Vulnerabilities > Busybox > Busybox > 1.19.3

DATE CVE VULNERABILITY TITLE RISK
2023-08-22 CVE-2022-48174 Out-of-bounds Write vulnerability in Busybox
There is a stack overflow vulnerability in ash.c:6030 in busybox before 1.35.
network
low complexity
busybox CWE-787
critical
9.8
2022-04-03 CVE-2022-28391 Unspecified vulnerability in Busybox
BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible terminal.
network
busybox
6.8
2021-11-15 CVE-2021-42376 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference in Busybox's hush applet leads to denial of service when processing a crafted shell command, due to missing validation after a \x03 delimiter character.
local
low complexity
busybox fedoraproject netapp CWE-476
5.5
2021-11-15 CVE-2021-42378 Use After Free vulnerability in multiple products
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i function
network
low complexity
busybox fedoraproject CWE-416
7.2
2021-11-15 CVE-2021-42379 Use After Free vulnerability in multiple products
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file function
network
low complexity
busybox fedoraproject CWE-416
7.2
2021-11-15 CVE-2021-42384 Use After Free vulnerability in multiple products
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special function
network
low complexity
busybox fedoraproject CWE-416
7.2
2021-11-15 CVE-2021-42385 Use After Free vulnerability in multiple products
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function
network
low complexity
busybox fedoraproject CWE-416
7.2
2021-11-15 CVE-2021-42386 Use After Free vulnerability in multiple products
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc function
network
low complexity
busybox fedoraproject CWE-416
7.2
2019-01-09 CVE-2019-5747 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in BusyBox through 1.30.0.
network
low complexity
busybox canonical CWE-125
7.5
2019-01-09 CVE-2018-20679 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in BusyBox before 1.30.0.
network
low complexity
busybox canonical CWE-125
5.0