issue was discovered in shell command execution in ROS2, allowing an attacker to run arbitrary commands and cause other impacts. The issue is related to the ROS VERSION=2 and ROS PYTH...
Number withdrawn
Robot Operating System is a meta-operating system for robots. This CVE number has been withdrawn...
Number withdrawn
Robot Operating System is a meta-operating system for robots. This CVE number has been withdrawn...
PT-2024-14070 · Unknown · Ros2 Foxy Fitzroy
Name of the Vulnerable Software and Affected Versions: ROS2 Foxy Fitzroy versions 2 Description: Insecure deserialization in ROS2 allows attackers to execute arbitrary code via a crafted input. The issue affects ROS2 Foxy Fitzroy with ROS VERSION=2 and ROS PYTHON VERSION=3. Recommendations: For...
CVE-2023-51197
An issue in ROS2 Foxy Fitzroy allows command injection through shell command execution when ROS_VERSION=2 and ROS_PYTHON_VERSION=3. Root cause: vulnerable shell command pathway in ROS2. Impact: arbitrary commands and potential further effects as described. No exploit details provided in the docum...
PT-2024-14068 · Ros2 · Ros2
Name of the Vulnerable Software and Affected Versions: ROS2 Robot Operating System 2 Foxy Fitzroy versions 2 Description: The issue allows attackers to access sensitive information via a man-in-the-middle attack due to cleartext transmission. This can be exploited to gain unauthorized access to...