CVE-2026-32705

PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, the BST telemetry probe writes a string terminator using a device-provided length without bounds. A malicious BST device can report an oversized devnamelen, causing a stack overflow in the driver and crashing the task or...

PX4-Autopilot 安全漏洞

PX4-Autopilot is an open-source drone autopilot system developed by PX4. Versions of PX4-Autopilot prior to 1.17.0-rc2 contained security vulnerabilities. These vulnerabilities stemmed from the BST telemetry probe’s use of a length-based string terminator without proper boundary checks, which cou...

CVE-2026-32705

PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, the BST telemetry probe writes a string terminator using a device-provided length without bounds. A malicious BST device can report an oversized devnamelen, causing a stack overflow in the driver and crashing the task or...

CVE-2026-32705 PX4 autopilot BST Device Name Length Can Overflow Driver Buffer

PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, the BST telemetry probe writes a string terminator using a device-provided length without bounds. A malicious BST device can report an oversized devnamelen, causing a stack overflow in the driver and crashing the task or...

CVE-2026-32705

Summary: The CVE affects the PX4 autopilot BST telemetry driver. Before version 1.17.0-rc2, the BST device can report an oversized dev_name_len, and the driver writes a string terminator without bounds, causing a stack overflow that can crash the task or enable code execution. Root cause: device-...

CVE-2019-25293

BlueStacks App Player 2.4.44.62.57 contains an unquoted service path vulnerability in the BstHdLogRotatorSvc service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files x86\Bluestacks\HD-LogRotatorService.exe to inject...

OPENSUSE-SU-2024:11436-1 texlive-biolett-bst-2021.186.svn42217-45.2 on GA media

These are all security issues fixed in the texlive-biolett-bst-2021.186.svn42217-45.2 package on the GA media of openSUSE Tumbleweed...

bst-zeitarbeit.de Improper Access Control vulnerability OBB-3817800

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

bst-anime.com Cross Site Scripting vulnerability OBB-2884945

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

bst-gmbh.de XSS vulnerability

Open Bug Bounty ID: OBB-719288 Description| Value ---|--- Affected Website:| bst-gmbh.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden unti...

bst-moto.com XSS vulnerability

Open Bug Bounty ID: OBB-716811 Description| Value ---|--- Affected Website:| bst-moto.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden unt...

BST (BestShopPro) - 'nowosci.php' Multiple Vulnerabilities

Exploit Title: BST - BestShopPro nowosci.php Multiple Vulnerabilities Author : CoBRa21 E-Mail : uykucu at windowslive.com Google Dork : "Powered By BST" Script Page : http://www.bst.pl XSS: http://127.0.0.1/nowosci.php?a=1&str=alert/CoBRa21/ HTML: http://127.0.0.1/nowosci.php?a=1&str=CoBRa21 SQL ...