Vulnerabilities > GNU > Grub2 > 1.99
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-25 | CVE-2023-4692 | Out-of-bounds Write vulnerability in multiple products An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. | 7.8 |
| 2023-10-25 | CVE-2023-4693 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read flaw was found on grub2's NTFS filesystem driver. | 4.6 |
| 2022-12-19 | CVE-2022-3775 | Out-of-bounds Write vulnerability in multiple products When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. | 7.1 |
| 2022-12-14 | CVE-2022-2601 | Heap-based Buffer Overflow vulnerability in multiple products A buffer overflow was found in grub_font_construct_glyph(). | 8.6 |
| 2022-03-16 | CVE-2021-46705 | Insecure Temporary File vulnerability in GNU Grub2 A Insecure Temporary File vulnerability in grub-once of grub2 in SUSE Linux Enterprise Server 15 SP4, openSUSE Factory allows local attackers to truncate arbitrary files. | 4.4 |
| 2022-03-10 | CVE-2021-3981 | Incorrect Default Permissions vulnerability in multiple products A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with the wrong permission set allowing non privileged users to read its content. | 3.3 |
| 2021-03-15 | CVE-2021-3418 | Improper Preservation of Permissions vulnerability in GNU Grub2 If certificates that signed grub are installed into db, grub can be booted directly. | 4.4 |
| 2021-03-03 | CVE-2021-20233 | Out-of-bounds Write vulnerability in multiple products A flaw was found in grub2 in versions prior to 2.06. | 8.2 |
| 2021-03-03 | CVE-2021-20225 | Out-of-bounds Write vulnerability in multiple products A flaw was found in grub2 in versions prior to 2.06. | 6.7 |
| 2021-03-03 | CVE-2020-27779 | A flaw was found in grub2 in versions prior to 2.06. | 7.5 |