Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
busybox busybox vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2018-0099
A vulnerability in the web management GUI of the Cisco D9800 Network Transport Receiver could allow an authenticated, remote malicious user to perform a command injection attack. The vulnerability is due to insufficient input validation of GUI command arguments. An attacker could...
Cisco D9800 Firmware -
NA
CVE-2015-5277
The get_contents function in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) prior to 2.20 might allow local users to cause a denial of service (heap corruption) or gain privileges via a long line in the NSS files database.
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Hpc Node 7.0
Gnu Glibc
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
6.2
CVSSv3
CVE-2019-3422
The Sec Consult Security Lab reported an information disclosure vulnerability in MF910S product to ZTE PSIRT in October 2019. Through the analysis of related product team, the information disclosure vulnerability is confirmed. The MF910S product's one-click upgrade tool can ...
Zte Mf910s Firmware -
9.8
CVSSv3
CVE-2017-8415
An issue exists on D-Link DCS-1100 and DCS-1130 devices. The device has a custom telnet daemon as a part of the busybox and retrieves the password from the shadow file using the function getspnam at address 0x00053894. Then performs a crypt operation on the password retrieved fro...
Dlink Dcs-1130 Firmware -
Dlink Dcs-1100 Firmware -
NA
CVE-2014-9402
The nss_dns implementation of getnetbyname in GNU C Library (aka glibc) prior to 2.21, when the DNS backend in the Name Service Switch configuration is enabled, allows remote malicious users to cause a denial of service (infinite loop) by sending a positive answer while a network...
Gnu Glibc
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 10.04
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
NA
CVE-2009-5149
Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 have predictable technician passwords, which makes it easier for remote malicious users to obtain access via the web management interface, related to a "password of the day"...
Arris Na Model 862 Gw Mono Firmware Ts0705125d 031115
Arris Na Model 862 Gw Mono Firmware Ts070593c 073013
Arris Na Model 862 Gw Mono Firmware Ts0703135 112211
Arris Na Model 862 Gw Mono Firmware Ts0705125 062314
Arris Na Model 862 Gw Mono Firmware Ts0703128 100611
NA
CVE-2015-7289
Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 have a hardcoded administrator password derived from a serial number, which makes it easier for remote malicious users to obtain access via the web management interface, SSH, TELNET,...
Arris Na Model 862 Gw Mono Firmware Ts0703128 100611
Arris Na Model 862 Gw Mono Firmware Ts0703135 112211
Arris Na Model 862 Gw Mono Firmware Ts0705125d 031115
Arris Na Model 862 Gw Mono Firmware Ts070593c 073013
Arris Na Model 862 Gw Mono Firmware Ts0705125 062314
NA
CVE-2015-7290
Cross-site scripting (XSS) vulnerability in adv_pwd_cgi in the web management interface on Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 allows remote malicious users to inject arbitrary web script or HTML via the pwd parameter.
Arris Na Model 862 Gw Mono Firmware Ts0705125d 031115
Arris Na Model 862 Gw Mono Firmware Ts0705125 062314
Arris Na Model 862 Gw Mono Firmware Ts070593c 073013
Arris Na Model 862 Gw Mono Firmware Ts0703128 100611
Arris Na Model 862 Gw Mono Firmware Ts0703135 112211
NA
CVE-2015-7291
Cross-site request forgery (CSRF) vulnerability in adv_pwd_cgi in the web management interface on Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 allows remote malicious users to hijack the authentication of arbitrary users.
Arris Na Model 862 Gw Mono Firmware Ts0703135 112211
Arris Na Model 862 Gw Mono Firmware Ts0705125 062314
Arris Na Model 862 Gw Mono Firmware Ts0703128 100611
Arris Na Model 862 Gw Mono Firmware Ts0705125d 031115
Arris Na Model 862 Gw Mono Firmware Ts070593c 073013
NA
CVE-2014-4043
The posix_spawn_file_actions_addopen function in glibc prior to 2.20 does not copy its path argument in accordance with the POSIX specification, which allows context-dependent malicious users to trigger use-after-free vulnerabilities.
Gnu Glibc
Opensuse Opensuse 13.1
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7