Vulnerabilities > GNU > Grub2 > 2.06

DATE CVE VULNERABILITY TITLE RISK
2025-03-03 CVE-2024-45778 Integer Overflow or Wraparound vulnerability in multiple products
A stack overflow flaw was found when reading a BFS file system.
local
low complexity
gnu redhat CWE-190
5.5
2025-03-03 CVE-2024-45782 A flaw was found in the HFS filesystem.
local
low complexity
gnu redhat
7.8
2025-03-03 CVE-2025-0678 A flaw was found in grub2.
local
low complexity
gnu redhat
7.8
2025-03-03 CVE-2024-45779 Unspecified vulnerability in GNU Grub2
An integer overflow flaw was found in the BFS file system driver in grub2.
local
low complexity
gnu
6.0
2025-03-03 CVE-2024-45780 Unspecified vulnerability in GNU Grub2
A flaw was found in grub2.
local
low complexity
gnu
6.7
2023-10-25 CVE-2023-4692 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds write flaw was found in grub2's NTFS filesystem driver.
local
low complexity
gnu redhat CWE-787
7.8
2023-10-25 CVE-2023-4693 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read flaw was found on grub2's NTFS filesystem driver.
low complexity
gnu redhat CWE-125
4.6
2023-07-20 CVE-2022-28733 Integer Underflow (Wrap or Wraparound) vulnerability in GNU Grub2
Integer underflow in grub_net_recv_ip4_packets; A malicious crafted IP packet can lead to an integer underflow in grub_net_recv_ip4_packets() function on rsm->total_len value.
network
high complexity
gnu CWE-191
8.1
2023-07-20 CVE-2022-28734 Out-of-bounds Write vulnerability in multiple products
Out-of-bounds write when handling split HTTP headers; When handling split HTTP headers, GRUB2 HTTP code accidentally moves its internal data buffer point by one position.
network
high complexity
gnu netapp CWE-787
7.0
2023-07-20 CVE-2022-28735 Unspecified vulnerability in GNU Grub2
The GRUB2's shim_lock verifier allows non-kernel files to be loaded on shim-powered secure boot systems.
local
low complexity
gnu
7.8