Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In December 2024
CVE-2024-44852
Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble was discovered to contain a segmentation violation via the component theta_star::ThetaStar::isUnsafeToPlan().
CVSS Score
9.8
EPSS Score
0.002
Published
2024-12-06
CVE-2024-44853
Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble was discovered to contain a NULL pointer dereference via the component computeControl().
CVSS Score
7.5
EPSS Score
0.002
Published
2024-12-06
CVE-2024-44854
Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble was discovered to contain a NULL pointer dereference via the component smoothPlan().
CVSS Score
7.5
EPSS Score
0.002
Published
2024-12-06
CVE-2024-44855
Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble was discovered to contain a NULL pointer dereference via the component nav2_navfn_planner().
CVSS Score
7.5
EPSS Score
0.002
Published
2024-12-06
CVE-2024-44856
Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble was discovered to contain a NULL pointer dereference via the component nav2_smac_planner().
CVSS Score
7.5
EPSS Score
0.002
Published
2024-12-06
CVE-2024-54138
NuGet Gallery is a package repository that powers nuget.org. The NuGetGallery has a security vulnerability related to its handling of autolinks in Markdown content. While the platform properly filters out JavaScript from standard links, it does not adequately sanitize autolinks. This oversight allows attackers to exploit autolinks as a vector for Cross-Site Scripting (XSS) attacks. This vulnerability is fixed in 2024.12.06.
CVSS Score
6.1
EPSS Score
0.003
Published
2024-12-06
CVE-2024-38925
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a use-after-free via the nav2_amcl process. This vulnerability is triggered via remotely sending a request for change the value of dynamic-parameter`/amcl z_max` .
CVSS Score
9.8
EPSS Score
0.002
Published
2024-12-06
CVE-2024-38926
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a use-after-free via the nav2_amcl process. This vulnerability is triggered via remotely sending a request for change the value of dynamic-parameter `/amcl z_short`.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-12-06
CVE-2024-38927
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a use-after-free via the nav2_amcl process. This vulnerability is triggered via remotely sending a request to change the value of dynamic-parameter `/amcl do_beamskip`.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-12-06
CVE-2024-41644
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via the dyn_param_handler_ component.
CVSS Score
9.8
EPSS Score
0.003
Published
2024-12-06


Products
Pricing
Contact Us

Shodan ® - All rights reserved