106 matches found
CVE-2021-34125
An issue discovered in Yuneec Mantis Q and PX4-Autopilot v 1.11.3 and below allow attacker to gain access to sensitive information via various nuttx commands...
CVE-2021-26461
Apache Nuttx Versions prior to 10.1.0 are vulnerable to integer wrap-around in functions malloc, realloc and memalign. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...
CVE-2020-1939
The Apache NuttX Incubating project provides an optional separate "apps" repository which contains various optional components and example programs. One of these, ftpd, had a NULL pointer dereference bug. The NuttX RTOS itself is not affected. Users of the optional apps repository are affected on...
CVE-2020-17529
Out-of-bounds Write vulnerability in TCP Stack of Apache NuttX incubating versions up to and including 9.1.0 and 10.0.0 allows attacker to corrupt memory by supplying and invalid fragmentation offset value specified in the IP header. This is only impacts builds with both CONFIGEXPERIMENTAL and...
CVE-2018-20578
An issue was discovered in NuttX before 7.27. The function netlibparsehttpurl in apps/netutils/netlib/netlibparsehttpurl.c mishandles URLs longer than hostlen bytes in the webclient, this is set by default to 40, leading to an Infinite Loop. The attack vector is the Location header of an HTTP 3xx...
CVE-2025-25057 third_party_NuttX has a memory leak vulnerability
in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release of memory...
CVE-2025-25057 third_party_NuttX has a memory leak vulnerability
in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release of memory...
CVE-2021-34125
An issue discovered in Yuneec Mantis Q and PX4-Autopilot v 1.11.3 and below allow attacker to gain access to sensitive information via various nuttx commands...
CVE-2021-34125
An issue discovered in Yuneec Mantis Q and PX4-Autopilot v 1.11.3 and below allow attacker to gain access to sensitive information via various nuttx commands...
Command injection
An issue discovered in Yuneec Mantis Q and PX4-Autopilot v 1.11.3 and below allow attacker to gain access to sensitive information via various nuttx commands...
CVE-2021-34125
CVE-2021-34125 concerns Yuneec Mantis Q and PX4-Autopilot v1.11.3 and earlier where sensitive information can be leaked via various nuttx commands. The PX4-Autopilot impact is supported by PT-2023-12246, which recommends updating PX4-Autopilot to versions above 1.11.3 to resolve the issue; for Yu...
CVE-2021-34125
An issue discovered in Yuneec Mantis Q and PX4-Autopilot v 1.11.3 and below allow attacker to gain access to sensitive information via various nuttx commands...
PT-2023-12246 · Yuneec · Yuneec Mantis Q
Name of the Vulnerable Software and Affected Versions: Yuneec Mantis Q affected versions not specified PX4-Autopilot versions 1.11.3 and below Description: An issue in the affected software allows an attacker to gain access to sensitive information via various nuttx commands. Recommendations: For...
CVE-2021-34125
An issue discovered in Yuneec Mantis Q and PX4-Autopilot v 1.11.3 and below allow attacker to gain access to sensitive information via various nuttx commands...
The vulnerability in the implementation of the malloc, realloc, and memalign functions of the Apache Nuttx operating system allows a attacker to cause a service failure or execute arbitrary code.
The vulnerability of the malloc, realloc, and memalign functions in the Apache Nuttx operating system arises due to integer overflow. Exploiting this vulnerability can allow an attacker to cause service failures or execute arbitrary code...
CVE-2021-26461
Apache Nuttx Versions prior to 10.1.0 are vulnerable to integer wrap-around in functions malloc, realloc and memalign. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...
CVE-2021-26461
Apache Nuttx Versions prior to 10.1.0 are vulnerable to integer wrap-around in functions malloc, realloc and memalign. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...
Integer overflow
Apache Nuttx Versions prior to 10.1.0 are vulnerable to integer wrap-around in functions malloc, realloc and memalign. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...
CVE-2021-26461 malloc, realloc and memalign implementations are vulnerable to integer wrap-arounds
Apache Nuttx Versions prior to 10.1.0 are vulnerable to integer wrap-around in functions malloc, realloc and memalign. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...
CVE-2021-26461
Apache NuttX (OS) versions prior to 10.1.0 are affected by CVE-2021-26461 due to integer wrap-around in memory management calls (malloc, realloc, memalign). This can lead to arbitrary memory allocation and outcomes such as a crash or remote code execution. Remediation is to update to 10.1.0 or la...