| CVE-2021-42386 |
AVG-2562 |
Medium |
No |
Arbitrary code execution |
A use-after-free in Busybox's awk applet before version 1.34.0 leads to denial of service and possibly code execution when processing a crafted awk pattern... |
| CVE-2021-42385 |
AVG-2562 |
Medium |
No |
Arbitrary code execution |
A use-after-free in Busybox's awk applet before version 1.34.0 leads to denial of service and possibly code execution when processing a crafted awk pattern... |
| CVE-2021-42384 |
AVG-2562 |
Medium |
No |
Arbitrary code execution |
A use-after-free in Busybox's awk applet before version 1.34.0 leads to denial of service and possibly code execution when processing a crafted awk pattern... |
| CVE-2021-42383 |
AVG-2562 |
Medium |
No |
Arbitrary code execution |
A use-after-free in Busybox's awk applet before version 1.34.0 leads to denial of service and possibly code execution when processing a crafted awk pattern... |
| CVE-2021-42382 |
AVG-2562 |
Medium |
No |
Arbitrary code execution |
A use-after-free in Busybox's awk applet before version 1.34.0 leads to denial of service and possibly code execution when processing a crafted awk pattern... |
| CVE-2021-42381 |
AVG-2562 |
Medium |
No |
Arbitrary code execution |
A use-after-free in Busybox's awk applet before version 1.34.0 leads to denial of service and possibly code execution when processing a crafted awk pattern... |
| CVE-2021-42380 |
AVG-2562 |
Medium |
No |
Arbitrary code execution |
A use-after-free in Busybox's awk applet before version 1.34.0 leads to denial of service and possibly code execution when processing a crafted awk pattern... |
| CVE-2021-42379 |
AVG-2562 |
Medium |
No |
Arbitrary code execution |
A use-after-free in Busybox's awk applet before version 1.34.0 leads to denial of service and possibly code execution when processing a crafted awk pattern... |
| CVE-2021-42378 |
AVG-2562 |
Medium |
No |
Arbitrary code execution |
A use-after-free in Busybox's awk applet before version 1.34.0 leads to denial of service and possibly code execution when processing a crafted awk pattern... |
| CVE-2021-42377 |
AVG-2562 |
Medium |
Yes |
Arbitrary code execution |
An attacker-controlled pointer free in Busybox's hush applet before version 1.34.0 leads to denial of service and possible code execution when processing a... |
| CVE-2021-42376 |
AVG-2562 |
Medium |
Yes |
Denial of service |
A NULL pointer dereference in Busybox's hush applet before version 1.34.0 leads to denial of service when processing a crafted shell command, due to missing... |
| CVE-2021-42375 |
AVG-2562 |
Medium |
Yes |
Denial of service |
An incorrect handling of a special element in Busybox's ash applet before version 1.34.0 leads to denial of service when processing a crafted shell command,... |
| CVE-2021-42374 |
AVG-2562 |
Medium |
Yes |
Information disclosure |
An out-of-bounds heap read in Busybox's unlzma applet before version 1.34.0 leads to information leak and denial of service when crafted LZMA-compressed... |
| CVE-2021-42373 |
AVG-2562 |
Medium |
No |
Denial of service |
A NULL pointer dereference in Busybox's man applet before version 1.34.0 leads to denial of service when a section name is supplied but no page argument is given. |
| CVE-2021-28831 |
AVG-1708 |
Low |
No |
Denial of service |
decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer, with a resultant invalid free or segmentation... |
| CVE-2017-16544 |
AVG-514 |
High |
No |
Arbitrary code execution |
In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a... |