Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-06 | CVE-2024-44855 | NULL Pointer Dereference vulnerability in Openrobotics Robot Operating System 2 Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble was discovered to contain a NULL pointer dereference via the component nav2_navfn_planner(). | 7.5 |
| 2024-12-06 | CVE-2024-44856 | NULL Pointer Dereference vulnerability in Openrobotics Robot Operating System 2 Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble was discovered to contain a NULL pointer dereference via the component nav2_smac_planner(). | 7.5 |
| 2024-12-06 | CVE-2024-45722 | Unspecified vulnerability in Ruijienetworks Reyee OS Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x uses weak credential mechanism that could allow an attacker to easily calculate MQTT credentials. | 7.5 |
| 2024-12-06 | CVE-2024-46874 | Unspecified vulnerability in Ruijienetworks Reyee OS Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow MQTT clients connecting with device credentials to send messages to some topics. | 9.9 |
| 2024-12-06 | CVE-2024-47146 | Resource Leak vulnerability in Ruijienetworks Reyee OS Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow an attacker to obtain the devices serial number if physically adjacent and sniffing the RAW WIFI signal. | 6.5 |
| 2024-12-06 | CVE-2024-47791 | Unspecified vulnerability in Ruijienetworks Reyee OS Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow an attacker to subscribe to partial possible topics in Ruijie MQTT broker, and receive partial messages being sent to and from devices. | 5.3 |
| 2024-12-06 | CVE-2024-48874 | Unspecified vulnerability in Ruijienetworks Reyee OS Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could give attackers the ability to force Ruijie's proxy servers to perform any request the attackers choose. | 9.8 |
| 2024-12-06 | CVE-2024-52324 | Unspecified vulnerability in Ruijienetworks Reyee OS Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x uses an inherently dangerous function which could allow an attacker to send a malicious MQTT message resulting in devices executing arbitrary OS commands. | 9.8 |
| 2024-12-06 | CVE-2024-11220 | Incorrect Permission Assignment for Critical Resource vulnerability in Openautomationsoftware Open Automation Software A local low-level user on the server machine with credentials to the running OAS services can create and execute a report with an rdlx file on the server system itself. | 7.8 |
| 2024-12-06 | CVE-2024-42494 | Privacy Violation vulnerability in Ruijienetworks Reyee OS Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x contains a a feature that could enable sub accounts or attackers to view and exfiltrate sensitive information from all cloud accounts registered to Ruijie's services | 7.5 |