Search results

RVD#3347: Data Distribution Service (DDS) Chain of Trust (CoT) violation in Open DDS

package: sros2

robot component: DDSData Distribution ServiceData Distribution Service

robot component: ROS2

vulnerability

Status: Open.

#3347 In aliasrobotics/RVD;

· vmayoral opened on Feb 25, 2023

RVD#3346: Data Distribution Service (DDS) Chain of Trust (CoT) violation in Cyclone DDS

package: sros2

robot component: DDSData Distribution ServiceData Distribution Service

robot component: ROS2

vendor: ADLINK

vulnerability

Status: Open.

#3346 In aliasrobotics/RVD;

· vmayoral opened on Feb 25, 2023

RVD#3345: Data Distribution Service (DDS) Chain of Trust (CoT) violation

components softwareVulnerabilities in purely software robot components (e.g. a the ROS navigation stack)Vulnerabilities in purely software robot components (e.g. a the ROS navigation stack)

package: sros2

robot component: DDSData Distribution ServiceData Distribution Service

robot component: FastRTPSeProsima's FastRTPS security flaweProsima's FastRTPS security flaw

robot component: ROS2

vendor: eProsima

vulnerability

Status: Open.

#3345 In aliasrobotics/RVD;

· vmayoral opened on Feb 25, 2023

[Security] Workflow issues_management.yml is using vulnerable action actions/checkout

Status: Open.

#3342 In aliasrobotics/RVD;

· fockboi-lgtm opened on Dec 19, 2021

[Security] Workflow push.yml is using vulnerable action actions/checkout

Status: Open.

#3343 In aliasrobotics/RVD;

· Freakston opened on Dec 19, 2021

RVD#3337: Service DoS through arbitrary pointer dereferencing on KUKA simulator

robot component: Visual Components

severity: high7.0 - 8.97.0 - 8.9

vendor: KUKA

vendor: Visual Components

version: 2.0.8

vulnerability

Status: Open.

#3337 In aliasrobotics/RVD;

· rvd-bot opened on Nov 6, 2020

RVD#3336: System information disclosure without authentication on KUKA simulators

robot component: Visual Components

severity: medium4.0 - 6.94.0 - 6.9

vendor: KUKA

vendor: Visual Components

version: 2.0.8

vulnerability

Status: Open.

#3336 In aliasrobotics/RVD;

· rvd-bot opened on Nov 6, 2020

RVD#3330: Use of Hard-coded Credentials in Robotemi Global Ltd Temi Firmware

severity: critical9.0 - 10.09.0 - 10.0

vendor: Robotemi Global

vulnerability

Status: Open.

#3330 In aliasrobotics/RVD;

· glerapic opened on Aug 25, 2020

RVD#3327: No authentication required for accesing ABB IRC5 FTP server

robot component: ABB IRC5 OPC Server

robot component: Robotware

robot component: VxWorks

robot: ABB IRB140

severity: critical9.0 - 10.09.0 - 10.0

vendor: ABB

vulnerability

Status: Open.

#3327 In aliasrobotics/RVD;

· rvd-bot opened on Jul 15, 2020

RVD#3326: Hardcoded default credentials on IRC 5 OPC Server

robot component: ABB IRC5 OPC Server

robot component: Robotware

robot component: VxWorks

robot: ABB IRB140

severity: critical9.0 - 10.09.0 - 10.0

vendor: ABB

vulnerability

Status: Open.

#3326 In aliasrobotics/RVD;

· rvd-bot opened on Jul 15, 2020

RVD#3324: ABB IRC5 FTP daemon in VxWorks does not close the TCP connection after a number of failed login attempts

robot component: ABB IRC5 OPC Server

robot component: Robotware

robot component: VxWorks

robot: ABB IRB140

severity: critical9.0 - 10.09.0 - 10.0

vendor: ABB

vendor: WindRiver

vulnerability

Status: Open.

#3324 In aliasrobotics/RVD;

· rvd-bot opened on Jul 15, 2020

RVD#3323: Mismanaged permission implementation leads to privilege escalation, exfiltration of sensitive information, and DoS

components hardwareVulnerabilities in hardware robot components (e.g. a LIDAR)Vulnerabilities in hardware robot components (e.g. a LIDAR)

robot: xArm5 Lite

robot: xArm6

robot: xArm7

severity: high7.0 - 8.97.0 - 8.9

vendor: UFactory

vulnerability

Status: Open.

#3323 In aliasrobotics/RVD;

· rvd-bot opened on Jul 15, 2020