Vulnerabilities > Busybox > Busybox > 1.17.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-22 | CVE-2022-48174 | Out-of-bounds Write vulnerability in Busybox There is a stack overflow vulnerability in ash.c:6030 in busybox before 1.35. | 9.8 |
| 2022-04-03 | CVE-2022-28391 | Unspecified vulnerability in Busybox BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible terminal. | 8.8 |
| 2021-11-15 | CVE-2021-42376 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference in Busybox's hush applet leads to denial of service when processing a crafted shell command, due to missing validation after a \x03 delimiter character. | 5.5 |
| 2021-11-15 | CVE-2021-42378 | Use After Free vulnerability in multiple products A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i function | 7.2 |
| 2021-11-15 | CVE-2021-42385 | Use After Free vulnerability in multiple products A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function | 7.2 |
| 2021-11-15 | CVE-2021-42386 | Use After Free vulnerability in multiple products A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc function | 7.2 |
| 2019-01-09 | CVE-2019-5747 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in BusyBox through 1.30.0. | 7.5 |
| 2019-01-09 | CVE-2018-20679 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in BusyBox before 1.30.0. | 7.5 |
| 2018-07-26 | CVE-2015-9261 | NULL Pointer Dereference vulnerability in multiple products huft_build in archival/libarchive/decompress_gunzip.c in BusyBox before 1.27.2 misuses a pointer, causing segfaults and an application crash during an unzip operation on a specially crafted ZIP file. | 5.5 |
| 2018-06-26 | CVE-2018-1000517 | Classic Buffer Overflow vulnerability in multiple products BusyBox project BusyBox wget version prior to commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e contains a Buffer Overflow vulnerability in Busybox wget that can result in heap buffer overflow. | 9.8 |