Lucene search
K

12 matches found

OpenVAS
OpenVAS
added 2022/11/29 12:0 a.m.39 views

SUSE: Security Advisory (SUSE-SU-2022:4253-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.2AI score0.32919EPSS
Exploits21References21
OpenVAS
OpenVAS
added 2022/02/01 12:0 a.m.40 views

openSUSE: Security Advisory for busybox (openSUSE-SU-2022:0135-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7.4AI score0.32919EPSS
Exploits21References2
OpenVAS
OpenVAS
added 2022/01/21 12:0 a.m.48 views

SUSE: Security Advisory (SUSE-SU-2022:0135-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.2AI score0.32919EPSS
Exploits21References17
Debian
Debian
added 2021/02/15 11:56 a.m.146 views

[SECURITY] [DLA 2559-1] busybox security update

Debian LTS Advisory DLA-2559-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany February 15, 2021 https://wiki.debian.org/LTS Package : busybox Version : 1:1.22.0-19+deb9u1 CVE ID : CVE-2011-5325 CVE-2015-9261 CVE-2016-2147 CVE-2016-2148 CVE-2017-15873 CVE-2017-165...

9.8CVSS7.3AI score0.32919EPSS
Exploits19
Tenable Nessus
Tenable Nessus
added 2019/10/02 12:0 a.m.185 views

ESXi 6.0 / 6.5 / 6.7 Multiple Vulnerabilities (VMSA-2019-0013)

The remote VMware ESXi host is version 6.0, 6.5 or 6.7 and is affected the following vulnerabilities: - A remote code execution vulnerability caused by a failure to sanitize filenames in the tab autocomplete feature of BusyBox. This allows an attacker to execute arbitrary code, write arbitrary...

8.8CVSS7.5AI score0.0624EPSS
Exploits12References3
VMware
VMware
added 2019/09/16 12:0 a.m.89 views

VMware ESXi and vCenter Server updates address command injection and information disclosure vulnerabilities. (CVE-2017-16544, CVE-2019-5531, CVE-2019-5532, CVE-2019-5534)

3a. VMware ESXi 'busybox' command injection vulnerability- CVE-2017-16544 ESXi contains a command injection vulnerability due to the use of vulnerable version of busybox that does not sanitize filenames which may result into executing any escape sequence in the shell. VMware has evaluated the...

6.5CVSS1AI score0.0624EPSS
Exploits12References24Affected Software2
VMware
VMware
added 2019/09/14 12:0 a.m.192 views

VMSA-2019-0013:VMware ESXi and vCenter Server updates address command injection and information disclosure vulnerabilities.

VMware Security Advisories Advisory ID| VMSA-2019-0013.1 ---|--- Advisory Severity| Important CVSSv3 Range| 4.2-7.7 Synopsis| VMware ESXi and vCenter Server updates address command injection and information disclosure vulnerabilities. CVE-2017-16544, CVE-2019-5531, CVE-2019-5532, CVE-2019-5534...

8.8CVSS7.6AI score0.0624EPSS
Exploits12References38Affected Software2
Tenable Nessus
Tenable Nessus
added 2018/03/27 12:0 a.m.54 views

GLSA-201803-12 : BusyBox: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201803-12 BusyBox: Multiple vulnerabilities Multiple vulnerabilities have been discovered in BusyBox. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly execute arbitrary code...

8.8CVSS7AI score0.0624EPSS
Exploits14References4
NVD
NVD
added 2017/11/20 3:29 p.m.30 views

CVE-2017-16544

In the addmatch function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code...

8.8CVSS9.2AI score0.0624EPSS
Exploits12References20
Vulnrichment
Vulnrichment
added 2017/11/20 3:0 p.m.13 views

CVE-2017-16544

In the addmatch function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code...

9.2AI score0.0624EPSS
Exploits12References20
Cvelist
Cvelist
added 2017/11/20 3:0 p.m.38 views

CVE-2017-16544

In the addmatch function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code...

9.1AI score0.0624EPSS
Exploits12References20
CVE
CVE
added 2017/11/20 3:0 p.m.398 views

CVE-2017-16544

CVE-2017-16544 affects BusyBox, specifically the add_match function in libbb/lineedit.c, where tab completion can execute an escape sequence in the terminal due to unsanitized filenames (vulnerable through 1.27.2). Multiple connected advisories confirm the issue and describe potential arbitrary c...

8.8CVSS8.4AI score0.0624EPSS
Exploits12References20Affected Software1
Rows per page
Query Builder