CVE-2021-34125

An issue discovered in Yuneec Mantis Q and PX4-Autopilot v 1.11.3 and below allow attacker to gain access to sensitive information via various nuttx commands.

CVE-2024-24254

PX4 Autopilot 1.14 and earlier, due to the lack of synchronization mechanism for loading geofence data, has a Race Condition vulnerability in the geofence.cpp and mission_feasibility_checker.cpp. This will result in the drone uploading overlapping geofences and mission routes.

CVE-2023-47625

PX4 autopilot is a flight control solution for drones. In affected versions a global buffer overflow vulnerability exists in the CrsfParser_TryParseCrsfPacket function in /src/drivers/rc/crsf_rc/CrsfParser.cpp:298 due to the invalid size check. A malicious user may create an RC packet remotely and ...

CVE-2024-40427

Stack Buffer Overflow in PX4-Autopilot v1.14.3, which allows attackers to execute commands to exploit this vulnerability and cause the program to refuse to execute

CVE-2023-46256

PX4-Autopilot provides PX4 flight control solution for drones. In versions 1.14.0-rc1 and prior, PX4-Autopilot has a heap buffer overflow vulnerability in the parser function due to the absence of parserbuf_index value checking. A malfunction of the sensor device can cause a heap buffer overflow wi...

CVE-2024-24255

A Race Condition discovered in geofence.cpp and mission_feasibility_checker.cpp in PX4 Autopilot 1.14 and earlier allows attackers to send drones on unintended missions.

CVE-2024-30799

An issue in PX4 Autopilot v1.14 and before allows a remote attacker to execute arbitrary code and cause a denial of service via the Breach Return Point function.