Lucene search

K
OpenroboticsRobot Operating System

16 matches found

CVE
CVE
added 2024/02/20 2:15 p.m.3898 views

CVE-2024-25198

Inappropriate pointer order of laser_scan_filter_.reset() and tf_listener_.reset() (amcl_node.cpp) in Open Robotics Robotic Operating Sytstem 2 (ROS2) and Nav2 humble versions leads to a use-after-free.

9.1CVSS6.7AI score0.00074EPSS
CVE
CVE
added 2024/12/06 10:15 p.m.54 views

CVE-2024-41650

Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2_costmap_2d.

9.8CVSS7.4AI score0.00139EPSS
CVE
CVE
added 2024/12/06 10:15 p.m.52 views

CVE-2024-44852

Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble was discovered to contain a segmentation violation via the component theta_star::ThetaStar::isUnsafeToPlan().

9.8CVSS7.4AI score0.00137EPSS
CVE
CVE
added 2024/12/06 10:15 p.m.50 views

CVE-2024-38927

Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a use-after-free via the nav2_amcl process. This vulnerability is triggered via remotely sending a request to change the value of dynamic-parameter /amcl do_beamskip.

9.8CVSS7.5AI score0.00137EPSS
CVE
CVE
added 2024/12/06 10:15 p.m.50 views

CVE-2024-41649

Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the executor_thread_.

9.8CVSS7.4AI score0.0023EPSS
CVE
CVE
added 2024/12/06 10:15 p.m.49 views

CVE-2024-38921

Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a use-after-free via the nav2_amcl process. This vulnerability is triggered via remotely sending a request for change the value of dynamic-parameter/amcl z_rand .

9.8CVSS7.7AI score0.00137EPSS
CVE
CVE
added 2024/12/06 10:15 p.m.49 views

CVE-2024-38925

Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a use-after-free via the nav2_amcl process. This vulnerability is triggered via remotely sending a request for change the value of dynamic-parameter/amcl z_max .

9.8CVSS7.5AI score0.00137EPSS
CVE
CVE
added 2024/12/06 10:15 p.m.47 views

CVE-2024-41646

Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2_dwb_controller.

9.8CVSS7.7AI score0.0023EPSS
CVE
CVE
added 2024/12/06 10:15 p.m.45 views

CVE-2024-41648

Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2_regulated_pure_pursuit_controller.

9.8CVSS7.7AI score0.00139EPSS
CVE
CVE
added 2024/12/06 10:15 p.m.43 views

CVE-2024-38926

Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a use-after-free via the nav2_amcl process. This vulnerability is triggered via remotely sending a request for change the value of dynamic-parameter /amcl z_short.

9.8CVSS7.5AI score0.00137EPSS
CVE
CVE
added 2024/12/06 10:15 p.m.43 views

CVE-2024-41645

Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2__amcl.

9.8CVSS7.4AI score0.0023EPSS
CVE
CVE
added 2024/12/06 10:15 p.m.42 views

CVE-2024-38923

Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a use-after-free via the nav2_amcl process. This vulnerability is triggered via remotely sending a request to change the value of dynamic-parameter/amcl odom_frame_id .

9.8CVSS7.6AI score0.00095EPSS
CVE
CVE
added 2024/12/06 10:15 p.m.42 views

CVE-2024-38924

Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a use-after-free via the nav2_amcl process. This vulnerability is triggered via remotely sending a request to change the value of dynamic-parameter/amcl laser_model_type .

9.8CVSS7.6AI score0.00095EPSS
CVE
CVE
added 2024/12/06 10:15 p.m.42 views

CVE-2024-41644

Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via the dyn_param_handler_ component.

9.8CVSS7.8AI score0.0023EPSS
CVE
CVE
added 2024/12/06 10:15 p.m.41 views

CVE-2024-38922

Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble version was discovered to contain a heap overflow in the nav2_amcl process. This vulnerability is triggered via sending a crafted message to the component /initialpose.

9.8CVSS7.8AI score0.00135EPSS
CVE
CVE
added 2024/12/06 10:15 p.m.38 views

CVE-2024-41647

Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2_mppi_controller.

9.8CVSS7.7AI score0.0023EPSS