9.8

CVSS3.1

CVE-2024-41645 -

Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2__amcl.

๐Ÿ“… Published: Dec. 6, 2024, midnight ๐Ÿ”„ Last Modified: Dec. 13, 2024, 8:27 p.m.

4.8

CVSS3.1

CVE-2024-48703 -

PhpGurukul Medical Card Generation System v1.0 is vulnerable to Cross Site Scripting (XSS) in /admin/search-medicalcard.php via the searchdata parameter.

๐Ÿ“… Published: Dec. 6, 2024, midnight ๐Ÿ”„ Last Modified: Dec. 11, 2024, 5:15 p.m.

8.8

CVSS3.1

CVE-2024-38922 -

Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble version was discovered to contain a heap overflow in the nav2_amcl process. This vulnerability is triggered via sending a crafted message to the component /initialpose.

๐Ÿ“… Published: Dec. 6, 2024, midnight ๐Ÿ”„ Last Modified: Dec. 17, 2024, 8:29 p.m.

9.1

CVSS3.1

CVE-2024-38927 -

Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a use-after-free via the nav2_amcl process. This vulnerability is triggered via remotely sending a request to change the value of dynamic-parameter `/amcl do_beamskip`.

๐Ÿ“… Published: Dec. 6, 2024, midnight ๐Ÿ”„ Last Modified: Dec. 17, 2024, 8:27 p.m.

7.8

CVSS3.1

CVE-2024-53142 - initramfs: avoid filename buffer overrun

In the Linux kernel, the following vulnerability has been resolved: initramfs: avoid filename buffer overrun The initramfs filename field is defined in Documentation/driver-api/early-userspace/buffer-format.rst as: 37 cpio_file := ALGN(4) + cpio_header + filename + "\0" + ALGN(4) + data ... 55โ€ฆ

๐Ÿ“… Published: Dec. 6, 2024, midnight ๐Ÿ”„ Last Modified: Nov. 3, 2025, 9:17 p.m.

7.5

CVSS3.1

CVE-2024-44854 -

Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble was discovered to contain a NULL pointer dereference via the component smoothPlan().

๐Ÿ“… Published: Dec. 6, 2024, midnight ๐Ÿ”„ Last Modified: Dec. 13, 2024, 8:33 p.m.

0.0

CVE-2024-55355 -

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

๐Ÿ“… Published: Dec. 6, 2024, midnight ๐Ÿ”„ Last Modified: Jan. 8, 2025, 1:15 a.m.

6.1

CVSS3.1

CVE-2024-55268 -

A Reflected Cross Site Scripting (XSS) vulnerability was found in /covidtms/registered-user-testing.php in PHPGurukul COVID 19 Testing Management System 1.0 which allows remote attackers to execute arbitrary code via the regmobilenumber parameter.

๐Ÿ“… Published: Dec. 6, 2024, midnight ๐Ÿ”„ Last Modified: Dec. 11, 2024, 5:15 p.m.

7.5

CVSS3.1

CVE-2024-44855 -

Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble was discovered to contain a NULL pointer dereference via the component nav2_navfn_planner().

๐Ÿ“… Published: Dec. 6, 2024, midnight ๐Ÿ”„ Last Modified: Dec. 13, 2024, 8:33 p.m.

7.5

CVSS3.1

CVE-2024-54749 -

Ubiquiti U7-Pro 7.0.35 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root. NOTE: this is disputed by the Supplier because the observation only established that a password is present in a firmware image; however, the device cannot beโ€ฆ

๐Ÿ“… Published: Dec. 6, 2024, midnight ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.
Total resulsts: 349182
Page 7609 of 34,919
ยซ previous page ยป next page
Filters