Vulnerabilities > GNU > Grub2 > 2.00
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-25 | CVE-2023-4692 | Out-of-bounds Write vulnerability in multiple products An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. | 7.8 |
| 2023-10-25 | CVE-2023-4693 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read flaw was found on grub2's NTFS filesystem driver. | 4.6 |
| 2023-07-20 | CVE-2022-28733 | Integer Underflow (Wrap or Wraparound) vulnerability in GNU Grub2 Integer underflow in grub_net_recv_ip4_packets; A malicious crafted IP packet can lead to an integer underflow in grub_net_recv_ip4_packets() function on rsm->total_len value. | 8.1 |
| 2023-07-20 | CVE-2022-28734 | Out-of-bounds Write vulnerability in multiple products Out-of-bounds write when handling split HTTP headers; When handling split HTTP headers, GRUB2 HTTP code accidentally moves its internal data buffer point by one position. | 7.0 |
| 2023-07-20 | CVE-2022-28735 | Unspecified vulnerability in GNU Grub2 The GRUB2's shim_lock verifier allows non-kernel files to be loaded on shim-powered secure boot systems. | 7.8 |
| 2023-07-20 | CVE-2022-28736 | Use After Free vulnerability in GNU Grub2 There's a use-after-free vulnerability in grub_cmd_chainloader() function; The chainloader command is used to boot up operating systems that doesn't support multiboot and do not have direct support from GRUB2. | 7.8 |
| 2022-12-19 | CVE-2022-3775 | When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. | 7.1 |
| 2022-12-14 | CVE-2022-2601 | A buffer overflow was found in grub_font_construct_glyph(). | 8.6 |
| 2022-07-06 | CVE-2021-3695 | Out-of-bounds Write vulnerability in multiple products A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. | 4.5 |
| 2022-07-06 | CVE-2021-3696 | Out-of-bounds Write vulnerability in multiple products A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. | 4.5 |