68 matches found
Oracle Linux 7 : grub2 (ELSA-2026-5233)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-5233 advisory. - Unregister gettext command on module unload CVE-2025-61662Orabug: 39112125 - Fix OOB write in grubnetsearchconfigfile CVE-2025-0624 Orabug: 37770226 - Add to...
MiracleLinux 7 : grub2-2.02-0.87.14.0.1.el7.AXS7 (AXSA:2024-7721:02)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7721:02 advisory. grub2: Buffer overflow in grubfontconstructglyph can lead to out-of-bound write and possible secure boot bypass CVE-2022-2601 Tenable has extracted the...
TencentOS Server 3: grub2 (TSSA-2022:0279)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0279 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
Azure Linux 3.0 Security Update: grub2 (CVE-2022-2601)
The version of grub2 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-2601 advisory. - A buffer overflow was found in grubfontconstructglyph. A malicious crafted pf2 font can lead to an overflow wh...
Fedora 37 : grub2 (2022-dec4cdacd7)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-dec4cdacd7 advisory. Two font-related CVE updates CVE-2022-2601 and CVE-2022-3775. For more information, see upstream's disclosure or the patches themselves. Tenable has...
CLSA-2024-1724266264 grub2: Fix of 12 CVEs
Fix package version number - Use CloudLinux vendor cert - Make this package installable only on a system having Cloudlinux signed components: grub2 and kernel - Add patches from centos-8.5 ELS: - CVE-2021-3695: out-of-bounds write in the heap area by a crafted 16-bit grayscale PNG image -...
KB5041828: Windows Server 2012 R2 Security Update (August 2024)
The remote Windows host is missing security update 5041828. It is, therefore, affected by multiple vulnerabilities - A buffer overflow was found in grubfontconstructglyph. A malicious crafted pf2 font can lead to an overflow when calculating the maxglyphsize value, allocating a smaller than neede...
KB5041782: Windows 10 LTS 1507 Security Update (August 2024)
The remote Windows host is missing security update 5041782. It is, therefore, affected by multiple vulnerabilities - A buffer overflow was found in grubfontconstructglyph. A malicious crafted pf2 font can lead to an overflow when calculating the maxglyphsize value, allocating a smaller than neede...
KB5041573: Windows Server version 23H2 Security Update (August 2024)
The remote Windows host is missing security update 5041573. It is, therefore, affected by multiple vulnerabilities - An elevation of privilege vulnerability exists in Windows based systems supporting Virtualization Based Security VBS including a subset of Azure Virtual Machine SKUS. This can allo...
KB5041160: Windows Server 2022 / Azure Stack HCI 22H2 Security Update (August 2024)
The remote Windows host is missing security update 5041160. It is, therefore, affected by multiple vulnerabilities - An elevation of privilege vulnerability exists in Windows based systems supporting Virtualization Based Security VBS including a subset of Azure Virtual Machine SKUS. This can allo...
KB5041578: Windows 10 version 1809 / Windows Server 2019 Security Update (August 2024)
The remote Windows host is missing security update 5041578. It is, therefore, affected by multiple vulnerabilities - An elevation of privilege vulnerability exists in Windows based systems supporting Virtualization Based Security VBS including a subset of Azure Virtual Machine SKUS. This can allo...
KB5041585: Windows 11 version 22H2 / Windows 11 version 23H2 Security Update (August 2024)
The remote Windows host is missing security update 5041585. It is, therefore, affected by multiple vulnerabilities - An elevation of privilege vulnerability exists in Windows based systems supporting Virtualization Based Security VBS including a subset of Azure Virtual Machine SKUS. This can allo...
KB5041580: Windows 10 Version 21H2 / Windows 10 Version 22H2 Security Update (August 2024)
The remote Windows host is missing security update 5041580. It is, therefore, affected by multiple vulnerabilities - An elevation of privilege vulnerability exists in Windows based systems supporting Virtualization Based Security VBS including a subset of Azure Virtual Machine SKUS. This can allo...
KB5041851: Windows Server 2012 Security Update (August 2024)
The remote Windows host is missing security update 5041851. It is, therefore, affected by multiple vulnerabilities - A buffer overflow was found in grubfontconstructglyph. A malicious crafted pf2 font can lead to an overflow when calculating the maxglyphsize value, allocating a smaller than neede...
CentOS 7 : grub2 (RHSA-2024:2002)
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2002 advisory. - A buffer overflow was found in grubfontconstructglyph. A malicious crafted pf2 font can lead to an overflow when calculating the maxglyphsize value, allocatin...
RHEL 7 : grub2 (RHSA-2024:2002)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2002 advisory. The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a highly configurable and customizable boot loader with modular...
Moderate: Red Hat Security Advisory: grub2 security update
An update for grub2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
CVE-2022-2601 affecting package grub2 for versions less than 2.06-14
CVE-2022-2601 affecting package grub2 for versions less than 2.06-14. A patched version of the package is available...
Rocky Linux 8 : grub2 (RLSA-2023:0049)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0049 advisory. - A buffer overflow was found in grubfontconstructglyph. A malicious crafted pf2 font can lead to an overflow when calculating the maxglyphsize value,...
Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Linux Kernel Buffer overflow and denial of service vulnerabilities( CVE-2022-2601, CVE-2022-3775)
Summary Potential Linux Kernel Buffer overflow and denial of service vulnerabilities CVE-2022-2601, CVE-2022-3775 has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. Refer to details for additional information. Vulnerability Details CVEID:CVE-2022-2601 DESCRIPTION...