Skip to content

Issues: aliasrobotics/RVD

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

226 Open 3,086 Closed
226 Open 3,086 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Milestones
Filter by milestone
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

RVD#3347: Data Distribution Service (DDS) Chain of Trust (CoT) violation in Open DDS package: sros2 robot component: DDS Data Distribution Service robot component: ROS2 vulnerability
#3347 opened Feb 25, 2023 by vmayoral
RVD#3346: Data Distribution Service (DDS) Chain of Trust (CoT) violation in Cyclone DDS package: sros2 robot component: DDS Data Distribution Service robot component: ROS2 vendor: ADLINK vulnerability
#3346 opened Feb 25, 2023 by vmayoral
RVD#3345: Data Distribution Service (DDS) Chain of Trust (CoT) violation components software Vulnerabilities in purely software robot components (e.g. a the ROS navigation stack) package: sros2 robot component: DDS Data Distribution Service robot component: FastRTPS eProsima's FastRTPS security flaw robot component: ROS2 vendor: eProsima vulnerability
#3345 opened Feb 25, 2023 by vmayoral
[Security] Workflow push.yml is using vulnerable action actions/checkout
#3343 opened Dec 19, 2021 by Freakston
[Security] Workflow issues_management.yml is using vulnerable action actions/checkout
#3342 opened Dec 19, 2021 by fockboi-lgtm
RVD#3337: Service DoS through arbitrary pointer dereferencing on KUKA simulator robot component: Visual Components severity: high 7.0 - 8.9 vendor: KUKA vendor: Visual Components version: 2.0.8 vulnerability
#3337 opened Nov 6, 2020 by rvd-bot
RVD#3336: System information disclosure without authentication on KUKA simulators robot component: Visual Components severity: medium 4.0 - 6.9 vendor: KUKA vendor: Visual Components version: 2.0.8 vulnerability
#3336 opened Nov 6, 2020 by rvd-bot
RVD#3330: Use of Hard-coded Credentials in Robotemi Global Ltd Temi Firmware severity: critical 9.0 - 10.0 vendor: Robotemi Global vulnerability
#3330 opened Aug 25, 2020 by glerapic
RVD#3327: No authentication required for accesing ABB IRC5 FTP server robot: ABB IRB140 robot component: ABB IRC5 OPC Server robot component: Robotware robot component: VxWorks severity: critical 9.0 - 10.0 vendor: ABB vulnerability
#3327 opened Jul 15, 2020 by rvd-bot
RVD#3326: Hardcoded default credentials on IRC 5 OPC Server robot: ABB IRB140 robot component: ABB IRC5 OPC Server robot component: Robotware robot component: VxWorks severity: critical 9.0 - 10.0 vendor: ABB vulnerability
#3326 opened Jul 15, 2020 by rvd-bot
RVD#3324: ABB IRC5 FTP daemon in VxWorks does not close the TCP connection after a number of failed login attempts robot: ABB IRB140 robot component: ABB IRC5 OPC Server robot component: Robotware robot component: VxWorks severity: critical 9.0 - 10.0 vendor: ABB vendor: WindRiver vulnerability
#3324 opened Jul 15, 2020 by rvd-bot
RVD#3323: Mismanaged permission implementation leads to privilege escalation, exfiltration of sensitive information, and DoS components hardware Vulnerabilities in hardware robot components (e.g. a LIDAR) robot: xArm5 Lite robot: xArm6 robot: xArm7 severity: high 7.0 - 8.9 vendor: UFactory vulnerability
#3323 opened Jul 15, 2020 by rvd-bot
RVD#3322: Weak authentication implementation make the system vulnerable to a brute-force attack over adjacent networks components hardware Vulnerabilities in hardware robot components (e.g. a LIDAR) robot: xArm5 Lite robot: xArm6 robot: xArm7 severity: high 7.0 - 8.9 vendor: UFactory vulnerability
#3322 opened Jul 15, 2020 by rvd-bot
RVD#3321: No Authentication required to exert manual control of the robot components hardware Vulnerabilities in hardware robot components (e.g. a LIDAR) robot: xArm5 Lite robot: xArm6 robot: xArm7 severity: critical 9.0 - 10.0 vendor: UFactory vulnerability
#3321 opened Jul 15, 2020 by rvd-bot
RVD#3320: XML External Entity (XXE) attacks via unspecified vectors on Mitsubishi products triage Needs triage vendor: Mitsubishi Electric vulnerability
#3320 opened Jul 4, 2020 by rvd-bot
RVD#3319: Uncontrolled resource consumption vulnerability in Mitsubishi products allows denial of service (DoS) attacks triage Needs triage vendor: Mitsubishi Electric vulnerability
#3319 opened Jul 4, 2020 by rvd-bot
RVD#3318: XSS-like attacks for authenticated users in ABB System 800xA Information Manager components software Vulnerabilities in purely software robot components (e.g. a the ROS navigation stack) severity: high 7.0 - 8.9 vendor: ABB vulnerability
#3318 opened Jul 4, 2020 by rvd-bot
RVD#3317: MAVLink version handshaking allows for an attacker to bypass authentication components software Vulnerabilities in purely software robot components (e.g. a the ROS navigation stack) robot component: Ardupilot robot component: MAVLink robot component: PX4 severity: high 7.0 - 8.9 version: 1.0 version: 2.0 vulnerability
#3317 opened Jun 30, 2020 by vmayoral
5
RVD#3316: No authentication in MAVLink protocol components software Vulnerabilities in purely software robot components (e.g. a the ROS navigation stack) robot component: Ardupilot robot component: MAVLink robot component: PX4 severity: critical 9.0 - 10.0 version: 1.0 vulnerability
#3316 opened Jun 30, 2020 by vmayoral
22
RVD#3315: Cleartext transmission of sensitive information in MAVLink protocol version 1.0 and 2.0 components software Vulnerabilities in purely software robot components (e.g. a the ROS navigation stack) robot component: Ardupilot robot component: MAVLink robot component: PX4 severity: high 7.0 - 8.9 version: 1.0 version: 2.0 vulnerability
#3315 opened Jun 30, 2020 by vmayoral
4
RVD#2573: The DBPOWER U818A WIFI quadcopter drone provides FTP access over robot: DBPOWER U818A severity: medium 4.0 - 6.9 vendor: DBPOWER vulnerability
#2573 opened Jun 28, 2020 by rvd-bot
2
RVD#2572: Web server running on Parrot ANAFI can be crashed due to the SDK robot: Parrot ANAFI https://www.parrot.com/es/drones/anafi severity: medium 4.0 - 6.9 vendor: Parrot vulnerability
#2572 opened Jun 28, 2020 by rvd-bot
RVD#2571: Parrot ANAFI is vulnerable to Wi-Fi deauthentication attack robot: Parrot ANAFI https://www.parrot.com/es/drones/anafi severity: high 7.0 - 8.9 vendor: Parrot vulnerability
#2571 opened Jun 28, 2020 by rvd-bot
RVD#2569: Insecure operating system defaults in MiR robots robot component: Ubuntu robot: ER200 robot: ER-Flex robot: ER-Lite robot: ER-One robot: MiR100 robot: MiR200 robot: MiR250 robot: MiR500 robot: MiR1000 robot: UVD severity: high 7.0 - 8.9 vendor: Canonical vendor: Easy Robotics vendor: Enabled Robotics vendor: Mobile Industrial Robots vendor: Robotplus https://robotplus.es/ vendor: UVD Robots vulnerability
#2569 opened Jun 24, 2020 by rvd-bot
RVD#2568: Apache server is vulnerable to a DoS robot: ER200 robot: ER-Flex robot: ER-Lite robot: ER-One robot: MiR100 robot: MiR200 robot: MiR250 robot: MiR500 robot: MiR1000 robot: UVD vendor: Easy Robotics vendor: Enabled Robotics vendor: Mobile Industrial Robots vendor: Robotplus https://robotplus.es/ vendor: UVD Robots vulnerability
#2568 opened Jun 24, 2020 by rvd-bot
ProTip! Exclude everything labeled bug with -label:bug.