CVE-2019-19625

SROS 2 0.8.1 which provides the tools that generate and distribute keys for Robot Operating System 2 and uses the underlying security plugins of DDS from ROS 2 leaks node information due to a leaky default configuration as indicated in the policy/defaults/dds/governance.xml document...

CVE-2019-19625

SROS 2 0.8.1 which provides the tools that generate and distribute keys for Robot Operating System 2 and uses the underlying security plugins of DDS from ROS 2 leaks node information due to a leaky default configuration as indicated in the policy/defaults/dds/governance.xml document...

CVE-2019-19627

SROS 2 0.8.1 after CVE-2019-19625 is mitigated leaks ROS 2 node-related information regardless of the rtpsprotectionkind configuration. SROS2 provides the tools to generate and distribute keys for Robot Operating System 2 and uses the underlying security plugins of DDS from ROS 2...

Design/Logic Flaw

SROS 2 0.8.1 after CVE-2019-19625 is mitigated leaks ROS 2 node-related information regardless of the rtpsprotectionkind configuration. SROS2 provides the tools to generate and distribute keys for Robot Operating System 2 and uses the underlying security plugins of DDS from ROS 2...

CVE-2019-19625

CVE-2019-19625 affects SROS 2 0.8.1 (used with ROS 2) where a leaky default configuration in policy/defaults/dds/governance.xml leads to disclosure of node information. The vulnerability stems from how keys are generated/distributed by SROS 2 and its reliance on DDS security plugins; the leak is ...

CVE-2019-19625

SROS 2 0.8.1 which provides the tools that generate and distribute keys for Robot Operating System 2 and uses the underlying security plugins of DDS from ROS 2 leaks node information due to a leaky default configuration as indicated in the policy/defaults/dds/governance.xml document...

CVE-2019-19627

CVE-2019-19627 concerns SROS 2.0.8.1 leaking ROS 2 node–related information regardless of rtps_protection_kind, due to insecure/default configuration behavior described in related CVEs (notably CVE-2019-19625). The vulnerability centers on information disclosure of node details from SROS2/DDS int...

CVE-2019-19627

SROS 2 0.8.1 after CVE-2019-19625 is mitigated leaks ROS 2 node-related information regardless of the rtpsprotectionkind configuration. SROS2 provides the tools to generate and distribute keys for Robot Operating System 2 and uses the underlying security plugins of DDS from ROS 2...

EulerOS 2.0 SP5 : ImageMagick (EulerOS-SA-2019-1970)

According to the versions of the ImageMagick packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack o...

Ransomware Hits Dental Data Backup Service Offering Ransomware Protection

THIS WEEK IN THE IRONIC NEWS: DDS Safe, an online cloud-based data backup system that hundreds of dental practice offices across the United States are using to safeguard medical records and other information of their patients from ransomware attacks has been hit with ransomware. Provided by two...

CVE-2019-15135

The handshake protocol in Object Management Group OMG DDS Security 1.1 sends cleartext information about all of the capabilities of a participant including capabilities inapplicable to the current session, which makes it easier for attackers to discover potentially sensitive reachability...

CVE-2019-15136

The Access Control plugin in eProsima Fast RTPS through 1.9.0 does not check partition permissions from remote participant connections, which can lead to policy bypass for a secure Data Distribution Service DDS partition...

Design/Logic Flaw

The handshake protocol in Object Management Group OMG DDS Security 1.1 sends cleartext information about all of the capabilities of a participant including capabilities inapplicable to the current session, which makes it easier for attackers to discover potentially sensitive reachability...

Design/Logic Flaw

The Access Control plugin in eProsima Fast RTPS through 1.9.0 allows fnmatch pattern matches with topic name strings instead of the permission expressions themselves, which can lead to unintended connections between participants in a Data Distribution Service DDS network...

CVE-2019-15137

The Access Control plugin in eProsima Fast RTPS through 1.9.0 allows fnmatch pattern matches with topic name strings instead of the permission expressions themselves, which can lead to unintended connections between participants in a Data Distribution Service DDS network...

CVE-2019-15137

The CVE-2019-15137 vulnerability affects the Access Control plugin in eProsima Fast RTPS (through version 1.9.0). The root cause is that fnmatch pattern matching is applied to topic name strings instead of the permission expressions themselves, enabling unintended connections between participants...

CVE-2019-15135

The CVE-2019-15135 issue is in the handshake protocol of OMG DDS Security 1.1, which transmits cleartext information about a participant’s capabilities (including session-inapplicable ones). This leakage enables an attacker to discover potentially sensitive reachability information on a DDS netwo...

CVE-2019-15135

The handshake protocol in Object Management Group OMG DDS Security 1.1 sends cleartext information about all of the capabilities of a participant including capabilities inapplicable to the current session, which makes it easier for attackers to discover potentially sensitive reachability...

dds-steentapijt.be XSS vulnerability

Open Bug Bounty ID: OBB-700925 Description| Value ---|--- Affected Website:| dds-steentapijt.be Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidd...

ImageMagick Denial of Service Vulnerability (CNVD-2018-00589)

ImageMagick is a software for creating, editing, and compositing images that can read, convert, and write images in many formats. A denial of service vulnerability exists in the ReadDDSInfo function in coders/dds.c in ImageMagick 7.0.7-12 Q16. An attacker can exploit this vulnerability to cause a...