Lucene search
K

3605 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in grub2

A flaw was discovered in grub2. A specially crafted JPEG file can cause the JPEG parser in grub2 to incorrectly check the boundaries of its internal buffers, leading to an out-of-bounds write. The possibility of overwriting sensitive information to bypass secure boot protections is still a concer...

6.7CVSS6.4AI score0.00243EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in grub2

A flaw was discovered in grub2. The calculation of the translation buffer when reading a language .mo file in grubgettextgetstrfromposition may overflow, resulting in an out-of-bound write. This issue can be exploited by an attacker to overwrite grub2’s sensitive heap data, ultimately allowing th...

6.7CVSS7AI score0.00231EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in grub2

When reading the .mo file in grubmofileopen, grub2 fails to verify an integer overflow during the allocation of its internal buffer. A specially crafted .mo file may cause the buffer size calculation to overflow, resulting in out-of-bound reads and writes. This flaw allows an attacker to leak...

6.7CVSS6.8AI score0.00234EPSS
Exploits0References3
Microsoft KB
Microsoft KB
added 2026/06/23 12:0 a.m.49 views

June 23, 2026—KB5095093 (OS Builds 26200.8737 and 26100.8737) Preview

June 23, 2026—KB5095093 OS Builds 26200.8737 and 26100.8737 Preview ​​​​This cumulative update for Windows 11, version 25H2 and 24H2 KB5095093, includes production-quality improvements. Announcements and messages This section provides key notifications related to this release, including...

5.8AI score
Exploits0
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux - Vulnerability in GRUB2

When reading data from disk, GRUB's UDF filesystem module uses the user-controlled data length metadata to allocate its internal buffers. In certain scenarios, while iterating through disk sectors, it assumes that the read size from the disk is always smaller than the allocated buffer size, which...

7.8CVSS7.6AI score0.0044EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in grub2

A flaw was discovered in grub2. When reading data from a jfs filesystem, grub’s jfs filesystem module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size. However, it improperly checks for integer overflows. A maliciously crafted filesystem may cause...

6.4CVSS7.4AI score0.00253EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in grub2

A buffer overflow was detected in grubfontconstructglyph. A maliciously crafted pf2 font can cause an overflow when calculating the maxglyphsize value. This results in allocating a buffer that is smaller than necessary for the glyph, leading to another buffer overflow and an out-of-bounds write t...

8.6CVSS7.1AI score0.00514EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in grub2

A carefully crafted JPEG image may cause the JPEG reader to underflow its data pointer, allowing user-controlled data to be written into the heap. For the attack to succeed, the attacker must analyze the heap layout and create an image with malicious format and payloads. This vulnerability can le...

7CVSS7.5AI score0.00434EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in grub2

A crafted 16-bit grayscale PNG image may lead to an out-of-bounds write in the heap area. An attacker may exploit this to cause heap data corruption or, ultimately, arbitrary code execution and circumvent secure boot protections. This issue is highly complex to exploit; an attacker needs to perfo...

4.5CVSS7.3AI score0.0044EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in grub2

The GRUB2’s shimlock verifier allows non-kernel files to be loaded on shim-powered secure boot systems. Allowing such files to be loaded may lead to unverified code and modules being loaded in GRUB2, thereby breaking the secure boot trust-chain...

7.8CVSS7.4AI score0.00316EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in grub2

A flaw was discovered in grub2 in versions prior to 2.06. The cutmem command does not honor secure boot locking, allowing a privileged attacker to remove address ranges from memory. This creates an opportunity to circumvent SecureBoot protections after proper analysis of grub’s memory layout. The...

7.5CVSS6.7AI score0.0039EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in grub2

A flaw was discovered in grub2 in versions prior to 2.06. During USB device initialization, descriptors are read without sufficient bounds checking, assuming that the USB device provides valid values. If exploited properly, an attacker could cause memory corruption, leading to arbitrary code...

7.6CVSS7.4AI score0.00794EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in grub2

A flaw was discovered in grub2 in versions prior to 2.06. The rmmod implementation allows the unloading of a module that serves as a dependency without checking whether any other dependent modules are still loaded, leading to a “use-after-free” scenario. This could allow arbitrary code to be...

8.2CVSS7AI score0.01152EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.11 views

Astra Linux – Vulnerability in grub2

A flaw was discovered in grub2 in versions prior to 2.06, where it incorrectly enabled the use of the ACPI command when Secure Boot was enabled. This flaw allows an attacker with privileged access to create a Secondary System Description Table SSDT containing code that can overwrite the Linux...

7.5CVSS6.8AI score0.01738EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in grub2

A flaw was discovered in grub2. When performing a symlink lookup from a romfs filesystem, grub’s romfs filesystem module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size. However, it improperly checks for integer overflows. A maliciously crafted...

6.4CVSS7.2AI score0.00253EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in grub2

A flaw was discovered in grub2. When reading data from a squash4 filesystem, grub’s squash4 fs module uses user-controlled parameters from the filesystem’s geometry to determine the internal buffer size. However, it improperly checks for integer overflows. A maliciously crafted filesystem may cau...

7.8CVSS7.2AI score0.00269EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in grub2

A flaw was discovered in grub2. When performing a symlink lookup from a ReiserFS filesystem, grub’s ReiserFS module uses user-controlled parameters from the filesystem’s geometry to determine the internal buffer size. However, it improperly checks for integer overflows. A maliciously crafted...

6.4CVSS7.4AI score0.00251EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in grub2

A flaw was discovered in grub2. When performing a symlink lookup, the grub’s UFS module checks the data size of the inode to allocate an internal buffer to read the file content. However, it fails to check whether the data size of the symlink has exceeded its allocated limit. As a result, the...

6.4CVSS7.2AI score0.00318EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in grub2

A flaw was discovered in grub2 in versions prior to 2.06. Variable names present in the supplied command line are expanded into their corresponding variable contents, using a 1 kB stack buffer for temporary storage. However, there is insufficient bounds checking. If the function is called with a...

7.2CVSS7AI score0.00573EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in grub2

A flaw was discovered in grub2. During the network boot process, when attempting to search for the configuration file, grub copies data from a user-controlled environment variable into an internal buffer using the grubstrcpy function. During this step, it fails to consider the length of the...

7.6CVSS7.5AI score0.01373EPSS
Exploits0References2
Rows per page
Query Builder