Lucene search
K

50 matches found

nessus
nessus
added 2026/04/07 12:0 a.m.7 views

Oracle Linux 7 : grub2 (ELSA-2026-5233)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-5233 advisory. - Unregister gettext command on module unload CVE-2025-61662Orabug: 39112125 - Fix OOB write in grubnetsearchconfigfile CVE-2025-0624 Orabug: 37770226 - Add to...

8.6CVSS6.9AI score0.01373EPSS
Exploits0References2
nessus
nessus
added 2025/08/30 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-28734

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out-of-bounds write when handling split HTTP headers; When handling split HTTP headers, GRUB2 HTTP code accidentally moves its internal data buffer point by one...

8.1CVSS7.5AI score0.01131EPSS
Exploits0References2
osv
osv
added 2024/08/21 7:58 p.m.16 views

CLSA-2024-1724266264 grub2: Fix of 12 CVEs

Fix package version number - Use CloudLinux vendor cert - Make this package installable only on a system having Cloudlinux signed components: grub2 and kernel - Add patches from centos-8.5 ELS: - CVE-2021-3695: out-of-bounds write in the heap area by a crafted 16-bit grayscale PNG image -...

8.6CVSS7.2AI score0.01588EPSS
Exploits2References1
nessus
nessus
added 2024/07/24 12:0 a.m.23 views

Photon OS 4.0: Grub2 PHSA-2023-4.0-0436

An update of the grub2 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0436. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

8.1CVSS6.9AI score0.01131EPSS
Exploits0References3
nessus
nessus
added 2024/07/03 12:0 a.m.19 views

CBL Mariner 2.0 Security Update: grub2 (CVE-2022-28734)

The version of grub2 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-28734 advisory. - Out-of-bounds write when handling split HTTP headers; When handling split HTTP headers, GRUB2 HTTP code...

8.1CVSS7.6AI score0.01131EPSS
Exploits0References2
cbl_mariner
cbl_mariner
added 2024/03/19 5:21 p.m.28 views

CVE-2022-28734 affecting package grub2 for versions less than 2.06-14

CVE-2022-28734 affecting package grub2 for versions less than 2.06-14. A patched version of the package is available...

8.1CVSS7.7AI score0.01131EPSS
Exploits0
cbl_mariner
cbl_mariner
added 2023/11/08 2:7 a.m.19 views

CVE-2022-28734 affecting package grub2 for versions less than 2.06-12

CVE-2022-28734 affecting package grub2 for versions less than 2.06-12. A patched version of the package is available...

8.1CVSS7.8AI score0.01131EPSS
Exploits0
ubuntucve
ubuntucve
added 2023/07/20 1:15 a.m.36 views

CVE-2022-28734

Out-of-bounds write when handling split HTTP headers; When handling split HTTP headers, GRUB2 HTTP code accidentally moves its internal data buffer point by one position. This can lead to a out-of-bound write further when parsing the HTTP request, writing a NULL byte past the buffer. It's...

8.1CVSS7.2AI score0.01131EPSS
Exploits0References3
cve
cve
added 2023/07/20 12:22 a.m.600 views

CVE-2022-28734

CVE-2022-28734 is an out-of-bounds write in grub2 related to handling split HTTP headers. The root cause is that grub2’s HTTP parsing moves an internal buffer pointer by one position when processing split headers, which can lead to writing a NULL byte past the buffer and corrupt memory metadata. ...

8.1CVSS7.8AI score0.01131EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2023/07/20 12:22 a.m.29 views

CVE-2022-28734 Out-of-bounds write when handling split HTTP headers

Out-of-bounds write when handling split HTTP headers; When handling split HTTP headers, GRUB2 HTTP code accidentally moves its internal data buffer point by one position. This can lead to a out-of-bound write further when parsing the HTTP request, writing a NULL byte past the buffer. It's...

8.1CVSS8AI score0.01131EPSS
Exploits0References3
nessus
nessus
added 2023/06/23 12:0 a.m.29 views

F5 Networks BIG-IP : Grub2 vulnerability (K000130541)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000130541 advisory. - grub2: Out-of-bound write when handling split HTTP headers CVE-2022-28734 Note that Nessus has not tested for this...

8.5AI score0.01131EPSS
Exploits0References2
nessus
nessus
added 2023/05/25 12:0 a.m.23 views

Oracle Linux 8 : grub2 (ELSA-2022-9471)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9471 advisory. - Add CVE-2022-28736 to the list JIRA: OLDIS-16371 - Fix: CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735...

8.1CVSS6.6AI score0.01284EPSS
Exploits0References8
nessus
nessus
added 2023/03/21 12:0 a.m.79 views

Amazon Linux 2023 : grub2-common, grub2-efi-aa64, grub2-efi-aa64-cdboot (ALAS2023-2023-020)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-020 advisory. A flaw was found in grub 2, where a crafted 16-bit grayscale PNG image may lead to an out-of-bounds write. This flaw allows an attacker to corrupt the data on the heap portion of the grub2's...

8.6CVSS7.4AI score0.01284EPSS
Exploits0References22
ibm
ibm
added 2023/01/12 11:10 p.m.30 views

Security Bulletin: IBM Security Verify Access Appliance includes components with known vulnerabilities

Summary Multiple Security Vulnerabilities were found in the IBM Security Verify Access ISVA Appliance Operating System layer. These vulnerabilities have been addressed in ISVA 10.0.5.0, which is linked below. Vulnerability Details CVEID:CVE-2022-2526 DESCRIPTION: systemd could allow a remote...

9.8CVSS9.8AI score0.96275EPSS
Exploits13Affected Software1
f5
f5
added 2023/01/10 9:51 p.m.38 views

K000130541: Grub2 vulnerability CVE-2022-28734

Security Advisory Description Out-of-bounds write when handling split HTTP headers; When handling split HTTP headers, GRUB2 HTTP code accidentally moves its internal data buffer point by one position. This can lead to a out-of-bound write further when parsing the HTTP request, writing a NULL byte...

8.1CVSS7.7AI score0.01131EPSS
Exploits0
openvas
openvas
added 2022/12/28 12:0 a.m.26 views

Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2022-2883)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS6.9AI score0.01284EPSS
Exploits0References2
nessus
nessus
added 2022/11/16 12:0 a.m.24 views

AlmaLinux 9 : grub2, mokutil, shim, and shim-unsigned-x64 (ALSA-2022:5099)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:5099 advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C...

8.1CVSS6.5AI score0.01284EPSS
Exploits0References9
openvas
openvas
added 2022/10/28 12:0 a.m.24 views

Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2022-2611)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS6.8AI score0.01131EPSS
Exploits0References2
openvas
openvas
added 2022/10/12 12:0 a.m.17 views

Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2022-2562)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.1AI score0.01434EPSS
Exploits0References2
nessus
nessus
added 2022/10/10 12:0 a.m.24 views

EulerOS Virtualization 3.0.6.0 : grub2 (EulerOS-SA-2022-2562)

According to the versions of the grub2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects...

8.1CVSS7.2AI score0.01434EPSS
Exploits0References8
Rows per page
Query Builder