Vulnerabilities > GNU > Grub2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-03 | CVE-2024-45778 | Integer Overflow or Wraparound vulnerability in multiple products A stack overflow flaw was found when reading a BFS file system. | 5.5 |
| 2025-03-03 | CVE-2024-45782 | Classic Buffer Overflow vulnerability in multiple products A flaw was found in the HFS filesystem. | 7.8 |
| 2025-03-03 | CVE-2025-0678 | Out-of-bounds Write vulnerability in multiple products A flaw was found in grub2. | 7.8 |
| 2025-03-03 | CVE-2024-45779 | Integer Overflow or Wraparound vulnerability in GNU Grub2 An integer overflow flaw was found in the BFS file system driver in grub2. | 6.0 |
| 2025-03-03 | CVE-2024-45780 | Unspecified vulnerability in GNU Grub2 A flaw was found in grub2. | 6.7 |
| 2024-02-06 | CVE-2024-1048 | Incomplete Cleanup vulnerability in multiple products A flaw was found in the grub2-set-bootflag utility of grub2. | 3.3 |
| 2024-01-15 | CVE-2023-4001 | Authentication Bypass by Spoofing vulnerability in multiple products An authentication bypass flaw was found in GRUB due to the way that GRUB uses the UUID of a device to search for the configuration file that contains the password hash for the GRUB password protection feature. | 6.8 |
| 2023-10-25 | CVE-2023-4692 | Out-of-bounds Write vulnerability in multiple products An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. | 7.8 |
| 2023-10-25 | CVE-2023-4693 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read flaw was found on grub2's NTFS filesystem driver. | 4.6 |
| 2023-07-20 | CVE-2022-28733 | Integer Underflow (Wrap or Wraparound) vulnerability in GNU Grub2 Integer underflow in grub_net_recv_ip4_packets; A malicious crafted IP packet can lead to an integer underflow in grub_net_recv_ip4_packets() function on rsm->total_len value. | 8.1 |