NotCVE - vendor:"Busybox" product:"Busybox" version:"1.36.1"

6 results (0.002 seconds)

CVSS: 3.2EPSS: 0%CPEs: 1EXPL: 0

CVE-2025-46394

https://notcve.org/view.php?id=CVE-2025-46394

23 Apr 2025 — In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences. • https://bugs.busybox.net/show_bug.cgi?id=16018 • CWE-451: User Interface (UI) Misrepresentation of Critical Information •

CVSS: 2.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-58251

https://notcve.org/view.php?id=CVE-2024-58251

23 Apr 2025 — In netstat in BusyBox through 1.37.0, local users can launch of network application with an argv[0] containing an ANSI terminal escape sequence, leading to a denial of service (terminal locked up) when netstat is used by a victim. • https://bugs.busybox.net/show_bug.cgi?id=15922 • CWE-150: Improper Neutralization of Escape, Meta, or Control Sequences •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1

CVE-2023-42364

https://notcve.org/view.php?id=CVE-2023-42364

27 Nov 2023 — A use-after-free vulnerability in BusyBox v.1.36.1 allows attackers to cause a denial of service via a crafted awk pattern in the awk.c evaluate function. Una vulnerabilidad de use-after-free en BusyBox v.1.36.1 permite a los atacantes provocar una denegación de servicio mediante un patrón awk manipulado en la función de evaluación awk.c. • https://bugs.busybox.net/show_bug.cgi?id=15868 • CWE-416: Use After Free •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1

CVE-2023-42363

https://notcve.org/view.php?id=CVE-2023-42363

27 Nov 2023 — A use-after-free vulnerability was discovered in xasprintf function in xfuncs_printf.c:344 in BusyBox v.1.36.1. Se descubrió una vulnerabilidad de use-after-free en la función xasprintf en xfuncs_printf.c:344 en BusyBox v.1.36.1. • https://bugs.busybox.net/show_bug.cgi?id=15865 • CWE-416: Use After Free •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1

CVE-2023-42365

https://notcve.org/view.php?id=CVE-2023-42365

27 Nov 2023 — A use-after-free vulnerability was discovered in BusyBox v.1.36.1 via a crafted awk pattern in the awk.c copyvar function. Se descubrió una vulnerabilidad de use-after-free en BusyBox v.1.36.1 mediante un patrón awk manipulado en la función copyvar awk.c. • https://bugs.busybox.net/show_bug.cgi?id=15871 • CWE-416: Use After Free •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1

CVE-2023-42366

https://notcve.org/view.php?id=CVE-2023-42366

27 Nov 2023 — A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in the next_token function at awk.c:1159. Se descubrió un desbordamiento del búfer del heap en BusyBox v.1.36.1 en la función next_token en awk.c:1159. • https://bugs.busybox.net/show_bug.cgi?id=15874 • CWE-787: Out-of-bounds Write •