Lucene search
K

57 matches found

Vulnrichment
Vulnrichment
added 2025/03/03 2:25 p.m.15 views

CVE-2024-45779 Grub2: fs/bfs: integer overflow leads to heap oob read in the bfs parser

An integer overflow flaw was found in the BFS file system driver in grub2. When reading a file with an indirect extent map, grub2 fails to validate the number of extent entries to be read. A crafted or corrupted BFS filesystem may cause an integer overflow during the file reading, leading to a he...

6CVSS4.4AI score0.00262EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/03/03 2:25 p.m.16 views

CVE-2024-45779 Grub2: fs/bfs: integer overflow leads to heap oob read in the bfs parser

An integer overflow flaw was found in the BFS file system driver in grub2. When reading a file with an indirect extent map, grub2 fails to validate the number of extent entries to be read. A crafted or corrupted BFS filesystem may cause an integer overflow during the file reading, leading to a he...

6CVSS0.00262EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2025/03/03 2:25 p.m.5 views

CVE-2024-45779

An integer overflow flaw was found in the BFS file system driver in grub2. When reading a file with an indirect extent map, grub2 fails to validate the number of extent entries to be read. A crafted or corrupted BFS filesystem may cause an integer overflow during the file reading, leading to a he...

6CVSS5.8AI score0.00262EPSS
Exploits0
OSV
OSV
added 2025/02/28 3:34 p.m.6 views

OESA-2025-1217 grub2 security update

GNU GRUB is a Multiboot boot loader. It was derived from GRUB, the GRand Unified Bootloader, which was originally designed and implemented by Erich Stefan Boleyn. Security Fixes: A flaw was found in grub2. A specially crafted JPEG file can cause the JPEG parser of grub2 to incorrectly check the...

8.8CVSS8.4AI score0.01373EPSS
Exploits1References23
OSV
OSV
added 2025/02/28 3:34 p.m.5 views

OESA-2025-1216 grub2 security update

GNU GRUB is a Multiboot boot loader. It was derived from GRUB, the GRand Unified Bootloader, which was originally designed and implemented by Erich Stefan Boleyn. Security Fixes: A flaw was found in grub2. A specially crafted JPEG file can cause the JPEG parser of grub2 to incorrectly check the...

8.8CVSS8.4AI score0.01373EPSS
Exploits1References23
SUSE Linux
SUSE Linux
added 2025/02/20 9:42 p.m.4 views

Security update for grub2

This update for grub2 fixes the following issues: CVE-2024-45781: Fixed strcpy overflow in ufs. bsc1233617 CVE-2024-56737: Fixed a heap-based buffer overflow in hfs. bsc1234958 CVE-2024-45782: Fixed strcpy overflow in hfs. bsc1233615 CVE-2024-45780: Fixed an overflow in tar/cpio. bsc1233614...

8.9CVSS7.3AI score0.01373EPSS
Exploits1References88
SUSE CVE
SUSE CVE
added 2025/02/20 2:33 p.m.4 views

SUSE CVE-2024-45778

A stack overflow flaw was found when reading a BFS file system. A crafted BFS filesystem may lead to an uncontrolled loop, causing grub2 to crash...

3.9CVSS7AI score0.00272EPSS
Exploits0References12
SUSE CVE
SUSE CVE
added 2025/02/20 2:33 p.m.6 views

SUSE CVE-2024-45779

An integer overflow flaw was found in the BFS file system driver in grub2. When reading a file with an indirect extent map, grub2 fails to validate the number of extent entries to be read. A crafted or corrupted BFS filesystem may cause an integer overflow during the file reading, leading to a he...

6.4CVSS6.9AI score0.00262EPSS
Exploits0References12
SUSE Linux
SUSE Linux
added 2025/02/19 7:29 a.m.6 views

Security update for grub2

This update for grub2 fixes the following issues: CVE-2024-45781: Fixed strcpy overflow in ufs. bsc1233617 CVE-2024-56737: Fixed a heap-based buffer overflow in hfs. bsc1234958 CVE-2024-45782: Fixed strcpy overflow in hfs. bsc1233615 CVE-2024-45780: Fixed an overflow in tar/cpio. bsc1233614...

8.9CVSS7.3AI score0.01373EPSS
Exploits1References88
SUSE Linux
SUSE Linux
added 2025/02/19 7:29 a.m.7 views

Security update for grub2

This update for grub2 fixes the following issues: CVE-2024-45781: Fixed strcpy overflow in ufs. bsc1233617 CVE-2024-56737: Fixed a heap-based buffer overflow in hfs. bsc1234958 CVE-2024-45782: Fixed strcpy overflow in hfs. bsc1233615 CVE-2024-45780: Fixed an overflow in tar/cpio. bsc1233614...

8.9CVSS7.3AI score0.01373EPSS
Exploits1References94
RedhatCVE
RedhatCVE
added 2025/02/18 7:25 p.m.12 views

CVE-2024-45778

A stack overflow flaw was found when reading a BFS file system. A crafted BFS filesystem may lead to an uncontrolled loop, causing grub2 to crash. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria...

4.1CVSS7.1AI score0.00272EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/02/18 6:25 p.m.9 views

CVE-2024-45779

An integer overflow flaw was found in the BFS file system driver in grub2. When reading a file with an indirect extent map, grub2 fails to validate the number of extent entries to be read. A crafted or corrupted BFS filesystem may cause an integer overflow during the file reading, leading to a he...

6CVSS6.9AI score0.00262EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/01/01 12:0 a.m.3 views

PT-2025-7421

Name of the Vulnerable Software and Affected Versions fs/bfs affected versions not specified Description The issue is related to an integer overflow in the BFS parser, which can lead to a Heap OOB Read and potentially Write in the fs/bfs component. Recommendations At the moment, there is no...

6CVSS6.6AI score0.00272EPSS
Exploits0References139
Positive Technologies
Positive Technologies
added 2024/01/01 12:0 a.m.3 views

PT-2025-7420

Name of the Vulnerable Software and Affected Versions fs/bfs affected versions not specified Description The issue is related to an integer overflow in the BFS parser. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability...

5.5CVSS5.9AI score0.00272EPSS
Exploits0References137
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 8:9 p.m.3 views

Malicious code in bfs-hello-world (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 08afca1626800ca0dd2df0ebca0d8eee030193fa1ca08a8d21115db0d5bcbc6a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
Openbugbounty
Openbugbounty
added 2020/09/01 10:43 a.m.8 views

bfs-solutions.de Cross Site Scripting vulnerability OBB-1292514

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
exploitpack
exploitpack
added 2015/08/12 12:0 a.m.94 views

Microsoft Internet Explorer - CTreeNode::GetCascadedLang Use-After-Free (MS15-079)

Microsoft Internet Explorer - CTreeNode::GetCascadedLang Use-After-Free MS15-079 meta http-equiv="X-UA-Compatible" content="IE=10...

9.3CVSS0.3AI score0.33558EPSS
Exploits4
Rows per page
Query Builder