Filter
GRUB 2The grub's dump command is not blocked when grub is in lockdown mode. This allows the user to read a…
4.4
First published (updated )
GRUB 2Grub2: commands/extcmd: missing check for failed allocation
5.2
First published (updated )
GRUB 2Grub2: grub-core/gettext: integer overflow leads to heap oob write and read.
6.7
First published (updated )
GRUB 2Grub2: fs/hfs+: refcount can be decremented twice
4.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
GRUB 2A flaw was found in grub2. A specially crafted JPEG file can cause the JPEG parser of grub2 to incor…
6.7
First published (updated )
GRUB 2Grub2: command/gpg: use-after-free due to hooks not being removed on module unload
6.4
First published (updated )
GRUB 2When reading a symbolic link's name from a UFS filesystem, grub2 fails to validate the string length…
First published (updated )
FedoraGrub2: bypass the grub password protection feature
6.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Red Hat Enterprise LinuxGrub2: grub2-set-bootflag can be abused by local (pseudo-)users
3.3
First published (updated )
ubuntu/grub2-unsignedGrub2: out-of-bounds read at fs/ntfs.c
5.3
First published (updated )
ubuntu/grub2-unsignedGrub2: out-of-bounds write at fs/ntfs.c may lead to unsigned code execution
7.8
First published (updated )
GRUB 2grub2 allows bypassing TPM-bound disk encryption on SL(E)M encrypted Images
7
First published (updated )
redhat/grub2Integer underflow in grub_net_recv_ip4_packets
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/grub2A flaw was found in grub2. The shim_lock verifier from grub2 allows non-kernel files to be loaded wh…
7.8
First published (updated )
redhat/grub2There's a use-after-free vulnerability in grub_cmd_chainloader() function
7.8
First published (updated )
redhat/grub2GRUB2 contained integer overflows when handling the initrd command, leading to a heap-based buffer overflow.
6.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/grub2GRUB2: avoid loading unsigned kernels when GRUB is booted directly under secureboot without shim
6.4
First published (updated )
redhat/grub2GRUB2 contains a race condition leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing.
6.4
First published (updated )
Microsoft Windows 10Redhat: CVE-2022-3775 grub2 - Heap based out-of-bounds write when rendering certain Unicode sequence…
7.1
First published (updated )
GRUB 2A flaw was found in the grub2-set-bootflag utility of grub2. When the utility is run under resource …
5.9
First published (updated )
redhat enterprise Linux server ausThe grub2's cutmem command does not honor secure boot locking. This allows an privileged attacker to…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat enterprise Linux server ausgrub_parser_split_cmdline expands variable names present in the supplied command line in to their co…
7.2
First published (updated )
redhat enterprise Linux server ausA flaw was found in grub2 in versions prior to 2.06. During USB device initialization, descriptors a…
7.6
First published (updated )
redhat enterprise Linux server ausGRUB2 enables the use of the command acpi even when secure boot is signaled by the firmware. An atta…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.