Vulnerabilities > Dronecode
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-02-06 | CVE-2024-24255 | Race Condition vulnerability in Dronecode PX4 Drone Autopilot A Race Condition discovered in geofence.cpp and mission_feasibility_checker.cpp in PX4 Autopilot 1.14 and earlier allows attackers to send drones on unintended missions. | 4.2 |
2024-02-06 | CVE-2024-24254 | Race Condition vulnerability in Dronecode PX4 Drone Autopilot PX4 Autopilot 1.14 and earlier, due to the lack of synchronization mechanism for loading geofence data, has a Race Condition vulnerability in the geofence.cpp and mission_feasibility_checker.cpp. | 4.2 |
2023-11-13 | CVE-2023-47625 | Unspecified vulnerability in Dronecode PX4 Drone Autopilot 1.14.0 PX4 autopilot is a flight control solution for drones. | 4.3 |
2023-10-31 | CVE-2023-46256 | Out-of-bounds Write vulnerability in Dronecode PX4 Drone Autopilot PX4-Autopilot provides PX4 flight control solution for drones. | 9.8 |
2023-07-06 | CVE-2021-46896 | Classic Buffer Overflow vulnerability in Dronecode PX4 Drone Autopilot Buffer Overflow vulnerability in PX4-Autopilot allows attackers to cause a denial of service via handler function handling msgid 332. | 7.5 |
2023-03-09 | CVE-2021-34125 | An issue discovered in Yuneec Mantis Q and PX4-Autopilot v 1.11.3 and below allow attacker to gain access to sensitive information via various nuttx commands. | 7.5 |
2020-08-20 | CVE-2020-10283 | Unspecified vulnerability in Dronecode Micro AIR Vehicle Link 1.0.0 The Micro Air Vehicle Link (MAVLink) protocol presents authentication mechanisms on its version 2.0 however according to its documentation, in order to maintain backwards compatibility, GCS and autopilot negotiate the version via the AUTOPILOT_VERSION message. | 9.8 |
2020-07-03 | CVE-2020-10282 | Missing Authentication for Critical Function vulnerability in Dronecode Micro AIR Vehicle Link 1.0.0 The Micro Air Vehicle Link (MAVLink) protocol presents no authentication mechanism on its version 1.0 (nor authorization) whichs leads to a variety of attacks including identity spoofing, unauthorized access, PITM attacks and more. | 9.8 |
2020-07-03 | CVE-2020-10281 | Cleartext Transmission of Sensitive Information vulnerability in Dronecode Micro AIR Vehicle Link This vulnerability applies to the Micro Air Vehicle Link (MAVLink) protocol and allows a remote attacker to gain access to sensitive information provided it has access to the communication medium. | 7.5 |