Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
busybox busybox vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv3
CVE-2023-40146
A privilege escalation vulnerability exists in the /bin/login functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted command line argument can lead to a limited-shell escape and elevated capabilities. An attacker can authenticate with hard-coded credentials a...
5.5
CVSSv3
CVE-2023-42364
A use-after-free vulnerability in BusyBox v.1.36.1 allows malicious users to cause a denial of service via a crafted awk pattern in the awk.c evaluate function.
Busybox Busybox 1.36.1
5.5
CVSSv3
CVE-2023-42365
A use-after-free vulnerability exists in BusyBox v.1.36.1 via a crafted awk pattern in the awk.c copyvar function.
Busybox Busybox 1.36.1
5.5
CVSSv3
CVE-2023-42366
A heap-buffer-overflow exists in BusyBox v.1.36.1 in the next_token function at awk.c:1159.
Busybox Busybox 1.36.1
5.5
CVSSv3
CVE-2023-42363
A use-after-free vulnerability exists in xasprintf function in xfuncs_printf.c:344 in BusyBox v.1.36.1.
Busybox Busybox 1.36.1
7.8
CVSSv3
CVE-2023-39810
An issue in the CPIO command of Busybox v1.33.2 allows malicious users to execute a directory traversal.
Busybox Busybox 1.33.2
Busybox Busybox 1.30.1
9.8
CVSSv3
CVE-2022-48174
There is a stack overflow vulnerability in ash.c:6030 in busybox prior to 1.35. In the environment of Internet of Vehicles, this vulnerability can be executed from command to arbitrary code execution.
Busybox Busybox
2 Github repositories
7.8
CVSSv3
CVE-2022-30065
A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function.
Busybox Busybox 1.35.0
Siemens Scalance Sc622-2c Firmware
Siemens Scalance Sc626-2c Firmware
Siemens Scalance Sc632-2c Firmware
Siemens Scalance Sc636-2c Firmware
Siemens Scalance Sc642-2c Firmware
Siemens Scalance Sc646-2c Firmware
1 Github repository
8.8
CVSSv3
CVE-2022-28391
BusyBox up to and including 1.35.0 allows remote malicious users to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible terminal. Alternatively, the attacker could choose to change the terminal's colors.
Busybox Busybox
3 Github repositories
5.5
CVSSv3
CVE-2021-42373
A NULL pointer dereference in Busybox's man applet leads to denial of service when a section name is supplied but no page argument is given
Busybox Busybox 1.33.1
Busybox Busybox 1.33.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Netapp Cloud Backup -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »