Lucene search
K

7 matches found

OSV
OSV
added 2026/04/11 2:5 p.m.5 views

OESA-2026-1880 busybox security update

BusyBox combines tiny versions of many common UNIX utilities into a single small executable. It provides replacements for most of the utilities you usually find in GNU fileutils, shellutils, etc. It provides a fairly complete environment for any small or embedded system. Security Fixes: BusyBox...

6.5CVSS7.1AI score0.00285EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2026/03/16 12:0 a.m.8 views

SUSE: Security Advisory (SUSE-SU-2026:0872-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS5.8AI score0.02793EPSS
Exploits6References11
OpenVAS
OpenVAS
added 2026/01/26 12:0 a.m.1 views

openSUSE Security Advisory (SUSE-SU-2026:0236-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS5.9AI score0.00285EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2026/01/24 12:0 a.m.3 views

SUSE SLED15 / SLES15 Security Update : busybox (SUSE-SU-2026:0235-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0235-1 advisory. Security issues: - CVE-2025-46394: Fixed tar hidden files via escape sequence CVE-2025-46394, bsc1241661 -...

6.5CVSS5.7AI score0.00285EPSS
Exploits1References9
NVD
NVD
added 2025/11/10 8:15 p.m.5 views

CVE-2025-60876

BusyBox wget thru 1.3.7 accepted raw CR 0x0D/LF 0x0A and other C0 control bytes in the HTTP request-target path/query, allowing the request line to be split and attacker-controlled headers to be injected. To preserve the HTTP/1.1 request-line shape METHOD SP request-target SP HTTP/1.1, a raw spac...

6.5CVSS0.00285EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/11/10 12:0 a.m.2 views

CVE-2025-60876

BusyBox wget thru 1.3.7 accepted raw CR 0x0D/LF 0x0A and other C0 control bytes in the HTTP request-target path/query, allowing the request line to be split and attacker-controlled headers to be injected. To preserve the HTTP/1.1 request-line shape METHOD SP request-target SP HTTP/1.1, a raw spac...

6.2AI score0.00285EPSS
Exploits1References3
CVE
CVE
added 2025/11/10 12:0 a.m.111 views

CVE-2025-60876

CVE-2025-60876 affects BusyBox wget up to 1.3.7. The issue stems from accepting raw CR (0x0D)/LF (0x0A) and other C0 control bytes in the HTTP request-target, allowing the request-line to be split and attacker-controlled headers to be injected. To preserve the HTTP/1.1 request-line shape, a raw s...

6.5CVSS6.5AI score0.00285EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder