Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
busybox busybox vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2021-42382
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s function
Busybox Busybox
Fedoraproject Fedora 33
Fedoraproject Fedora 34
7.2
CVSSv3
CVE-2012-6614
D-Link DSR-250N devices prior to 1.08B31 allow remote authenticated users to obtain "persistent root access" via the BusyBox CLI, as demonstrated by overwriting the super user password.
Dlink Dsr-250n Firmware
6.8
CVSSv3
CVE-2023-40146
A privilege escalation vulnerability exists in the /bin/login functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted command line argument can lead to a limited-shell escape and elevated capabilities. An attacker can authenticate with hard-coded credentials a...
6.2
CVSSv3
CVE-2019-3422
The Sec Consult Security Lab reported an information disclosure vulnerability in MF910S product to ZTE PSIRT in October 2019. Through the analysis of related product team, the information disclosure vulnerability is confirmed. The MF910S product's one-click upgrade tool can ...
Zte Mf910s Firmware -
5.5
CVSSv3
CVE-2023-42364
A use-after-free vulnerability in BusyBox v.1.36.1 allows malicious users to cause a denial of service via a crafted awk pattern in the awk.c evaluate function.
Busybox Busybox 1.36.1
5.5
CVSSv3
CVE-2023-42365
A use-after-free vulnerability exists in BusyBox v.1.36.1 via a crafted awk pattern in the awk.c copyvar function.
Busybox Busybox 1.36.1
5.5
CVSSv3
CVE-2023-42366
A heap-buffer-overflow exists in BusyBox v.1.36.1 in the next_token function at awk.c:1159.
Busybox Busybox 1.36.1
5.5
CVSSv3
CVE-2023-42363
A use-after-free vulnerability exists in xasprintf function in xfuncs_printf.c:344 in BusyBox v.1.36.1.
Busybox Busybox 1.36.1
5.5
CVSSv3
CVE-2021-42375
An incorrect handling of a special element in Busybox's ash applet leads to denial of service when processing a crafted shell command, due to the shell mistaking specific characters for reserved characters. This may be used for DoS under rare conditions of filtered command i...
Busybox Busybox 1.33.1
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Netapp Cloud Backup -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
5.5
CVSSv3
CVE-2021-42373
A NULL pointer dereference in Busybox's man applet leads to denial of service when a section name is supplied but no page argument is given
Busybox Busybox 1.33.1
Busybox Busybox 1.33.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Netapp Cloud Backup -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »