EUVD-2025-5594

Malicious code in bioql PyPI...

Medium: grub2

Issue Overview: When reading the language .mo file in grubmofileopen, grub2 fails to verify an integer overflow when allocating its internal buffer. A crafted .mo file may lead the buffer size calculation to overflow, leading to out-of-bound reads and writes. This flaw allows an attacker to leak...

CVE-2025-0684 Grub2: reiserfs: integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading data

A flaw was found in grub2. When performing a symlink lookup from a reiserfs filesystem, grub's reiserfs fs module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciouly crafted filesyste...

CVE-2025-0684 Grub2: reiserfs: integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading data

A flaw was found in grub2. When performing a symlink lookup from a reiserfs filesystem, grub's reiserfs fs module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciouly crafted filesyste...

CVE-2024-45776

CVE-2024-45776 affects GRUB2’s language handling (grub_mofile_open): reading a language .mo file can overflow the internal buffer during allocation due to an unchecked integer overflow, leading to out-of-bounds reads/writes. Consequences described in the sources include leakage of sensitive data ...