Filter

Versions

2.00
8
2.04
3
2.06
3
1.98
1
1.99
1
2.01
1
2.02
1

GRUB 2The grub's dump command is not blocked when grub is in lockdown mode. This allows the user to read a…

medium
4.4
First published (updated )
CVE-2025-1118

GRUB 2Grub2: command/gpg: use-after-free due to hooks not being removed on module unload

medium
6.4
First published (updated )
CVE-2025-0622

GRUB 2Use After Free

medium
4
First published (updated )
REDHAT-BUG-2345865

GRUB 2Grub2: fs/hfs+: refcount can be decremented twice

medium
4.4
First published (updated )
CVE-2024-45783

GRUB 2Grub2: fs/ufs: oob write in the heap

medium
6.7
First published (updated )
CVE-2024-45781

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

GRUB 2When reading a symbolic link's name from a UFS filesystem, grub2 fails to validate the string length…

medium
4
First published (updated )
REDHAT-BUG-2345857

GRUB 2Grub2: grub-core/gettext: integer overflow leads to heap oob write and read.

medium
6.7
First published (updated )
CVE-2024-45776

GRUB 2Grub2: commands/extcmd: missing check for failed allocation

medium
5.2
First published (updated )
CVE-2024-45775

GRUB 2A flaw was found in grub2. A specially crafted JPEG file can cause the JPEG parser of grub2 to incor…

medium
6.7
First published (updated )
CVE-2024-45774

GRUB 2grub2 allows bypassing TPM-bound disk encryption on SL(E)M encrypted Images

high
7
First published (updated )
CVE-2024-49504

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Red Hat Enterprise LinuxGrub2: grub2-set-bootflag can be abused by local (pseudo-)users

low
3.3
First published (updated )
CVE-2024-1048

CVE-2023-4692, CVE-2023-4693: grub2: OOB write, read via specially crafted NTFS filesystem

First published (updated )
https://seclists.org/oss-sec/2023/q4/40

CVE-2023-4692, CVE-2023-4693: grub2: OOB write, read via specially crafted NTFS filesystem

First published (updated )
https://seclists.org/oss-sec/2023/q4/37

ubuntu/grub2-unsignedGrub2: out-of-bounds read at fs/ntfs.c

medium
5.3
First published (updated )
CVE-2023-4693

ubuntu/grub2-unsignedGrub2: out-of-bounds write at fs/ntfs.c may lead to unsigned code execution

high
7.8
First published (updated )
CVE-2023-4692

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

FedoraGrub2: bypass the grub password protection feature

medium
6.8
First published (updated )
CVE-2023-4001

Microsoft Windows 10Redhat: CVE-2022-3775 grub2 - Heap based out-of-bounds write when rendering certain Unicode sequence…

high
7.1
First published (updated )
CVE-2022-3775

Microsoft Windows 10Buffer Overflow

high
8.6
First published (updated )
CVE-2022-2601

redhat/grub2There's a use-after-free vulnerability in grub_cmd_chainloader() function

high
7.8
First published (updated )
CVE-2022-28736

redhat/grub2A flaw was found in grub2. The shim_lock verifier from grub2 allows non-kernel files to be loaded wh…

high
7.8
First published (updated )
CVE-2022-28735

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

redhat/grub2Out-of-bounds write when handling split HTTP headers

critical
9.8
First published (updated )
CVE-2022-28734

redhat/grub2Integer underflow in grub_net_recv_ip4_packets

high
8.1
First published (updated )
CVE-2022-28733

GRUB 2grub2-once uses fixed file name in /var/tmp

medium
5.1
First published (updated )
CVE-2021-46705

debian/grub2GRUB2 grub.cfg configuration file is created with the wrong permission (0644) allowing unprivileged …

low
3.3
First published (updated )
CVE-2021-3981

GRUB 2GRUB2 grub.cfg configuration file is created with the wrong permission (0644) allowing unprivileged …

low
1
First published (updated )
REDHAT-BUG-2024170

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

redhat/grub2A flaw was found in grub2 when handling JPEG images. This flaw allows an attacker to craft a malicio…

high
7.5
First published (updated )
CVE-2021-3697

redhat/grub2A flaw was found in grub2 when handling a PNG image header. When decoding the data contained in the …

medium
6.9
First published (updated )
CVE-2021-3696

redhat/grub2A flaw was found in grub 2, where a crafted 16-bit grayscale PNG image may lead to an out-of-bounds …

high
7.5
First published (updated )
CVE-2021-3695

redhat/grubIf certificates that signed grub are installed into db, grub can be booted directly. It will then bo…

medium
6.4
First published (updated )
CVE-2021-3418

redhat enterprise Linux server ausThere's a flaw on grub2 menu rendering code setparam_prefix() in the menu rendering code performs a …

high
8.2
First published (updated )
CVE-2021-20233

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203