782 matches found
CVE-2023-42365
A use-after-free vulnerability was discovered in BusyBox v.1.36.1 via a crafted awk pattern in the awk.c copyvar function...
CVE-2023-42364
A use-after-free vulnerability in BusyBox v.1.36.1 allows attackers to cause a denial of service via a crafted awk pattern in the awk.c evaluate function...
UBUNTU-CVE-2023-42364
A use-after-free vulnerability in BusyBox v.1.36.1 allows attackers to cause a denial of service via a crafted awk pattern in the awk.c evaluate function...
Design/Logic Flaw
A use-after-free vulnerability in BusyBox v.1.36.1 allows attackers to cause a denial of service via a crafted awk pattern in the awk.c evaluate function...
UBUNTU-CVE-2023-42366
A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in the nexttoken function at awk.c:1159...
UBUNTU-CVE-2023-42365
A use-after-free vulnerability was discovered in BusyBox v.1.36.1 via a crafted awk pattern in the awk.c copyvar function...
CVE-2023-42365
A use-after-free vulnerability was discovered in BusyBox v.1.36.1 via a crafted awk pattern in the awk.c copyvar function...
CVE-2023-42365
A use-after-free vulnerability was discovered in BusyBox v.1.36.1 via a crafted awk pattern in the awk.c copyvar function...
CVE-2023-42364
A use-after-free vulnerability in BusyBox v.1.36.1 allows attackers to cause a denial of service via a crafted awk pattern in the awk.c evaluate function...
CVE-2023-42364
CVE-2023-42364 describes a use-after-free in BusyBox v1.36.1’s awk.c evaluate function that can cause a denial of service via a crafted awk pattern. The Astra Linux security bulletin reiterates the same BusyBox vulnerability. Public details specify the vulnerability and affected binary, but there...
CVE-2023-42364
A use-after-free vulnerability in BusyBox v.1.36.1 allows attackers to cause a denial of service via a crafted awk pattern in the awk.c evaluate function...
CVE-2023-42365
A use-after-free vulnerability was discovered in BusyBox v.1.36.1 via a crafted awk pattern in the awk.c copyvar function...
CVE-2023-42365
A use-after-free vulnerability was discovered in BusyBox v.1.36.1 via a crafted awk pattern in the awk.c copyvar function...
PT-2023-7296
Name of the Vulnerable Software and Affected Versions BusyBox version 1.36.1 Description The issue is related to a use-after-free vulnerability in the evaluate function of the awk.c file in the BusyBox set of UNIX utilities. This vulnerability can be exploited by attackers to cause a denial of...
CVE-2023-42364
A use-after-free vulnerability in BusyBox v.1.36.1 allows attackers to cause a denial of service via a crafted awk pattern in the awk.c evaluate function...
The vulnerability in the builtin.c component allows for data reformatting according to specified templates using Gawk. This enables an attacker to gain unauthorized access to protected information or cause service failures.
The vulnerability of the builtin.c component, related to data reformatting functions using the Gawk template engine, stems from the operation of writing data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected...
USN-6373-1 gawk vulnerability
It was discovered that gawk could be made to read out of bounds when processing certain inputs. If a user or an automated system were tricked into opening a specially crafted input, an attacker could possibly use this issue to cause a denial of service...
Moxa AWK-3131A Series Industrial AP/Bridge/Client Out-of-Bounds Read (CVE-2019-5148)
An exploitable denial-of-service vulnerability exists in ServiceAgent functionality of the Moxa AWK-3131A, firmware version 1.13. A specially crafted packet can cause an integer underflow, triggering a large memcpy that will access unmapped or out-of-bounds memory. An attacker can send this packe...
Moxa AWK-3131A Series Industrial AP/Bridge/Client Improper Neutralization of Special Elements Used in an OS Command (CVE-2019-5142)
An exploitable command injection vulnerability exists in the hostname functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted entry to network configuration information can cause execution of arbitrary system commands, resulting in full control of the device. An attacker ca...
Moxa AWK-3131A Series Industrial AP/Bridge/Client Buffer Copy Without Checking Size of Input (CVE-2019-5143)
An exploitable format string vulnerability exists in the iwconsole coniowritestr functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted time server entry can cause an overflow of the time server buffer, resulting in remote code execution. An attacker can send commands whil...