Lucene search

K

Ros Security Vulnerabilities

cve
cve

CVE-2021-37146

An infinite loop in Open Robotics ros_comm XMLRPC server in ROS Melodic through 1.4.11 and ROS Noetic through1.15.11 allows remote attackers to cause a Denial of Service in ros_comm via a crafted XMLRPC...

7.5CVSS

7.3AI Score

0.006EPSS

2021-09-28 01:15 PM
31
cve
cve

CVE-2020-16124

Integer Overflow or Wraparound vulnerability in the XML RPC library of OpenRobotics ros_comm communications packages allows unauthenticated network traffic to cause unexpected behavior. This issue affects: OpenRobotics ros_comm communications packages Noetic and prior versions. Fixed in...

9.8CVSS

9.4AI Score

0.002EPSS

2020-10-13 03:15 PM
26
cve
cve

CVE-2019-13445

An issue was discovered in the ROS communications-related packages (aka ros_comm or ros-melodic-ros-comm) through 1.14.3. parseOptions() in tools/rosbag/src/record.cpp has an integer overflow when a crafted split option can be entered on the command...

9.8CVSS

9.5AI Score

0.011EPSS

2019-12-30 06:15 PM
37
cve
cve

CVE-2019-13465

An issue was discovered in the ROS communications-related packages (aka ros_comm or ros-melodic-ros-comm) through 1.14.3. ROS_ASSERT_MSG only works when ROS_ASSERT_ENABLED is defined. This leads to a problem in the remove() function in clients/roscpp/src/libros/spinner.cpp. When ROS_ASSERT_ENABLED....

8.6CVSS

8.4AI Score

0.001EPSS

2019-12-30 06:15 PM
34
cve
cve

CVE-2019-19625

SROS 2 0.8.1 (which provides the tools that generate and distribute keys for Robot Operating System 2 and uses the underlying security plugins of DDS from ROS 2) leaks node information due to a leaky default configuration as indicated in the policy/defaults/dds/governance.xml...

5.3CVSS

5.1AI Score

0.001EPSS

2019-12-06 04:15 PM
53
cve
cve

CVE-2019-19627

SROS 2 0.8.1 (after CVE-2019-19625 is mitigated) leaks ROS 2 node-related information regardless of the rtps_protection_kind configuration. (SROS2 provides the tools to generate and distribute keys for Robot Operating System 2 and uses the underlying security plugins of DDS from ROS...

5.3CVSS

5.1AI Score

0.003EPSS

2019-12-06 04:15 PM
60
cve
cve

CVE-2019-13566

An issue was discovered in the ROS communications-related packages (aka ros_comm or ros-melodic-ros-comm) through 1.14.3. A buffer overflow allows attackers to cause a denial of service and possibly execute arbitrary code via an IP address with a long...

9.8CVSS

9.8AI Score

0.012EPSS

2019-11-22 09:15 PM
105