Astra Linux – Vulnerability in grub2

A flaw was discovered in grub2 in versions prior to 2.06. The cutmem command does not honor secure boot locking, allowing a privileged attacker to remove address ranges from memory. This creates an opportunity to circumvent SecureBoot protections after proper analysis of grub’s memory layout. The...

Astra Linux – Vulnerability in grub2

A flaw was discovered in grub2, where the grubextcmddispatcher function calls grubarglistalloc to allocate memory for the grub’s argument list. However, it does not check in case the memory allocation fails. Once the allocation fails, a NULL pointer will be processed by the parseoption function,...

Astra Linux - уязвимость в grub2

A crafted 16-bit grayscale PNG image may lead to an out-of-bounds write in the heap area. An attacker may exploit this to cause heap data corruption or, ultimately, arbitrary code execution and circumvent secure boot protections. This issue is highly complex to exploit; an attacker needs to perfo...

RHEL 8 : grub2 (RHSA-2026:4653)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:4653 advisory. The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a highly configurable and customizable boot loader with modular...

MiracleLinux 8 : grub2-2.02-156.el8.ML.1 (AXSA:2024-8448:04)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8448:04 advisory. grub2: grub2-set-bootflag can be abused by local pseudo-users CVE-2024-1048 grub2: Out-of-bounds write at fs/ntfs.c may lead to unsigned code...

EUVD-2019-5981

Malware in sbrugna...

EUVD-2020-3143

Malware in sbrugna...

EUVD-2025-4667

Malicious code in bioql PyPI...

EUVD-2025-5576

Malicious code in bioql PyPI...

EUVD-2025-5569

Malicious code in bioql PyPI...

EUVD-2025-4654

Malicious code in bioql PyPI...

EUVD-2025-4783

Malicious code in bioql PyPI...

EUVD-2025-4786

Malicious code in bioql PyPI...

EUVD-2025-4653

Malicious code in bioql PyPI...

EUVD-2025-4780

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-3695

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to cause heap data corruption or...

PT-2025-32327 · Undefined · Undefined

BREAKING: GRUB2 flaw CVE-2025-02725 in SUSE Linux enables pre-OS persistence. 🚨 Patch NOW: zypper patch --cve=CVE-2025-02725 Validate Secure Boot. Rebuild initramfs. Read more: 👉 https://t.co/0U2XsMxKqt https://t.co/kkKHlOi9JT...

Astra Linux – Vulnerability in grub2

A flaw was discovered in grub2. During the network boot process, when attempting to search for the configuration file, grub copies data from a user-controlled environment variable into an internal buffer using the grubstrcpy function. During this step, it fails to consider the length of the...

Linux Distros Unpatched Vulnerability : CVE-2025-0686

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in grub2. When performing a symlink lookup from a romfs filesystem, grub's romfs filesystem module uses user-controlled parameters from the...

Linux Distros Unpatched Vulnerability : CVE-2025-1118

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in grub2. Grub's dump command is not blocked when grub is in lockdown mode, which allows the user to read any memory information, and an attack...