📦 Busybox

A stack overflow vulnerability in BusyBox's ash shell allows remote attackers to execute arbitrary code via crafted commands. This affects all systems running BusyBox versions before 1.35, particularl...

CVE-2021-42377 is a critical vulnerability in BusyBox's hush shell applet where an attacker-controlled pointer free leads to denial of service and potential remote code execution when processing a cra...

A directory traversal vulnerability in BusyBox's cpio command allows attackers to write files outside the intended extraction directory. This affects systems using BusyBox v1.33.2 with cpio functional...

CVE-2022-30065 is a use-after-free vulnerability in BusyBox's awk applet that can be triggered by processing a specially crafted awk pattern. This vulnerability allows attackers to cause denial of ser...

CVE-2021-42383 is a use-after-free vulnerability in BusyBox's awk applet that can be triggered by processing a specially crafted awk pattern. This vulnerability allows denial of service and potentiall...

CVE-2021-42385 is a use-after-free vulnerability in BusyBox's awk applet that can be triggered by processing a specially crafted awk pattern. This vulnerability allows denial of service and potentiall...

CVE-2021-42379 is a use-after-free vulnerability in BusyBox's awk applet that can be triggered by processing a specially crafted awk pattern. This could lead to denial of service or potentially remote...

A use-after-free vulnerability in BusyBox's awk applet allows attackers to cause denial of service or potentially execute arbitrary code by providing a specially crafted awk pattern. This affects syst...

BusyBox wget versions through 1.3.7 improperly accept raw CR/LF and C0 control characters in HTTP request targets, allowing attackers to split request lines and inject malicious headers. This vulnerab...