Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Px4_drone_autopilot
(Dronecode)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 12 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-04-23 | CVE-2024-30800 | PX4 Autopilot v.1.14 allows an attacker to fly the drone into no-fly zones by breaching the geofence using flaws in the function. | Px4_drone_autopilot | N/A | ||
| 2024-06-25 | CVE-2024-38951 | A buffer overflow in PX4-Autopilot v1.12.3 allows attackers to cause a Denial of Service (DoS) via a crafted MavLink message. | Px4_drone_autopilot | N/A | ||
| 2024-06-25 | CVE-2024-38952 | PX4-Autopilot v1.14.3 was discovered to contain a buffer overflow via the topic_name parameter at /logger/logged_topics.cpp. | Px4_drone_autopilot | N/A | ||
| 2025-01-07 | CVE-2024-40427 | Stack Buffer Overflow in PX4-Autopilot v1.14.3, which allows attackers to execute commands to exploit this vulnerability and cause the program to refuse to execute | Px4_drone_autopilot | N/A | ||
| 2024-04-10 | CVE-2024-29460 | An issue in PX4 Autopilot v.1.14.0 allows an attacker to manipulate the flight path allowing for crashes of the drone via the home point location of the mission_block.cpp component. | Px4_drone_autopilot | N/A | ||
| 2024-04-22 | CVE-2024-30799 | An issue in PX4 Autopilot v1.14 and before allows a remote attacker to execute arbitrary code and cause a denial of service via the Breach Return Point function. | Px4_drone_autopilot | 4.4 | ||
| 2024-02-06 | CVE-2024-24254 | PX4 Autopilot 1.14 and earlier, due to the lack of synchronization mechanism for loading geofence data, has a Race Condition vulnerability in the geofence.cpp and mission_feasibility_checker.cpp. This will result in the drone uploading overlapping geofences and mission routes. | Px4_drone_autopilot | 4.2 | ||
| 2024-02-06 | CVE-2024-24255 | A Race Condition discovered in geofence.cpp and mission_feasibility_checker.cpp in PX4 Autopilot 1.14 and earlier allows attackers to send drones on unintended missions. | Px4_drone_autopilot | 4.2 | ||
| 2023-03-09 | CVE-2021-34125 | An issue discovered in Yuneec Mantis Q and PX4-Autopilot v 1.11.3 and below allow attacker to gain access to sensitive information via various nuttx commands. | Px4_drone_autopilot, Mantis_q_firmware | 7.5 | ||
| 2023-07-06 | CVE-2021-46896 | Buffer Overflow vulnerability in PX4-Autopilot allows attackers to cause a denial of service via handler function handling msgid 332. | Px4_drone_autopilot | 7.5 |