Lucene search
+L

283 matches found

Vulnrichment
Vulnrichment
added 2025/07/17 7:12 p.m.6 views

CVE-2024-39835 Unsafe use of eval() method in roslaunch tool

A code injection vulnerability has been identified in the Robot Operating System ROS 'roslaunch' command-line tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability arises from the use of the eval method to process user-supplied, unsanitized parameter values within the...

7.8CVSS7.3AI score0.00175EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/17 7:12 p.m.15 views

CVE-2024-39835 Unsafe use of eval() method in roslaunch tool

A code injection vulnerability has been identified in the Robot Operating System ROS 'roslaunch' command-line tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability arises from the use of the eval method to process user-supplied, unsanitized parameter values within the...

7.8CVSS0.00175EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2025/07/17 7:12 p.m.8 views

CVE-2024-39835

A code injection vulnerability has been identified in the Robot Operating System ROS 'roslaunch' command-line tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability arises from the use of the eval method to process user-supplied, unsanitized parameter values within the...

7.8CVSS5.9AI score0.00175EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/07/17 7:11 p.m.6 views

CVE-2024-39289

A code execution vulnerability has been discovered in the Robot Operating System ROS 'rosparam' tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability stems from the use of the eval function to process unsanitized, user-supplied parameter values via special converters fo...

7.8CVSS6.4AI score0.00177EPSS
Exploits0
CVE
CVE
added 2025/07/17 7:11 p.m.33 views

CVE-2024-39289

The CVE-2024-39289 entry concerns the ROS rosparam tool. Affected software: Robot Operating System (ROS) distributions Noetic Ninjemys and earlier, where rosparam processes unsanitized parameter values using special converters for angle representations in radians. Root cause: use of Python’s eval...

7.8CVSS7.5AI score0.00177EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/07/17 7:11 p.m.15 views

CVE-2024-39289 Unsafe use of eval() method in rosparam tool

A code execution vulnerability has been discovered in the Robot Operating System ROS 'rosparam' tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability stems from the use of the eval function to process unsanitized, user-supplied parameter values via special converters fo...

7.8CVSS0.00177EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/07/17 12:0 a.m.6 views

Robot Operating System 代码注入漏洞

Robot Operating System is a meta-operating system for ROS 2 open source robots. A security vulnerability exists in Robot Operating System that stems from the hz verb of the rostopic tool using the eval function to process uncleaned user input, which could lead to the execution of arbitrary code...

7.8CVSS6.7AI score0.0019EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/07/17 12:0 a.m.7 views

Robot Operating System 代码注入漏洞

Robot Operating System is a meta-operating system for ROS 2 open source robots. A security vulnerability exists in Robot Operating System that stems from the rosparam tool's use of the eval function to process uncleaned user input, which could lead to the execution of arbitrary Python code...

7.8CVSS6.6AI score0.00177EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/07/17 12:0 a.m.6 views

PT-2025-29951 · Unknown +1 · Robot Operating System +1

Name of the Vulnerable Software and Affected Versions: Robot Operating System ROS versions prior to Noetic Ninjemys Description: A code injection issue exists in the 'roslaunch' command-line tool due to the use of the eval method to process unsanitized parameter values within the substitution arg...

7.8CVSS7.3AI score0.00175EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2025/07/17 12:0 a.m.6 views

PT-2025-29952 · Unknown +1 · Robot Operating System +1

Name of the Vulnerable Software and Affected Versions: Robot Operating System ROS versions prior to Noetic Ninjemys Description: A code injection issue exists in the 'rostopic' command-line tool. The vulnerability is located in the 'hz' verb, which uses the --filter option to accept a user-provid...

7.8CVSS7.1AI score0.0019EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2025/07/17 12:0 a.m.14 views

PT-2025-29950 · Unknown +1 · Robot Operating System +1

Name of the Vulnerable Software and Affected Versions: Robot Operating System ROS versions prior to Noetic Ninjemys Description: A code execution issue exists in the 'rosparam' tool due to the use of the eval function with unsanitized, user-supplied parameter values. This occurs when processing...

7.8CVSS7.2AI score0.00177EPSS
Exploits0References14
CNNVD
CNNVD
added 2025/07/17 12:0 a.m.9 views

Robot Operating System 代码注入漏洞

Robot Operating System is a meta-operating system for ROS 2 open source robots. A security vulnerability exists in Robot Operating System that stems from the roslaunch tool's use of the eval method to process uncleaned user input, which could lead to the execution of arbitrary Python code...

7.8CVSS6.6AI score0.00175EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/07/17 12:0 a.m.6 views

Robot Operating System 安全漏洞

Robot Operating System is a meta-operating system for ROS 2 open source robots. A security vulnerability exists in Robot Operating System that stems from the echo verb of the rostopic tool using the eval function to process uncleared user input, which could lead to the execution of arbitrary code...

7.8CVSS6.7AI score0.0019EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/07/17 12:0 a.m.14 views

PT-2025-29953 · Unknown +1 · Robot Operating System +1

Name of the Vulnerable Software and Affected Versions: Robot Operating System ROS versions prior to Noetic Ninjemys Description: A code injection issue exists in the rostopic command-line tool within the Robot Operating System ROS. The vulnerability is located in the echo verb, which utilizes the...

7.8CVSS7.1AI score0.0019EPSS
Exploits0References13
CNNVD
CNNVD
added 2025/07/17 12:0 a.m.7 views

Robot Operating System 安全漏洞

Robot Operating System is a meta-operating system for ROS 2 open source robots. A security vulnerability exists in Robot Operating System that stems from the rosbag tool's use of the eval function to process uncleaned user input, which could lead to the execution of arbitrary Python code...

7.8CVSS6.6AI score0.00195EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 9:17 a.m.4 views

CVE-2024-30961

Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the error-thrown mechanism in nav2btnavigator...

7.8CVSS7.6AI score0.00297EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:14 a.m.5 views

CVE-2024-30964

Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the initialposesub thread created by nav2btnavigator...

7.8CVSS7.6AI score0.00226EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:13 a.m.6 views

CVE-2024-30962

Buffer Overflow vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the nav2amcl process...

7.8CVSS7.6AI score0.00291EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:5 a.m.6 views

CVE-2024-38927

Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggered via remotely sending a request to change the value of dynamic-parameter /amcl dobeamskip...

9.8CVSS5.9AI score0.00571EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:4 a.m.5 views

CVE-2024-38923

Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggered via remotely sending a request to change the value of dynamic-parameter/amcl odomframeid...

9.8CVSS5.9AI score0.00545EPSS
Exploits1References1
Rows per page
Query Builder