Lucene search
K

15 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:20 a.m.4 views

SUSE CVE-2018-1000500

Busybox contains a Missing SSL certificate validation vulnerability in The "busybox wget" applet that can result in arbitrary code execution. This attack appear to be exploitable via Simply download any file over HTTPS using "busybox wget https://compromised-domain.com/important-file"...

7.5CVSS8AI score0.02462EPSS
Exploits0References13
OpenVAS
OpenVAS
added 2022/11/29 12:0 a.m.39 views

SUSE: Security Advisory (SUSE-SU-2022:4253-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.2AI score0.32919EPSS
Exploits21References21
OpenVAS
OpenVAS
added 2022/02/01 12:0 a.m.41 views

openSUSE: Security Advisory for busybox (openSUSE-SU-2022:0135-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7.4AI score0.32919EPSS
Exploits21References2
OpenVAS
OpenVAS
added 2022/01/21 12:0 a.m.48 views

SUSE: Security Advisory (SUSE-SU-2022:0135-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.2AI score0.32919EPSS
Exploits21References17
OpenVAS
OpenVAS
added 2021/11/01 12:0 a.m.40 views

openSUSE: Security Advisory for busybox (openSUSE-SU-2021:1408-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7.2AI score0.32919EPSS
Exploits5References2
OSV
OSV
added 2021/10/31 2:53 p.m.20 views

OPENSUSE-SU-2021:1408-1 Security update for busybox

This update for busybox fixes the following issues: - CVE-2021-28831: Fixed invalid free or segmentation fault via malformed gzip data bsc1184522. - CVE-2018-20679: Fixed out of bounds read in udhcp bsc1121426. - CVE-2018-1000517: Fixed buffer overflow in the retrievefiledata bsc1099260. -...

9.8CVSS8.1AI score0.32919EPSS
Exploits5References11
OpenVAS
OpenVAS
added 2021/10/28 12:0 a.m.36 views

SUSE: Security Advisory (SUSE-SU-2021:3531-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.1AI score0.32919EPSS
Exploits5References8
OpenVAS
OpenVAS
added 2021/10/28 12:0 a.m.45 views

openSUSE: Security Advisory for busybox (openSUSE-SU-2021:3531-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7.2AI score0.32919EPSS
Exploits5References2
OSV
OSV
added 2021/10/27 8:8 a.m.20 views

SUSE-SU-2021:3531-1 Security update for busybox

This update for busybox fixes the following issues: - CVE-2021-28831: Fixed invalid free or segmentation fault via malformed gzip data bsc1184522. - CVE-2018-20679: Fixed out of bounds read in udhcp bsc1121426. - CVE-2018-1000517: Fixed buffer overflow in the retrievefiledata bsc1099260. -...

9.8CVSS8.5AI score0.32919EPSS
Exploits5References11
CBLMariner
CBLMariner
added 2021/04/06 11:50 p.m.53 views

CVE-2018-1000500 affecting package busybox 1.31.1-3

CVE-2018-1000500 affecting package busybox 1.31.1-3. An upgraded version of the package is available that resolves this issue...

8.1CVSS7.4AI score0.02462EPSS
Exploits0
Cloud Foundry
Cloud Foundry
added 2020/11/19 12:0 a.m.49 views

USN-4531-1: BusyBox vulnerability | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that the BusyBox wget applet incorrectly validated SSL certificates. A remote attacker could possibly use this issue to intercept secure communications. CVEs contained in this USN includ...

8.1CVSS8.8AI score0.02462EPSS
Exploits0Affected Software2
OpenVAS
OpenVAS
added 2020/09/23 12:0 a.m.40 views

Ubuntu: Security Advisory (USN-4531-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS9AI score0.02462EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/03/23 12:0 a.m.104 views

Huawei EulerOS: Security Advisory for busybox (EulerOS-SA-2020-1284)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.9AI score0.32919EPSS
Exploits3References2
Vulnrichment
Vulnrichment
added 2018/06/26 4:0 p.m.14 views

CVE-2018-1000500

Busybox contains a Missing SSL certificate validation vulnerability in The "busybox wget" applet that can result in arbitrary code execution. This attack appear to be exploitable via Simply download any file over HTTPS using "busybox wget https://compromised-domain.com/important-file"...

9AI score0.02462EPSS
Exploits0References3
CVE
CVE
added 2018/06/26 4:0 p.m.400 views

CVE-2018-1000500

CVE-2018-1000500 affects the BusyBox wget applet, where SSL certificate validation is missing. The vulnerability can enable arbitrary code execution when a user downloads an HTTPS file from a compromised domain, as described in multiple sources. The issue is tied to BusyBox’s wget SSL validation ...

8.1CVSS8.8AI score0.02462EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder