aliasrobotics / RVD Public

Notifications
Fork 25
Star 111

Code
Issues 223
Pull requests
Discussions
Actions
Security
Insights

Code
Issues
Pull requests
Discussions
Actions
Security
Insights

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

223 Open 3,086 Closed

Author

Filter by author

Label

Filter by label

Use alt + click/return to exclude labels

or ⇧ + click/return for logical OR

Projects

Filter by project

Milestones

Filter by milestone

Assignee

Filter by who’s assigned

Sort

Sort by

Newest Oldest Most commented Least commented Recently updated Least recently updated

Most reactions

[Security] Workflow push.yml is using vulnerable action actions/checkout

#3343 opened Dec 19, 2021 by Freakston

[Security] Workflow issues_management.yml is using vulnerable action actions/checkout

#3342 opened Dec 19, 2021 by fockboi-lgtm

RVD#3337: Service DoS through arbitrary pointer dereferencing on KUKA simulator robot component: Visual Components severity: high vendor: KUKA vendor: Visual Components version: 2.0.8 vulnerability

#3337 opened Nov 6, 2020 by rvd-bot

RVD#3336: System information disclosure without authentication on KUKA simulators robot component: Visual Components severity: medium vendor: KUKA vendor: Visual Components version: 2.0.8 vulnerability

#3336 opened Nov 6, 2020 by rvd-bot

RVD#3330: Use of Hard-coded Credentials in Robotemi Global Ltd Temi Firmware severity: critical vendor: Robotemi Global vulnerability

#3330 opened Aug 25, 2020 by glerapic

RVD#3327: No authentication required for accesing ABB IRC5 FTP server robot: ABB IRB140 robot component: ABB IRC5 OPC Server robot component: Robotware robot component: VxWorks severity: critical vendor: ABB vulnerability

#3327 opened Jul 15, 2020 by rvd-bot

RVD#3326: Hardcoded default credentials on IRC 5 OPC Server robot: ABB IRB140 robot component: ABB IRC5 OPC Server robot component: Robotware robot component: VxWorks severity: critical vendor: ABB vulnerability

#3326 opened Jul 15, 2020 by rvd-bot

RVD#3324: ABB IRC5 FTP daemon in VxWorks does not close the TCP connection after a number of failed login attempts robot: ABB IRB140 robot component: ABB IRC5 OPC Server robot component: Robotware robot component: VxWorks severity: critical vendor: ABB vendor: WindRiver vulnerability

#3324 opened Jul 15, 2020 by rvd-bot

RVD#3323: Mismanaged permission implementation leads to privilege escalation, exfiltration of sensitive information, and DoS components hardware robot: xArm5 Lite robot: xArm6 robot: xArm7 severity: high vendor: UFactory vulnerability

#3323 opened Jul 15, 2020 by rvd-bot

RVD#3322: Weak authentication implementation make the system vulnerable to a brute-force attack over adjacent networks components hardware robot: xArm5 Lite robot: xArm6 robot: xArm7 severity: high vendor: UFactory vulnerability

#3322 opened Jul 15, 2020 by rvd-bot

RVD#3321: No Authentication required to exert manual control of the robot components hardware robot: xArm5 Lite robot: xArm6 robot: xArm7 severity: critical vendor: UFactory vulnerability

#3321 opened Jul 15, 2020 by rvd-bot

RVD#3320: XML External Entity (XXE) attacks via unspecified vectors on Mitsubishi products triage vendor: Mitsubishi Electric vulnerability

#3320 opened Jul 4, 2020 by rvd-bot

RVD#3319: Uncontrolled resource consumption vulnerability in Mitsubishi products allows denial of service (DoS) attacks triage vendor: Mitsubishi Electric vulnerability

#3319 opened Jul 4, 2020 by rvd-bot

RVD#3318: XSS-like attacks for authenticated users in ABB System 800xA Information Manager components software severity: high vendor: ABB vulnerability

#3318 opened Jul 4, 2020 by rvd-bot

RVD#3317: MAVLink version handshaking allows for an attacker to bypass authentication components software robot component: Ardupilot robot component: MAVLink robot component: PX4 severity: high version: 1.0 version: 2.0 vulnerability

#3317 opened Jun 30, 2020 by vmayoral

RVD#3316: No authentication in MAVLink protocol components software robot component: Ardupilot robot component: MAVLink robot component: PX4 severity: critical version: 1.0 vulnerability

#3316 opened Jun 30, 2020 by vmayoral

RVD#3315: Cleartext transmission of sensitive information in MAVLink protocol version 1.0 and 2.0 components software robot component: Ardupilot robot component: MAVLink robot component: PX4 severity: high version: 1.0 version: 2.0 vulnerability

#3315 opened Jun 30, 2020 by vmayoral

RVD#2573: The DBPOWER U818A WIFI quadcopter drone provides FTP access over robot: DBPOWER U818A severity: medium vendor: DBPOWER vulnerability

#2573 opened Jun 28, 2020 by rvd-bot

RVD#2572: Web server running on Parrot ANAFI can be crashed due to the SDK robot: Parrot ANAFI severity: medium vendor: Parrot vulnerability

#2572 opened Jun 28, 2020 by rvd-bot

RVD#2571: Parrot ANAFI is vulnerable to Wi-Fi deauthentication attack robot: Parrot ANAFI severity: high vendor: Parrot vulnerability

#2571 opened Jun 28, 2020 by rvd-bot

RVD#2569: Insecure operating system defaults in MiR robots robot component: Ubuntu robot: ER200 robot: ER-Flex robot: ER-Lite robot: ER-One robot: MiR100 robot: MiR200 robot: MiR250 robot: MiR500 robot: MiR1000 robot: UVD severity: high vendor: Canonical vendor: Easy Robotics vendor: Enabled Robotics vendor: Mobile Industrial Robots vendor: Robotplus vendor: UVD Robots vulnerability

#2569 opened Jun 24, 2020 by rvd-bot

RVD#2568: Apache server is vulnerable to a DoS robot: ER200 robot: ER-Flex robot: ER-Lite robot: ER-One robot: MiR100 robot: MiR200 robot: MiR250 robot: MiR500 robot: MiR1000 robot: UVD vendor: Easy Robotics vendor: Enabled Robotics vendor: Mobile Industrial Robots vendor: Robotplus vendor: UVD Robots vulnerability

#2568 opened Jun 24, 2020 by rvd-bot

RVD#2566: Hardcoded Credentials on MiRX00 wireless Access Point robot: ER200 robot: ER-Flex robot: ER-Lite robot: ER-One robot: MiR100 robot: MiR200 robot: MiR250 robot: MiR500 robot: MiR1000 robot: UVD severity: critical vendor: Easy Robotics vendor: Enabled Robotics vendor: Mobile Industrial Robots vendor: Robotplus vendor: UVD Robots vulnerability

#2566 opened Jun 24, 2020 by rvd-bot

RVD#2565: Weak token generation for the REST API. robot: ER200 robot: ER-Flex robot: ER-Lite robot: ER-One robot: MiR100 robot: MiR200 robot: MiR250 robot: MiR500 robot: MiR1000 robot: UVD severity: critical vendor: Easy Robotics vendor: Enabled Robotics vendor: Mobile Industrial Robots vendor: Robotplus vendor: UVD Robots vulnerability

#2565 opened Jun 24, 2020 by rvd-bot

RVD#2564: The xfrm_replay_verify_len function does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a DoS robot: ER200 robot: ER-Flex robot: ER-Lite robot: ER-One robot: MiR100 robot: MiR200 robot: MiR250 robot: MiR500 robot: MiR1000 robot: UVD severity: high vendor: Easy Robotics vendor: Enabled Robotics vendor: Mobile Industrial Robots vendor: Robotplus vendor: UVD Robots vulnerability

#2564 opened Jun 24, 2020 by rvd-bot

Previous 1 2 3 4 5 … 8 9 Next

Previous Next

ProTip! Exclude everything labeled bug with -label:bug.