EulerOS 2.0 SP13 : busybox (EulerOS-SA-2026-2324)

According to the versions of the busybox packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : BusyBox wget thru 1.3.7 accepted raw CR 0x0D/LF 0x0A and other C0 control bytes in the HTTP request- target path/query, allowing the request line...

CVE-2026-26158 affecting package busybox for versions less than 1.36.1-22

CVE-2026-26158 affecting package busybox for versions less than 1.36.1-22. A patched version of the package is available...

CVE-2026-26157 affecting package busybox for versions less than 1.36.1-22

CVE-2026-26157 affecting package busybox for versions less than 1.36.1-22. A patched version of the package is available...

CVE-2026-26157 affecting package busybox for versions less than 1.35.0-17

CVE-2026-26157 affecting package busybox for versions less than 1.35.0-17. A patched version of the package is available...

CVE-2026-26158 Busybox: busybox: arbitrary file modification and privilege escalation via unvalidated tar archive entries

A flaw was found in BusyBox. This vulnerability allows an attacker to modify files outside of the intended extraction directory by crafting a malicious tar archive containing unvalidated hardlink or symlink entries. If the tar archive is extracted with elevated privileges, this flaw can lead to...

EUVD-2019-15320

Malware in sbrugna...

EUVD-2017-7737

Malware in sbrugna...

EUVD-2014-9455

Malware in sbrugna...

EUVD-2018-1898

Malware in sbrugna...

EUVD-2022-32836

Malicious code in bioql PyPI...

EUVD-2023-43510

Malicious code in bioql PyPI...

EulerOS 2.0 SP10 : busybox (EulerOS-SA-2025-2091)

According to the versions of the busybox package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue in the CPIO command of Busybox v1.33.2 allows attackers to execute a directory traversal.CVE-2023-39810 Tenable has extracted the precedi...

K000152680: BusyBox vulnerability CVE-2024-58251

Security Advisory Description In netstat in BusyBox through 1.37.0, local users can launch of network application with an argv0 containing an ANSI terminal escape sequence, leading to a denial of service terminal locked up when netstat is used by a victim. CVE-2024-58251 Impact Attackers can laun...

K000152678: BusyBox vulnerability CVE-2025-46394

Security Advisory Description In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences. CVE-2025-46394 Impact An attacker could exploit this vulnerability by creating a TAR archive containing malicious files with names...

Azure Linux 3.0 Security Update: busybox (CVE-2022-48174)

The version of busybox installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-48174 advisory. - There is a stack overflow vulnerability in ash.c:6030 in busybox before 1.35. In the environment of Interne...

CVE-2025-46394

CVE-2025-46394 affects BusyBox tar up to version 1.37.0. A TAR archive can misuse terminal escape sequences to hide filenames from listings, causing a mismatch between on-disk contents and what is shown to the user. The vulnerability is a UI misinformation issue (CWE-451) with low overall impact ...

CVE-2024-58251

In netstat in BusyBox through 1.37.0, local users can launch of network application with an argv0 containing an ANSI terminal escape sequence, leading to a denial of service terminal locked up when netstat is used by a victim...

CVE-2024-58251

In netstat in BusyBox through 1.37.0, local users can launch of network application with an argv0 containing an ANSI terminal escape sequence, leading to a denial of service terminal locked up when netstat is used by a victim...

CBL Mariner 2.0 Security Update: busybox (CVE-2022-48174)

The version of busybox installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-48174 advisory. - There is a stack overflow vulnerability in ash.c:6030 in busybox before 1.35. In the environment of Interne...

Azure Linux 3.0 Security Update: busybox (CVE-2023-42365)

The version of busybox installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-42365 advisory. - A use-after-free vulnerability was discovered in BusyBox v.1.36.1 via a crafted awk pattern in the awk.c...