1703 matches found
Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: busybox: busybox-1.37.0-7.2.hum1 aarch64, x8664 busybox-petitboot-1.37.0-7.2.hum1 aarch64, x8664 busybox-shared-1.37.0-7.2.hum1 aarch64, x8664 busybox-1.37.0-7.2.hum1.src src Security Fixes:...
CVE-2026-43530
OpenClaw versions 2026.2.23 before 2026.4.12 contain a weakened exec approval binding vulnerability in busybox and toybox applet execution that allows attackers to obscure which applet would actually run. Attackers can exploit opaque multi-call binaries to bypass exec approval mechanisms and weak...
CVE-2026-43530
OpenClaw 2026.2.23 before 2026.4.12 is affected by a weakened exec approval binding vulnerability in busybox and toybox applet execution. The issue allows an attacker to obscure which applet would run by exploiting opaque multi-call binaries to bypass exec-approval mechanisms and degrade risk ass...
CVE-2026-43530
OpenClaw versions 2026.2.23 before 2026.4.12 contain a weakened exec approval binding vulnerability in busybox and toybox applet execution that allows attackers to obscure which applet would actually run. Attackers can exploit opaque multi-call binaries to bypass exec approval mechanisms and weak...
EUVD-2026-27271
OpenClaw versions 2026.2.23 before 2026.4.12 contain a weakened exec approval binding vulnerability in busybox and toybox applet execution that allows attackers to obscure which applet would actually run. Attackers can exploit opaque multi-call binaries to bypass exec approval mechanisms and weak...
CVE-2026-43530 OpenClaw 2026.2.23 < 2026.4.12 - Weakened Exec Approval Binding via busybox and toybox Applet Execution
OpenClaw versions 2026.2.23 before 2026.4.12 contain a weakened exec approval binding vulnerability in busybox and toybox applet execution that allows attackers to obscure which applet would actually run. Attackers can exploit opaque multi-call binaries to bypass exec approval mechanisms and weak...
CVE-2026-43530 OpenClaw 2026.2.23 < 2026.4.12 - Weakened Exec Approval Binding via busybox and toybox Applet Execution
OpenClaw versions 2026.2.23 before 2026.4.12 contain a weakened exec approval binding vulnerability in busybox and toybox applet execution that allows attackers to obscure which applet would actually run. Attackers can exploit opaque multi-call binaries to bypass exec approval mechanisms and weak...
📄 BusyBox 1.37.0 Path Traversal
BusyBox version 1.37.0 suffers from a path traversal vulnerability. Exploit Title: BusyBox 1.37.0 - Path Traversal Google Dork: N/A Date: 2026-02-11 Exploit Author: Calil Khalil Vendor Homepage: https://busybox.net Software Link: https://busybox.net/downloads/ Version: BusyBox 1.36.1, 1.37.0 Test...
OpenClaw 安全漏洞
OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Version 2026.2.23 to 2026.4.12 of OpenClaw contained security vulnerabilities. These vulnerabilities stemmed from weakened exec approval binding during the execution of busybox and toybox mini-programs. This could...
CVE-2026-29004
BusyBox before commit 42202bf contains a heap buffer overflow vulnerability in the DHCPv6 client udhcpc6 DNSSERVERS option handler in networking/udhcp/d6dhcpc.c that allows network-adjacent attackers to trigger memory corruption by sending a crafted DHCPv6 response with a malformed D6OPTDNSSERVER...
DEBIAN-CVE-2026-29004
BusyBox before commit 42202bf contains a heap buffer overflow vulnerability in the DHCPv6 client udhcpc6 DNSSERVERS option handler in networking/udhcp/d6dhcpc.c that allows network-adjacent attackers to trigger memory corruption by sending a crafted DHCPv6 response with a malformed D6OPTDNSSERVER...
CVE-2026-29004
BusyBox before commit 42202bf contains a heap buffer overflow vulnerability in the DHCPv6 client udhcpc6 DNSSERVERS option handler in networking/udhcp/d6dhcpc.c that allows network-adjacent attackers to trigger memory corruption by sending a crafted DHCPv6 response with a malformed D6OPTDNSSERVER...
UBUNTU-CVE-2026-29004
BusyBox before commit 42202bf contains a heap buffer overflow vulnerability in the DHCPv6 client udhcpc6 DNSSERVERS option handler in networking/udhcp/d6dhcpc.c that allows network-adjacent attackers to trigger memory corruption by sending a crafted DHCPv6 response with a malformed D6OPTDNSSERVER...
CVE-2026-29004 BusyBox DHCPv6 Client Heap Buffer Overflow via DNS_SERVERS
BusyBox before commit 42202bf contains a heap buffer overflow vulnerability in the DHCPv6 client udhcpc6 DNSSERVERS option handler in networking/udhcp/d6dhcpc.c that allows network-adjacent attackers to trigger memory corruption by sending a crafted DHCPv6 response with a malformed D6OPTDNSSERVER...
CVE-2026-29004
BusyBox prior to commit 42202bf contains a heap buffer overflow in the DHCPv6 client (udhcpc6) DNS_SERVERS option handler (networking/udhcp/d6_dhcpc.c). Attackers on the network-adjacent path can trigger memory corruption by sending a crafted DHCPv6 response with a malformed D6_OPT_DNS_SERVERS op...
CVE-2026-29004
BusyBox before commit 42202bf contains a heap buffer overflow vulnerability in the DHCPv6 client udhcpc6 DNSSERVERS option handler in networking/udhcp/d6dhcpc.c that allows network-adjacent attackers to trigger memory corruption by sending a crafted DHCPv6 response with a malformed D6OPTDNSSERVER...
EUVD-2026-27043
BusyBox before commit 42202bf contains a heap buffer overflow vulnerability in the DHCPv6 client udhcpc6 DNSSERVERS option handler in networking/udhcp/d6dhcpc.c that allows network-adjacent attackers to trigger memory corruption by sending a crafted DHCPv6 response with a malformed D6OPTDNSSERVER...
CVE-2026-29004 BusyBox DHCPv6 Client Heap Buffer Overflow via DNS_SERVERS
BusyBox before commit 42202bf contains a heap buffer overflow vulnerability in the DHCPv6 client udhcpc6 DNSSERVERS option handler in networking/udhcp/d6dhcpc.c that allows network-adjacent attackers to trigger memory corruption by sending a crafted DHCPv6 response with a malformed D6OPTDNSSERVER...
CVE-2026-29004
BusyBox before commit 42202bf contains a heap buffer overflow vulnerability in the DHCPv6 client udhcpc6 DNSSERVERS option handler in networking/udhcp/d6dhcpc.c that allows network-adjacent attackers to trigger memory corruption by sending a crafted DHCPv6 response with a malformed D6OPTDNSSERVER...
BusyBox 安全漏洞
BusyBox is a set of applications developed by Denis Vlasenko from Ukraine. It contains multiple Linux commands and tools. There is a security vulnerability in BusyBox, which stems from a heap buffer overflow in the DNSSERVERS option handler of the DHCPv6 client udhcpc6. This vulnerability allows...