Lucene search
K

46 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/07 12:0 a.m.7 views

Oracle Linux 7 : grub2 (ELSA-2026-5233)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-5233 advisory. - Unregister gettext command on module unload CVE-2025-61662Orabug: 39112125 - Fix OOB write in grubnetsearchconfigfile CVE-2025-0624 Orabug: 37770226 - Add to...

8.6CVSS6.9AI score0.01373EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.6 views

TencentOS Server 3: grub2, mokutil, shim, and shim-unsigned-x64 (TSSA-2022:0134)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0134 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

8.1CVSS7.4AI score0.01284EPSS
Exploits0References9
OSV
OSV
added 2024/08/21 7:58 p.m.16 views

CLSA-2024-1724266264 grub2: Fix of 12 CVEs

Fix package version number - Use CloudLinux vendor cert - Make this package installable only on a system having Cloudlinux signed components: grub2 and kernel - Add patches from centos-8.5 ELS: - CVE-2021-3695: out-of-bounds write in the heap area by a crafted 16-bit grayscale PNG image -...

8.6CVSS7.2AI score0.01588EPSS
Exploits2References1
CBLMariner
CBLMariner
added 2024/03/19 5:21 p.m.21 views

CVE-2021-3697 affecting package grub2 for versions less than 2.06-14

CVE-2021-3697 affecting package grub2 for versions less than 2.06-14. A patched version of the package is available...

7CVSS7.7AI score0.00456EPSS
Exploits0
CBLMariner
CBLMariner
added 2023/11/08 2:7 a.m.17 views

CVE-2021-3697 affecting package grub2 for versions less than 2.06-12

CVE-2021-3697 affecting package grub2 for versions less than 2.06-12. A patched version of the package is available...

7CVSS7.7AI score0.00456EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/05/25 12:0 a.m.23 views

Oracle Linux 8 : grub2 (ELSA-2022-9471)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9471 advisory. - Add CVE-2022-28736 to the list JIRA: OLDIS-16371 - Fix: CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735...

8.1CVSS6.6AI score0.01284EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2023/03/21 12:0 a.m.78 views

Amazon Linux 2023 : grub2-common, grub2-efi-aa64, grub2-efi-aa64-cdboot (ALAS2023-2023-020)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-020 advisory. A flaw was found in grub 2, where a crafted 16-bit grayscale PNG image may lead to an out-of-bounds write. This flaw allows an attacker to corrupt the data on the heap portion of the grub2's...

8.6CVSS7.4AI score0.01284EPSS
Exploits0References22
OpenVAS
OpenVAS
added 2022/12/28 12:0 a.m.26 views

Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2022-2883)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS6.9AI score0.01284EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/11/16 12:0 a.m.24 views

AlmaLinux 9 : grub2, mokutil, shim, and shim-unsigned-x64 (ALSA-2022:5099)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:5099 advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C...

8.1CVSS6.5AI score0.01284EPSS
Exploits0References9
OpenVAS
OpenVAS
added 2022/10/12 12:0 a.m.17 views

Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2022-2562)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.1AI score0.01434EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/10/10 12:0 a.m.24 views

EulerOS Virtualization 3.0.6.0 : grub2 (EulerOS-SA-2022-2562)

According to the versions of the grub2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects...

8.1CVSS7.2AI score0.01434EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2022/09/26 12:0 a.m.24 views

Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2022-2381)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS6.8AI score0.01284EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/09/14 12:0 a.m.29 views

Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2022-2318)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS6.9AI score0.01284EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/09/14 12:0 a.m.28 views

Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2022-2289)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS6.9AI score0.01284EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/08/18 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2022-2255)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS6.9AI score0.01284EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/07/08 12:0 a.m.76 views

Rocky Linux 8 : grub2, mokutil, shim, and shim-unsigned-x64 (RLSA-2022:5095)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:5095 advisory. - A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. This may lead to data corruption in the heap space...

8.1CVSS7.5AI score0.01284EPSS
Exploits0References17
OSV
OSV
added 2022/07/06 4:15 p.m.6 views

AZL-31036 CVE-2021-3697 affecting package grub2 for versions less than 2.06-12

A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. To a successful to be performed the attacker needs to perform some triage over the heap layout and craft an image with a malicious format and payload. This vulnerabili...

7CVSS7.6AI score0.00456EPSS
Exploits0References1
NVD
NVD
added 2022/07/06 4:15 p.m.26 views

CVE-2021-3697

A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. To a successful to be performed the attacker needs to perform some triage over the heap layout and craft an image with a malicious format and payload. This vulnerabili...

7CVSS0.00456EPSS
Exploits0References3
OSV
OSV
added 2022/07/06 4:15 p.m.8 views

AZL-34785 CVE-2021-3697 affecting package grub2 for versions less than 2.06-14

A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. To a successful to be performed the attacker needs to perform some triage over the heap layout and craft an image with a malicious format and payload. This vulnerabili...

7CVSS7.6AI score0.00456EPSS
Exploits0References1
CVE
CVE
added 2022/07/06 3:6 p.m.193 views

CVE-2021-3697

CVE-2021-3697 is a grub2 JPEG handling vulnerability where crafting a JPEG image may cause a heap underflow in the JPEG reader, enabling data corruption and potentially code execution or secure-boot circumvention. It affects grub2 versions prior to the fixed release (notably legacy references to ...

7CVSS7.6AI score0.00456EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder