Lucene search
K

15 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/04/23 6:9 p.m.7 views

Security Bulletin: IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary Multiple components with known vulnerabilities were addressed in IBM QRadar SIEM 7.5.0 UP15 IF02 Vulnerability Details CVEID:CVE-2025-14831 DESCRIPTION: A flaw was found in GnuTLS. This vulnerability allows a denial of service DoS by excessive CPU Central Processing Unit and memory...

8.8CVSS6.2AI score0.00638EPSS
Exploits1Affected Software1
OSV
OSV
added 2025/11/18 7:15 p.m.6 views

UBUNTU-CVE-2025-61662

A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remains registered in memory after its module is unloaded. An attacker can exploit this condition by invoking the orphaned command, causing the applicati...

7.8CVSS5.8AI score0.00194EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.6 views

EulerOS 2.0 SP10 : grub2 (EulerOS-SA-2025-2098)

According to the versions of the grub2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : GNU GRUB aka GRUB2 through 2.12 does not use a constant-time algorithm for grubcryptomemcmp and thus allows side-channel attacks.CVE-2024-56738...

5.3CVSS7AI score0.00386EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2025/09/03 10:1 p.m.6 views

GNU GRUB (aka GRUB2) through 2.12 does not use a constant-time algorithm for grub_crypto_memcmp and thus allows side-channel attacks.

...

5.3CVSS7AI score0.00386EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2020-14308

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the functio...

6.4CVSS6.6AI score0.00436EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added 2025/08/07 9:1 a.m.6 views

Security update for grub2

This update for grub2 fixes the following issues: CVE-2024-56738: Fixed side-channel attack due to not constant-time algorithm in grubcryptomemcmp bsc1234959 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

5.7CVSS6.9AI score0.00386EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2025/08/07 9:1 a.m.5 views

Security update for grub2

This update for grub2 fixes the following issues: CVE-2024-56738: Fixed side-channel attack due to not constant-time algorithm in grubcryptomemcmp bsc1234959 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

5.7CVSS6.9AI score0.00386EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2021/03/11 8:0 a.m.5 views

A flaw was found in grub2 in versions prior to 2.06. Setparam_prefix() in the menu rendering code performs a length calculation on the assumption that expressing a quoted single quote will require 3 characters while it actually requires 4 characters which allows an attacker to corrupt memory by one byte for each quote in the input. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

...

8.2CVSS8.2AI score0.0061EPSS
Exploits0
OSV
OSV
added 2021/03/02 6:0 p.m.4 views

UBUNTU-CVE-2020-27779

A flaw was found in grub2 in versions prior to 2.06. The cutmem command does not honor secure boot locking allowing an privileged attacker to remove address ranges from memory creating an opportunity to circumvent SecureBoot protections after proper triage about grub's memory layout. The highest...

7.5CVSS6.8AI score0.0039EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2020/08/18 7:0 a.m.4 views

In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the function to return invalid memory allocations which can be further used to cause possible integrity confidentiality and availability impacts during the boot process.

...

6.4CVSS7AI score0.00436EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2020/08/03 12:15 p.m.3 views

grub2: grub_malloc does not validate allocation size allowing for arithmetic overflow and subsequent heap-based buffer overflow

A flaw was found in current grub2 versions as shipped with Red Hat Enterprise Linux 7 and 8, where the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This issue leads the function to return invalid memory allocations, causing heap-based...

6.4CVSS7.2AI score0.00436EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/08/03 12:3 p.m.8 views

grub2: grub_malloc does not validate allocation size allowing for arithmetic overflow and subsequent heap-based buffer overflow

A flaw was found in current grub2 versions as shipped with Red Hat Enterprise Linux 7 and 8, where the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This issue leads the function to return invalid memory allocations, causing heap-based...

6.4CVSS7.2AI score0.00436EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/07/29 8:16 p.m.2 views

grub2: grub_malloc does not validate allocation size allowing for arithmetic overflow and subsequent heap-based buffer overflow

A flaw was found in current grub2 versions as shipped with Red Hat Enterprise Linux 7 and 8, where the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This issue leads the function to return invalid memory allocations, causing heap-based...

6.4CVSS7.2AI score0.00436EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/07/29 7:42 p.m.6 views

grub2: grub_malloc does not validate allocation size allowing for arithmetic overflow and subsequent heap-based buffer overflow

A flaw was found in current grub2 versions as shipped with Red Hat Enterprise Linux 7 and 8, where the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This issue leads the function to return invalid memory allocations, causing heap-based...

6.4CVSS7.2AI score0.00436EPSS
Exploits0References4
OSV
OSV
added 2017/07/05 12:29 p.m.8 views

UBUNTU-CVE-2017-10929

The grubmemmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file, possibly related to a read overflow in the...

7.8CVSS6.1AI score0.01911EPSS
Exploits0References4
Rows per page
Query Builder