Lucene search
K

74 matches found

OSV
OSV
added 2025/12/15 12:49 p.m.2 views

SUSE-SU-2025:21212-1 Security update for grub2

This update for grub2 fixes the following issues: Changes in grub2: - CVE-2025-54771: Fixed grubfileclose does not properly controls the fs refcount bsc1252931 - CVE-2025-54770: Fixed missing unregister call for netsetvlan command may lead to use-after-free bsc1252930 - CVE-2025-61662: Fixed...

7.8CVSS5.8AI score0.00386EPSS
Exploits0References22
Ubuntu
Ubuntu
added 2025/11/28 2:58 p.m.7 views

USN-7894-2: EDK II regression

USN-7894-1 fixed vulnerabilities in EDK II. The update introduced a regression in the UEFI network boot. This update reverts the corresponding fixes for CVE-2023-45236 and CVE-2023-45237 pending further investigation. We apologize for the inconvenience. Original advisory details: It was discovere...

7.5AI score
Exploits0References1
OSV
OSV
added 2025/11/28 2:58 p.m.4 views

USN-7894-2 edk2 regression

USN-7894-1 fixed vulnerabilities in EDK II. The update introduced a regression in the UEFI network boot. This update reverts the corresponding fixes for CVE-2023-45236 and CVE-2023-45237 pending further investigation. We apologize for the inconvenience. Original advisory details: It was discovere...

7.5CVSS7AI score0.00986EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-4653

Malicious code in bioql PyPI...

7.6CVSS7.7AI score0.01373EPSS
Exploits0References21
OSV
OSV
added 2025/05/14 10:8 p.m.14 views

CLSA-2025-1747260502 kernel: Fix of 5 CVEs

ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices CVE-2024-53197 - Bluetooth: L2CAP: Fix slab-use-after-free Read in l2capsendcmd CVE-2025-21969 - ext4: fix OOB read when checking dotdot dir CVE-2025-37785 - iscsiibft: Fix UBSAN shift-out-of-bounds warning in...

7.8CVSS7AI score0.03558EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/03/31 2:8 a.m.4 views

grub2: net: Out-of-bounds write in grub_net_search_config_file()

A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grubstrcpy function. During this step, it fails to consider the environment variable length...

7.6CVSS8AI score0.01373EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/03/27 5:51 p.m.5 views

grub2: net: Out-of-bounds write in grub_net_search_config_file()

A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grubstrcpy function. During this step, it fails to consider the environment variable length...

7.6CVSS8AI score0.01373EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/03/17 1:51 a.m.3 views

grub2: net: Out-of-bounds write in grub_net_search_config_file()

A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grubstrcpy function. During this step, it fails to consider the environment variable length...

7.6CVSS8AI score0.01373EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/03/17 1:45 a.m.3 views

grub2: net: Out-of-bounds write in grub_net_search_config_file()

A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grubstrcpy function. During this step, it fails to consider the environment variable length...

7.6CVSS8AI score0.01373EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/03/13 2:12 p.m.4 views

grub2: net: Out-of-bounds write in grub_net_search_config_file()

A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grubstrcpy function. During this step, it fails to consider the environment variable length...

7.6CVSS8AI score0.01373EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/03/11 10:48 a.m.7 views

grub2: net: Out-of-bounds write in grub_net_search_config_file()

A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grubstrcpy function. During this step, it fails to consider the environment variable length...

7.6CVSS8AI score0.01373EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/03/11 9:51 a.m.4 views

grub2: net: Out-of-bounds write in grub_net_search_config_file()

A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grubstrcpy function. During this step, it fails to consider the environment variable length...

7.6CVSS8AI score0.01373EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/03/10 3:23 p.m.5 views

grub2: net: Out-of-bounds write in grub_net_search_config_file()

A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grubstrcpy function. During this step, it fails to consider the environment variable length...

7.6CVSS8AI score0.01373EPSS
Exploits0References4
OSV
OSV
added 2025/03/07 3:26 p.m.4 views

OESA-2025-1232 grub2 security update

GNU GRUB is a Multiboot boot loader. It was derived from GRUB, the GRand Unified Bootloader, which was originally designed and implemented by Erich Stefan Boleyn. Security Fixes: A flaw was found in grub2. A specially crafted JPEG file can cause the JPEG parser of grub2 to incorrectly check the...

8.8CVSS8.2AI score0.01373EPSS
Exploits0References7
SUSE Linux
SUSE Linux
added 2025/02/20 9:42 p.m.4 views

Security update for grub2

This update for grub2 fixes the following issues: CVE-2024-45781: Fixed strcpy overflow in ufs. bsc1233617 CVE-2024-56737: Fixed a heap-based buffer overflow in hfs. bsc1234958 CVE-2024-45782: Fixed strcpy overflow in hfs. bsc1233615 CVE-2024-45780: Fixed an overflow in tar/cpio. bsc1233614...

8.9CVSS7.3AI score0.01373EPSS
Exploits1References88
SUSE CVE
SUSE CVE
added 2025/02/20 2:31 p.m.4 views

SUSE CVE-2025-0624

A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grubstrcpy function. During this step, it fails to consider the environment variable length...

7.6CVSS8AI score0.01373EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2025/02/20 12:0 a.m.12 views

SUSE SLES15 Security Update : grub2 (SUSE-SU-2025:0587-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0587-1 advisory. - CVE-2024-45781: Fixed strcpy overflow in ufs. bsc1233617 - CVE-2024-56737: Fixed a heap-based buffer overflow in hfs. bsc1234958 ...

8.8CVSS7.5AI score0.01373EPSS
Exploits1References67
NVD
NVD
added 2025/02/19 7:15 p.m.7 views

CVE-2025-0624

A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grubstrcpy function. During this step, it fails to consider the environment variable length...

7.6CVSS0.01373EPSS
Exploits0References20
OSV
OSV
added 2025/02/19 7:15 p.m.5 views

AZL-57049 CVE-2025-0624 affecting package grub2 for versions less than 2.06-24

A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grubstrcpy function. During this step, it fails to consider the environment variable length...

7.6CVSS7.6AI score0.01373EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/02/19 7:15 p.m.2 views

CVE-2025-0624

A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grubstrcpy function. During this step, it fails to consider the environment variable length...

7.6CVSS7.4AI score0.01373EPSS
Exploits0References20
Rows per page
Query Builder