Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
GnuGrub2

7 matches found

CVE
CVEadded 2023/07/20 1:15 a.m.1470 views

CVE-2022-28733

Integer underflow in grub_net_recv_ip4_packets; A malicious crafted IP packet can lead to an integer underflow in grub_net_recv_ip4_packets() function on rsm->total_len value. Under certain circumstances the total_len value may end up wrapping around to a small integer number which will be used ...

8.1CVSS7.5AI score0.00109EPSS
CVE
CVEadded 2022/12/14 9:15 p.m.754 views

CVE-2022-2601

A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacke...

8.6CVSS8.7AI score0.00069EPSS
CVE
CVEadded 2020/07/30 1:15 p.m.582 views

CVE-2020-10713

A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw also allows the bypass of Secure Boot protections. In order to load an untrusted or modified kernel, an attacker would first need to establish access t...

8.2CVSS8.6AI score0.00369EPSS
CVE
CVEadded 2023/07/20 1:15 a.m.564 views

CVE-2022-28734

Out-of-bounds write when handling split HTTP headers; When handling split HTTP headers, GRUB2 HTTP code accidentally moves its internal data buffer point by one position. This can lead to a out-of-bound write further when parsing the HTTP request, writing a NULL byte past the buffer. It's conceivab...

8.1CVSS7.8AI score0.00161EPSS
CVE
CVEadded 2021/03/03 5:15 p.m.340 views

CVE-2021-20233

A flaw was found in grub2 in versions prior to 2.06. Setparam_prefix() in the menu rendering code performs a length calculation on the assumption that expressing a quoted single quote will require 3 characters, while it actually requires 4 characters which allows an attacker to corrupt memory by on...

8.2CVSS8.1AI score0.0032EPSS
CVE
CVEadded 2021/03/03 5:15 p.m.314 views

CVE-2020-25632

A flaw was found in grub2 in versions prior to 2.06. The rmmod implementation allows the unloading of a module used as a dependency without checking if any other dependent module is still loaded leading to a use-after-free scenario. This could allow arbitrary code to be executed or a bypass of Secu...

8.2CVSS8.3AI score0.00045EPSS
CVE
CVEadded 2024/12/29 7:15 a.m.92 views

CVE-2024-56737

GNU GRUB (aka GRUB2) through 2.12 has a heap-based buffer overflow in fs/hfs.c via crafted sblock data in an HFS filesystem.

8.8CVSS7.4AI score0.00068EPSS