Lucene search
K

3607 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in grub2

A flaw was discovered in grub2 in versions prior to 2.06. Variable names present in the supplied command line are expanded into their corresponding variable contents, using a 1 kB stack buffer for temporary storage. However, there is insufficient bounds checking. If the function is called with a...

7.2CVSS7AI score0.00573EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in grub2

A out-of-bounds write flaw was discovered in grub2’s NTFS filesystem driver. This issue may allow an attacker to present a specially crafted NTFS filesystem image, resulting in corruption of grub’s heap metadata. In some cases, the attack may also corrupt the UEFI firmware heap metadata. As a...

7.8CVSS7.2AI score0.00536EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in grub2

The GRUB2’s shimlock verifier allows non-kernel files to be loaded on shim-powered secure boot systems. Allowing such files to be loaded may lead to unverified code and modules being loaded in GRUB2, thereby breaking the secure boot trust-chain...

7.8CVSS7.4AI score0.00316EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in grub2

A flaw was discovered in grub2. The calculation of the translation buffer when reading a language .mo file in grubgettextgetstrfromposition may overflow, resulting in an out-of-bound write. This issue can be exploited by an attacker to overwrite grub2’s sensitive heap data, ultimately allowing th...

6.7CVSS7AI score0.00231EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in grub2

When reading the .mo file in grubmofileopen, grub2 fails to verify an integer overflow during the allocation of its internal buffer. A specially crafted .mo file may cause the buffer size calculation to overflow, resulting in out-of-bound reads and writes. This flaw allows an attacker to leak...

6.7CVSS6.8AI score0.00234EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in grub2

A flaw was discovered in command/gpg. In some scenarios, hooks created by loaded modules are not removed when the related module is unloaded. This flaw allows an attacker to force grub2 to call the hooks once the module that registered them was unloaded, resulting in a use-after-free vulnerabilit...

6.4CVSS6.8AI score0.00262EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in grub2

A flaw was discovered in grub2 in versions prior to 2.06. The cutmem command does not honor secure boot locking, allowing a privileged attacker to remove address ranges from memory. This creates an opportunity to circumvent SecureBoot protections after proper analysis of grub’s memory layout. The...

7.5CVSS6.7AI score0.0039EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in grub2

A flaw was discovered in grub2 in versions prior to 2.06. The rmmod implementation allows the unloading of a module that serves as a dependency without checking whether any other dependent modules are still loaded, resulting in a “use-after-free” scenario. This could allow arbitrary code to be...

8.2CVSS7AI score0.01152EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in grub2

A flaw was discovered in grub2. When performing a symlink lookup from a ReiserFS filesystem, grub’s ReiserFS module uses user-controlled parameters from the filesystem’s geometry to determine the internal buffer size. However, it improperly checks for integer overflows. A maliciously crafted...

6.4CVSS7.4AI score0.00251EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/19 7:57 p.m.11 views

CVE-2026-40003

ZTE ZX297520V3 BootROM contains a vulnerability that allows arbitrary memory writes via USB. Attackers can exploit the lack of target address validation in the USB download mode to write data to any location in BootROM runtime memory, thereby overwriting the stack, hijacking the execution flow,...

6.8CVSS6.1AI score0.00296EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/05/13 8:23 p.m.9 views

CVE-2026-41097

Reliance on a component that is not updateable in Windows Secure Boot allows an authorized attacker to bypass a security feature locally...

6.7CVSS5.8AI score0.01421EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/12 6:30 p.m.30 views

EUVD-2026-29685

Reliance on a component that is not updateable in Windows Secure Boot allows an authorized attacker to bypass a security feature locally...

6.7CVSS5.8AI score0.01421EPSS
Exploits0References2
NVD
NVD
added 2026/05/12 6:17 p.m.7 views

CVE-2026-41097

Reliance on a component that is not updateable in Windows Secure Boot allows an authorized attacker to bypass a security feature locally...

6.7CVSS0.01421EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 4:59 p.m.48 views

CVE-2026-41097

CVE-2026-41097 describes a local security bypass in Windows Secure Boot caused by reliance on a non-updateable component. An authorized attacker could bypass a security feature locally. The CVE’s metrics show a medium base score (CVSS 3.1: 6.7; Local attack vector; high confidentiality/integrity/...

6.7CVSS5.8AI score0.01421EPSS
Exploits0References1Affected Software11
Vulnrichment
Vulnrichment
added 2026/05/12 4:59 p.m.16 views

CVE-2026-41097 Secure Boot Security Feature Bypass Vulnerability

...

6.7CVSS5.8AI score0.01421EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/12 4:59 p.m.9 views

CVE-2026-41097

Reliance on a component that is not updateable in Windows Secure Boot allows an authorized attacker to bypass a security feature locally...

6.7CVSS5.8AI score0.01421EPSS
Exploits0References2Affected Software13
Cvelist
Cvelist
added 2026/05/12 4:59 p.m.31 views

CVE-2026-41097 Secure Boot Security Feature Bypass Vulnerability

...

6.7CVSS0.01421EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2026/05/12 2:0 p.m.10 views

Secure Boot Security Feature Bypass Vulnerability

Reliance on a component that is not updateable in Windows Secure Boot allows an authorized attacker to bypass a security feature locally...

6.7CVSS5.8AI score0.01421EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2026/05/12 2:0 p.m.37 views

March 10, 2026—Hotpatch KB5078737 (OS Build 20348.4830)

None None...

9.8CVSS6.9AI score0.99962EPSS
Exploits35
Microsoft KB
Microsoft KB
added 2026/05/12 2:0 p.m.45 views

May 12, 2026—KB5087420 (OS Build 22631.7079)

May 12, 2026—KB5087420 OS Build 22631.7079 ​​​​​This cumulative update for Windows 11, version 23H2 KB5087420, includes the latest security fixes and improvements, along with non-security updates from last month’s optional preview release. To learn more about differences between security updates,...

9.8CVSS6.1AI score0.02419EPSS
Exploits4
Rows per page
Query Builder