Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-42365: Invalid Bug ID

A use-after-free vulnerability was discovered in BusyBox v.1.36.1 via a crafted awk pattern in the awk.c copyvar function.

CVE
#vulnerability

‘15871?cve=title’ is not a valid bug number nor an alias to a bug.

Please press Back and try again.

Related news

Ubuntu Security Notice USN-6961-1

Ubuntu Security Notice 6961-1 - It was discovered that BusyBox did not properly validate user input when performing certain arithmetic operations. If a user or automated system were tricked into processing a specially crafted file, an attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. It was discovered that BusyBox incorrectly managed memory when evaluating certain awk expressions. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. This issue only affected Ubuntu 24.04 LTS.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907