Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1399 matches found

OSV
OSVadded 2020/07/31 10:15 p.m.2 views

DEBIAN-CVE-2020-14311

There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesystem containing a symbolic link with an inode size of UINT32MAX causes an arithmetic overflow leading to a zero-sized memory allocation with subsequent heap-based buffer overflow...

6CVSS7.2AI score0.00469EPSS
Exploits0References1
Cvelist
Cvelistadded 2020/07/31 8:56 p.m.26 views

CVE-2020-14311

There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesystem containing a symbolic link with an inode size of UINT32MAX causes an arithmetic overflow leading to a zero-sized memory allocation with subsequent heap-based buffer overflow...

5.7CVSS7.2AI score0.00469EPSS
Exploits0References8
CVE
CVEadded 2020/07/31 8:56 p.m.302 views

CVE-2020-14311

CVE-2020-14311 affects grub2 up to version 2.06 where handling of symlinks on ext filesystems can trigger an arithmetic overflow when a filesystem contains a symbolic link with an inode size of UINT32_MAX. This overflow leads to a zero-sized memory allocation and a subsequent heap-based buffer ov...

6CVSS7AI score0.00469EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVEadded 2020/07/31 8:56 p.m.23 views

CVE-2020-14311

There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesystem containing a symbolic link with an inode size of UINT32MAX causes an arithmetic overflow leading to a zero-sized memory allocation with subsequent heap-based buffer overflow...

6CVSS7.2AI score0.00469EPSS
Exploits0
AlpineLinux
AlpineLinuxadded 2020/07/31 8:56 p.m.42 views

CVE-2020-14311

There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesystem containing a symbolic link with an inode size of UINT32MAX causes an arithmetic overflow leading to a zero-sized memory allocation with subsequent heap-based buffer overflow...

6CVSS7.4AI score0.00469EPSS
Exploits0
OSV
OSVadded 2020/07/30 1:15 p.m.33 views

CVE-2020-14309

There's an issue with grub2 in all versions before 2.06 when handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size. The name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buffer overflow with attacke...

6.7CVSS4AI score
Exploits0References6
NVD
NVDadded 2020/07/30 1:15 p.m.19 views

CVE-2020-14309

There's an issue with grub2 in all versions before 2.06 when handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size. The name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buffer overflow with attacke...

6.7CVSS7.3AI score0.00486EPSS
Exploits0References6
CVE
CVEadded 2020/07/30 12:49 p.m.260 views

CVE-2020-14309

GRUB2 CVE-2020-14309 affects grub2

6.7CVSS7.2AI score0.00486EPSS
Exploits0References6Affected Software1
Cvelist
Cvelistadded 2020/07/30 12:49 p.m.18 views

CVE-2020-14309

There's an issue with grub2 in all versions before 2.06 when handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size. The name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buffer overflow with attacke...

7.4AI score0.00486EPSS
Exploits0References6
Debian CVE
Debian CVEadded 2020/07/30 12:49 p.m.39 views

CVE-2020-14309

There's an issue with grub2 in all versions before 2.06 when handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size. The name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buffer overflow with attacke...

6.7CVSS7.1AI score0.00486EPSS
Exploits0
AlpineLinux
AlpineLinuxadded 2020/07/30 12:49 p.m.42 views

CVE-2020-14309

There's an issue with grub2 in all versions before 2.06 when handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size. The name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buffer overflow with attacke...

6.7CVSS7.5AI score0.00486EPSS
Exploits0
RedHat Linux
RedHat Linuxadded 2020/07/29 8:16 p.m.1 views

grub2: grub_malloc does not validate allocation size allowing for arithmetic overflow and subsequent heap-based buffer overflow

A flaw was found in current grub2 versions as shipped with Red Hat Enterprise Linux 7 and 8, where the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This issue leads the function to return invalid memory allocations, causing heap-based...

6.4CVSS7.2AI score0.00436EPSS
Exploits0References4
OSV
OSVadded 2020/07/29 8:15 p.m.1 views

ALPINE-CVE-2020-14308

In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the function to return invalid memory allocations which can be further used to cause possible integrity, confidentiality and availability impacts...

6.4CVSS6.9AI score0.00436EPSS
Exploits0References1
NVD
NVDadded 2020/07/29 8:15 p.m.21 views

CVE-2020-14308

In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the function to return invalid memory allocations which can be further used to cause possible integrity, confidentiality and availability impacts...

6.4CVSS7AI score0.00436EPSS
Exploits0References10
Prion
Prionadded 2020/07/29 8:15 p.m.40 views

Buffer overflow

In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the function to return invalid memory allocations which can be further used to cause possible integrity, confidentiality and availability impacts...

4.4CVSS6.7AI score0.00436EPSS
Exploits0References10Affected Software2
RedHat Linux
RedHat Linuxadded 2020/07/29 7:42 p.m.3 views

grub2: grub_malloc does not validate allocation size allowing for arithmetic overflow and subsequent heap-based buffer overflow

A flaw was found in current grub2 versions as shipped with Red Hat Enterprise Linux 7 and 8, where the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This issue leads the function to return invalid memory allocations, causing heap-based...

6.4CVSS7.2AI score0.00436EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2020/07/29 7:40 p.m.0 views

grub2: Integer overflow in grub_ext2_read_link leads to heap-based buffer overflow

A flaw was found in grub2 while handling symlink on ext filesystems. A filesystem containing a symbolic link with an inode size of UINT32MAX causes an arithmetic overflow, leading to a zero-sized memory allocation with a subsequent heap-based buffer overflow. The highest threat from this...

6CVSS7.6AI score0.00469EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2020/07/29 7:40 p.m.1 views

grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow

A flaw was found in grub2. An expected font value is not verified before proceeding with buffer allocations allowing an attacker to use a malicious font file to create an arithmetic overflow, zero-sized allocation, and further heap-based buffer overflow. The highest threat from this vulnerability...

6CVSS7.6AI score0.00482EPSS
Exploits0References4
Cvelist
Cvelistadded 2020/07/29 7:3 p.m.21 views

CVE-2020-14308

In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the function to return invalid memory allocations which can be further used to cause possible integrity, confidentiality and availability impacts...

7.1AI score0.00436EPSS
Exploits0References10
Debian CVE
Debian CVEadded 2020/07/29 7:3 p.m.28 views

CVE-2020-14308

In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the function to return invalid memory allocations which can be further used to cause possible integrity, confidentiality and availability impacts...

6.4CVSS6.9AI score0.00436EPSS
Exploits0
Rows per page
Query Builder