Show filters
16,723 Total Results
Displaying 701-710 of 10,000
Refine your search criteria for more targeted results.
Sort by:
Attacker Value
Unknown

CVE-2024-38924

Disclosure Date: December 06, 2024 (last updated February 27, 2025)
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a use-after-free via the nav2_amcl process. This vulnerability is triggered via remotely sending a request to change the value of dynamic-parameter`/amcl laser_model_type` .
Attacker Value
Unknown

CVE-2024-38923

Disclosure Date: December 06, 2024 (last updated February 27, 2025)
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a use-after-free via the nav2_amcl process. This vulnerability is triggered via remotely sending a request to change the value of dynamic-parameter`/amcl odom_frame_id` .
Attacker Value
Unknown

CVE-2024-38922

Disclosure Date: December 06, 2024 (last updated February 27, 2025)
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble version was discovered to contain a heap overflow in the nav2_amcl process. This vulnerability is triggered via sending a crafted message to the component /initialpose.
Attacker Value
Unknown

CVE-2024-38921

Disclosure Date: December 06, 2024 (last updated February 27, 2025)
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a use-after-free via the nav2_amcl process. This vulnerability is triggered via remotely sending a request for change the value of dynamic-parameter`/amcl z_rand ` .
Attacker Value
Unknown

CVE-2024-11220

Disclosure Date: December 06, 2024 (last updated February 27, 2025)
A local low-level user on the server machine with credentials to the running OAS services can create and execute a report with an rdlx file on the server system itself. Any code within the rdlx file of the report executes with SYSTEM privileges, resulting in privilege escalation.
Attacker Value
Unknown

CVE-2024-4633

Disclosure Date: December 06, 2024 (last updated February 27, 2025)
The Slider and Carousel slider by Depicter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘addExtraMimeType’ function in versions up to, and including, 3.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Attacker Value
Unknown

CVE-2024-12060

Disclosure Date: December 06, 2024 (last updated February 27, 2025)
The WP Media Optimizer (.webp) plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘wpmowebp-css-resources’ and 'wpmowebp-js-resources' parameters in all versions up to, and including, 1.4.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Attacker Value
Unknown

CVE-2024-11339

Disclosure Date: December 06, 2024 (last updated February 27, 2025)
The Smart PopUp Blaster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'spb-button' shortcode in all versions up to, and including, 1.4.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Attacker Value
Unknown

CVE-2024-11149

Disclosure Date: December 06, 2024 (last updated December 21, 2024)
In OpenBSD 7.4 before errata 014, vmm(4) did not restore GDTR limits properly on Intel (VMX) CPUs.
0
Attacker Value
Unknown

CVE-2024-30962

Disclosure Date: December 05, 2024 (last updated February 27, 2025)
Buffer Overflow vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the nav2_amcl process

This site uses cookies for anonymized analytics. For more information or to change your cookie settings, view our Cookie Policy.