Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
goahead webserver vulnerabilities and exploits
(subscribe to this query)
1.9
CVSSv2
CVE-2019-3422
The Sec Consult Security Lab reported an information disclosure vulnerability in MF910S product to ZTE PSIRT in October 2019. Through the analysis of related product team, the information disclosure vulnerability is confirmed. The MF910S product's one-click upgrade tool can ...
Zte Mf910s Firmware -
7.2
CVSSv2
CVE-2013-1813
util-linux/mdev.c in BusyBox prior to 1.21.0 uses 0777 permissions for parent directories when creating nested directories under /dev/, which allows local users to have unknown impact and attack vectors.
Redhat Enterprise Linux 6.0
T-mobile Tm-ac1900 3.0.0.4.376 3169
Busybox Busybox 1.11.0
Busybox Busybox 1.12.0
Busybox Busybox 1.17.1
Busybox Busybox 1.7.0
Busybox Busybox 1.12.2
Busybox Busybox 1.1.3
Busybox Busybox 0.47
Busybox Busybox 0.49
Busybox Busybox 0.43
Busybox Busybox 1.7.1
Busybox Busybox 1.4.1
Busybox Busybox 1.11.3
Busybox Busybox 1.9.2
Busybox Busybox 0.60.3
Busybox Busybox 1.1.0
Busybox Busybox 1.13.4
Busybox Busybox 1.8.2
Busybox Busybox 0.60.1
Busybox Busybox 1.10.0
Busybox Busybox 1.20.0
5
CVSSv2
CVE-2011-5325
Directory traversal vulnerability in the BusyBox implementation of tar prior to 1.22.0 v5 allows remote malicious users to point to files outside the current working directory via a symlink.
Busybox Busybox
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 14.04
7.5
CVSSv2
CVE-2016-2148
Heap-based buffer overflow in the DHCP client (udhcpc) in BusyBox prior to 1.25.0 allows remote malicious users to have unspecified impact via vectors involving OPTION_6RD parsing.
Busybox Busybox
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 14.04
4.3
CVSSv2
CVE-2015-9261
huft_build in archival/libarchive/decompress_gunzip.c in BusyBox prior to 1.27.2 misuses a pointer, causing segfaults and an application crash during an unzip operation on a specially crafted ZIP file.
Busybox Busybox
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
5
CVSSv2
CVE-2016-2147
Integer overflow in the DHCP client (udhcpc) in BusyBox prior to 1.25.0 allows remote malicious users to cause a denial of service (crash) via a malformed RFC1035-encoded domain name, which triggers an out-of-bounds heap write.
Busybox Busybox
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 14.04
6.8
CVSSv2
CVE-2011-2716
The DHCP client (udhcpc) in BusyBox prior to 1.20.0 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in the (1) HOST_NAME, (2) DOMAIN_NAME, (3) NIS_DOMAIN, and (4) TFTP_SERVER_NAME host name options.
T-mobile Tm-ac1900 3.0.0.4.376 3169
Busybox Busybox 1.11.0
Busybox Busybox 1.12.0
Busybox Busybox 1.0.0
Busybox Busybox 1.17.1
Busybox Busybox 1.7.0
Busybox Busybox 1.12.2
Busybox Busybox 1.1.3
Busybox Busybox 1.7.1
Busybox Busybox 1.4.1
Busybox Busybox 1.11.3
Busybox Busybox 1.9.2
Busybox Busybox 1.1.0
Busybox Busybox 1.13.4
Busybox Busybox 1.8.2
Busybox Busybox 1.10.0
Busybox Busybox 0.60.5
Busybox Busybox 1.17.0
Busybox Busybox 1.19.2
Busybox Busybox 1.16.2
Busybox Busybox 1.9.1
Busybox Busybox 1.18.5
4.6
CVSSv2
CVE-2017-8329
An issue exists on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of setting a name for the wireless network. These values are stored by the device in NVRAM (Non-volatile RAM). It seems that the POST paramet...
Securifi Almond 2015 Firmware Al-r096
Securifi Almond+firmware Al-r096
Securifi Almond Firmware Al-r096
6.5
CVSSv2
CVE-2017-16544
In the add_match function in libbb/lineedit.c in BusyBox up to and including 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could pot...
Busybox Busybox
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Vmware Esxi 6.0
Vmware Esxi 6.5
Vmware Esxi 6.7
Redlion N-tron 702-w Firmware
Redlion N-tron 702m12-w Firmware
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3