Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Busybox
(Busybox)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 39 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-11-15 | CVE-2021-42383 | A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function | Busybox, Fedora | 7.2 | ||
| 2021-11-15 | CVE-2021-42384 | A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special function | Busybox, Fedora | 7.2 | ||
| 2021-11-15 | CVE-2021-42385 | A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function | Busybox, Fedora | 7.2 | ||
| 2021-11-15 | CVE-2021-42386 | A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc function | Busybox, Fedora | 7.2 | ||
| 2022-05-18 | CVE-2022-30065 | A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function. | Busybox, Scalance_sc622\-2c_firmware, Scalance_sc626\-2c_firmware, Scalance_sc632\-2c_firmware, Scalance_sc636\-2c_firmware, Scalance_sc642\-2c_firmware, Scalance_sc646\-2c_firmware | 7.8 | ||
| 2023-08-28 | CVE-2023-39810 | An issue in the CPIO command of Busybox v1.33.2 allows attackers to execute a directory traversal. | Busybox | 7.8 | ||
| 2023-11-27 | CVE-2023-42363 | A use-after-free vulnerability was discovered in xasprintf function in xfuncs_printf.c:344 in BusyBox v.1.36.1. | Busybox | 5.5 | ||
| 2023-11-27 | CVE-2023-42364 | A use-after-free vulnerability in BusyBox v.1.36.1 allows attackers to cause a denial of service via a crafted awk pattern in the awk.c evaluate function. | Busybox | 5.5 | ||
| 2023-11-27 | CVE-2023-42365 | A use-after-free vulnerability was discovered in BusyBox v.1.36.1 via a crafted awk pattern in the awk.c copyvar function. | Busybox | 5.5 | ||
| 2006-04-04 | CVE-2006-1058 | BusyBox 1.1.1 does not use a salt when generating passwords, which makes it easier for local users to guess passwords from a stolen password file using techniques such as rainbow tables. | Aura_application_enablement_services, Aura_sip_enablement_services, Message_networking, Messaging_storage_server, Busybox | 5.5 |