CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3589 matches found

Astra Linux – Vulnerability in grub2

A flaw was discovered in grub2 in versions prior to 2.06, where it incorrectly enabled the use of the ACPI command when Secure Boot was enabled. This flaw allows an attacker with privileged access to create a Secondary System Description Table SSDT containing code that can overwrite the Linux...

7.5CVSS6.8AI score0.01738EPSS

Exploits0References2

AstraLinux•added 6 days ago•5 views

Astra Linux – Vulnerability in edk2

In Ubuntu’s EDK2, a insecure default setting was left enabled, allowing UEFI Shell to be used. This enables an attacker with access to the operating system to bypass Secure Boot...

6.7CVSS6.4AI score0.00256EPSS

Exploits0References2

AstraLinux•added 6 days ago•4 views

Astra Linux – Vulnerability in grub2

A flaw was discovered in grub2 in versions prior to 2.06. The rmmod implementation allows the unloading of a module that serves as a dependency without checking whether any other dependent modules are still loaded, leading to a “use-after-free” scenario. This could allow arbitrary code to be...

8.2CVSS7AI score0.01152EPSS

Exploits0References2

AstraLinux•added 6 days ago•6 views

Astra Linux – Vulnerability in grub2

A flaw was discovered in the HFS filesystem. When reading the name of an HFS volume during the grubfsmount function, the HFS filesystem driver uses the user-provided volume name as input without properly verifying the length of that name. This issue may lead to a heap-based out-of-bounds write...

7.8CVSS6.7AI score0.00196EPSS

Exploits0References2

AstraLinux•added 6 days ago•3 views

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, if the IMA appraisal method is used with the “imaappraiselog” boot parameter, lockdown can be circumvented using kexec on any machine when Secure Boot is disabled or unavailable. IMA prevents the “imaappraiselog” parameter from being set during boot, but this does not cover...

6.7CVSS6.1AI score0.002EPSS

Exploits0References2

AstraLinux•added 6 days ago•6 views

Astra Linux – Vulnerability in grub2

A flaw was discovered in grub2. A specially crafted JPEG file can cause the JPEG parser in grub2 to incorrectly check the boundaries of its internal buffers, leading to an out-of-bounds write. The possibility of overwriting sensitive information to bypass secure boot protections is still a concer...

6.7CVSS6.4AI score0.00243EPSS

Exploits0References2

CERT•added 2026/06/18 12:0 a.m.•5 views

Vendor-signed UEFI applications found vulnerable to Secure Boot bypass

Overview Multiple vendor-signed UEFI applications are vulnerable to Secure Boot bypass via a "Bring Your Own Vulnerable Driver" BYOVD-style attack. If a target system trusts the affected vendor’s certificate, an attacker can exploit these applications to execute arbitrary code during the early...

8.2CVSS7.5AI score0.01036EPSS

Exploits1References7

SUSE CVE•added 2026/06/12 2:32 a.m.•9 views

SUSE CVE-2026-8863

Multiple Microsoft-sigend UEFI SHIM bootloaders are vulnerable to SecureBoot bypass. An attacker with administrative privileges or the ability to modify the boot process could use one of the vulnerable shim bootloaders to bypass Secure Boot protections and execute arbitrary code before the...

7.8CVSS6AI score0.00097EPSS

Exploits0References3