Lucene search
+L

221 matches found

RedhatCVE
RedhatCVE
added 2025/11/18 6:20 p.m.7 views

CVE-2025-61664

A vulnerability in the GRUB2 bootloader has been identified in the normal module. This flaw, a memory Use After Free issue, occurs because the normalexit command is not properly unregistered when its related module is unloaded. An attacker can exploit this condition by invoking the command after...

4.9CVSS6.8AI score0.00137EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2025/11/18 6:20 p.m.5 views

CVE-2025-61661

A vulnerability has been identified in the GRUB Grand Unified Bootloader component. This flaw occurs because the bootloader mishandles string conversion when reading information from a USB device, allowing an attacker to exploit inconsistent length values. A local attacker can connect a malicious...

4.8CVSS5.2AI score0.0019EPSS
Exploits0
CVE
CVE
added 2025/11/18 6:20 p.m.45 views

CVE-2025-61661

CVE-2025-61661 affects the GRUB2 bootloader. The vulnerability stems from the USB string conversion handling, allowing a local attacker with a malicious USB device connected during boot to trigger inconsistent length values, potentially crashing GRUB (DoS) and possibly causing data corruption (im...

4.8CVSS6AI score0.0019EPSS
Exploits0References3
CVE
CVE
added 2025/11/18 6:20 p.m.46 views

CVE-2025-54771

Concrete details available: CVE-2025-54771 is a use-after-free in GRUB2's file-closing path. The flaw arises when grub_file_close() fails to drop the fs refcount, leaving a stale pointer to a filesystem structure. Exploitation could cause GRUB to crash, yielding Denial of Service; data integrity/...

4.9CVSS6.5AI score0.00144EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/11/18 6:20 p.m.7 views

CVE-2025-54770

A vulnerability has been identified in the GRUB2 bootloader's network module that poses an immediate Denial of Service DoS risk. This flaw is a Use-after-Free issue, caused because the netsetvlan command is not properly unregistered when the network module is unloaded from memory. An attacker who...

4.9CVSS6.9AI score0.00144EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-54770

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability has been identified in the GRUB2 bootloader's network module that poses an immediate Denial of Service DoS risk. This flaw is a Use-after-Free...

4.9CVSS6.1AI score0.00144EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/11/18 12:0 a.m.5 views

GNU GRUB 安全漏洞

GNU GRUB is a Linux system boot program from the GNU community. A security vulnerability exists in GNU GRUB, which originates from the reuse of the gettext module after its release, and could lead to a denial of service or data disclosure...

7.8CVSS6.3AI score0.00207EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/11/18 12:0 a.m.4 views

PT-2025-47376

Name of the Vulnerable Software and Affected Versions GRUB2 affected versions not specified Description A flaw exists in the GRUB2 bootloader’s network module that can lead to a Denial of Service DoS. This is a Use-after-Free issue stemming from improper unregistration of the net set vlan command...

7.8CVSS6.5AI score0.00386EPSS
Exploits0References65
Positive Technologies
Positive Technologies
added 2025/11/18 12:0 a.m.6 views

PT-2025-47380

Name of the Vulnerable Software and Affected Versions GRUB affected versions not specified Description A Use-After-Free issue exists in GRUB's gettext module. This occurs because the gettext command remains registered in memory after its module is unloaded. Exploitation involves invoking the...

7.8CVSS6.6AI score0.00386EPSS
Exploits0References122
Positive Technologies
Positive Technologies
added 2025/11/18 12:0 a.m.6 views

PT-2025-47381

Name of the Vulnerable Software and Affected Versions GRUB2 Bootloader affected versions not specified Description A Use-after-Free issue exists in the GRUB2 bootloader’s normal command. The flaw occurs because the normal command is not properly unregistered when the module is unloaded. An attack...

7.8CVSS6.5AI score0.00386EPSS
Exploits0References79
Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.22 views

Linux Distros Unpatched Vulnerability : CVE-2025-61663

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability has been identified in the GRUB2 bootloader's normal command that poses an immediate Denial of Service DoS risk. This flaw is a Use-after-Free...

4.9CVSS6.1AI score0.00127EPSS
Exploits0References4
OSV
OSV
added 2025/11/11 12:0 a.m.5 views

ALSA-2025:20532 Moderate: grub2 security update

The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Security Fixes: grub2:...

6.7CVSS6.7AI score0.00231EPSS
Exploits0References4
AlmaLinux
AlmaLinux
added 2025/11/11 12:0 a.m.6 views

Moderate: grub2 security update

The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Security Fixes: grub2:...

6.7CVSS6.4AI score0.00231EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-0284

Malware in sbrugna...

4.3CVSS6.1AI score0.01321EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-43034

Malicious code in bioql PyPI...

5.5CVSS5.8AI score0.00172EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/09/18 8:45 a.m.4 views

grub2: command/gpg: Use-after-free due to hooks not being removed on module unload

A flaw was found in command/gpg. In some scenarios, hooks created by loaded modules are not removed when the related module is unloaded. This flaw allows an attacker to force grub2 to call the hooks once the module that registered it was unloaded, leading to a use-after-free vulnerability. If...

6.4CVSS5.9AI score0.00268EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2025/09/04 1:54 p.m.4 views

Grub2: fs/hfs: integer overflow may lead to heap based out-of-bounds write

...

7.8CVSS7AI score0.00371EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/09/04 6:39 a.m.6 views

Grub2: commands/extcmd: missing check for failed allocation

...

5.2CVSS7AI score0.00211EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/09/04 5:49 a.m.6 views

Grub2: grub-core/gettext: integer overflow leads to heap oob write.

...

6.7CVSS7AI score0.00231EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2020-14311

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesystem containing a symbolic link with an inode size of...

6CVSS6.9AI score0.00465EPSS
Exploits0References2
Rows per page
Query Builder