Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
busybox busybox vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-40146
A privilege escalation vulnerability exists in the /bin/login functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted command line argument can lead to a limited-shell escape and elevated capabilities. An attacker can authenticate with hard-coded credentials a...
NA
CVE-2023-42364
A use-after-free vulnerability in BusyBox v.1.36.1 allows malicious users to cause a denial of service via a crafted awk pattern in the awk.c evaluate function.
Busybox Busybox 1.36.1
NA
CVE-2023-42365
A use-after-free vulnerability exists in BusyBox v.1.36.1 via a crafted awk pattern in the awk.c copyvar function.
Busybox Busybox 1.36.1
NA
CVE-2023-42366
A heap-buffer-overflow exists in BusyBox v.1.36.1 in the next_token function at awk.c:1159.
Busybox Busybox 1.36.1
NA
CVE-2023-42363
A use-after-free vulnerability exists in xasprintf function in xfuncs_printf.c:344 in BusyBox v.1.36.1.
Busybox Busybox 1.36.1
NA
CVE-2023-39810
An issue in the CPIO command of Busybox v1.33.2 allows malicious users to execute a directory traversal.
Busybox Busybox 1.33.2
Busybox Busybox 1.30.1
NA
CVE-2022-48174
There is a stack overflow vulnerability in ash.c:6030 in busybox prior to 1.35. In the environment of Internet of Vehicles, this vulnerability can be executed from command to arbitrary code execution.
Busybox Busybox
2 Github repositories
6.8
CVSSv2
CVE-2022-30065
A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function.
Busybox Busybox 1.35.0
Siemens Scalance Sc622-2c Firmware
Siemens Scalance Sc626-2c Firmware
Siemens Scalance Sc632-2c Firmware
Siemens Scalance Sc636-2c Firmware
Siemens Scalance Sc642-2c Firmware
Siemens Scalance Sc646-2c Firmware
1 Github repository
6.8
CVSSv2
CVE-2022-28391
BusyBox up to and including 1.35.0 allows remote malicious users to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible terminal. Alternatively, the attacker could choose to change the terminal's colors.
Busybox Busybox
3 Github repositories
3.3
CVSSv2
CVE-2021-42374
An out-of-bounds heap read in Busybox's unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed. This can be triggered by any applet/format that
Busybox Busybox
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Netapp Cloud Backup -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »