Vulnerabilities > GNU > Grub2 > 2.06
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-03 | CVE-2024-45778 | Integer Overflow or Wraparound vulnerability in multiple products A stack overflow flaw was found when reading a BFS file system. | 5.5 |
| 2025-03-03 | CVE-2024-45782 | A flaw was found in the HFS filesystem. | 7.8 |
| 2025-03-03 | CVE-2025-0678 | A flaw was found in grub2. | 7.8 |
| 2025-03-03 | CVE-2024-45779 | Unspecified vulnerability in GNU Grub2 An integer overflow flaw was found in the BFS file system driver in grub2. | 6.0 |
| 2025-03-03 | CVE-2024-45780 | Unspecified vulnerability in GNU Grub2 A flaw was found in grub2. | 6.7 |
| 2023-10-25 | CVE-2023-4692 | Out-of-bounds Write vulnerability in multiple products An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. | 7.8 |
| 2023-10-25 | CVE-2023-4693 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read flaw was found on grub2's NTFS filesystem driver. | 4.6 |
| 2023-07-20 | CVE-2022-28733 | Integer Underflow (Wrap or Wraparound) vulnerability in GNU Grub2 Integer underflow in grub_net_recv_ip4_packets; A malicious crafted IP packet can lead to an integer underflow in grub_net_recv_ip4_packets() function on rsm->total_len value. | 8.1 |
| 2023-07-20 | CVE-2022-28734 | Out-of-bounds Write vulnerability in multiple products Out-of-bounds write when handling split HTTP headers; When handling split HTTP headers, GRUB2 HTTP code accidentally moves its internal data buffer point by one position. | 7.0 |
| 2023-07-20 | CVE-2022-28735 | Unspecified vulnerability in GNU Grub2 The GRUB2's shim_lock verifier allows non-kernel files to be loaded on shim-powered secure boot systems. | 7.8 |