Vulnerabilities > Busybox > High

DATE CVE VULNERABILITY TITLE RISK
2023-08-28 CVE-2023-39810 Path Traversal vulnerability in Busybox 1.30.1/1.33.2
An issue in the CPIO command of Busybox v1.33.2 allows attackers to execute a directory traversal.
local
low complexity
busybox CWE-22
7.8
2022-05-18 CVE-2022-30065 Use After Free vulnerability in multiple products
A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function.
local
low complexity
busybox siemens CWE-416
7.8
2022-04-03 CVE-2022-28391 Unspecified vulnerability in Busybox
BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible terminal.
network
low complexity
busybox
8.8
2021-11-15 CVE-2021-42378 Use After Free vulnerability in multiple products
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i function
network
low complexity
busybox fedoraproject CWE-416
7.2
2021-11-15 CVE-2021-42379 Use After Free vulnerability in multiple products
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file function
network
low complexity
busybox fedoraproject CWE-416
7.2
2021-11-15 CVE-2021-42380 Use After Free vulnerability in multiple products
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function
network
low complexity
busybox fedoraproject CWE-416
7.2
2021-11-15 CVE-2021-42381 Use After Free vulnerability in multiple products
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init function
network
low complexity
busybox fedoraproject CWE-416
7.2
2021-11-15 CVE-2021-42382 Use After Free vulnerability in multiple products
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s function
network
low complexity
busybox fedoraproject CWE-416
7.2
2021-11-15 CVE-2021-42383 Use After Free vulnerability in multiple products
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function
network
low complexity
busybox fedoraproject CWE-416
7.2
2021-11-15 CVE-2021-42384 Use After Free vulnerability in multiple products
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special function
network
low complexity
busybox fedoraproject CWE-416
7.2