VYPR
Vendor

Rhboot

Products
3
CVEs
20
Across products
20
Status
Private

Products

3

Recent CVEs

20
  • CVE-2025-0624HigFeb 19, 2025
    risk 0.49cvss 7.6epss 0.01

    A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grub_strcpy() function. During this step, it fails to consider the…

  • CVE-2024-49504HigNov 13, 2024
    risk 0.46cvss epss 0.00

    grub2 allowed attackers with access to the grub shell to access files on the encrypted disks.

  • CVE-2024-45781MedFeb 18, 2025
    risk 0.44cvss 6.7epss 0.00

    A flaw was found in grub2. When reading a symbolic link's name from a UFS filesystem, grub2 fails to validate the string length taken as an input. The lack of validation may lead to a heap out-of-bounds write, causing data integrity issues and eventually allowing an attacker to…

  • CVE-2024-45776MedFeb 18, 2025
    risk 0.44cvss 6.7epss 0.00

    When reading the language .mo file in grub_mofile_open(), grub2 fails to verify an integer overflow when allocating its internal buffer. A crafted .mo file may lead the buffer size calculation to overflow, leading to out-of-bound reads and writes. This flaw allows an attacker to…

  • CVE-2026-6862MedApr 22, 2026
    risk 0.36cvss 5.5epss 0.00

    A flaw was found in libefiboot, a component of efivar. The device path node parser in libefiboot fails to validate that each node's Length field is at least 4 bytes, which is the minimum size for an EFI (Extensible Firmware Interface) device path node header. A local user could…

  • CVE-2024-45775MedFeb 18, 2025
    risk 0.34cvss 5.2epss 0.00

    A flaw was found in grub2 where the grub_extcmd_dispatcher() function calls grub_arg_list_alloc() to allocate memory for the grub's argument list. However, it fails to check in case the memory allocation fails. Once the allocation fails, a NULL point will be processed by the…

  • CVE-2025-61664MedNov 18, 2025
    risk 0.32cvss 4.9epss 0.00

    A vulnerability in the GRUB2 bootloader has been identified in the normal module. This flaw, a memory Use After Free issue, occurs because the normal_exit command is not properly unregistered when its related module is unloaded. An attacker can exploit this condition by invoking…

  • CVE-2024-45783MedFeb 18, 2025
    risk 0.29cvss 4.4epss 0.00

    A flaw was found in grub2. When failing to mount an HFS+ grub, the hfsplus filesystem driver doesn't properly set an ERRNO value. This issue may lead to a NULL pointer access.

  • CVE-2025-0686Mar 3, 2025
    risk 0.00cvss epss 0.00

    A flaw was found in grub2. When performing a symlink lookup from a romfs filesystem, grub's romfs filesystem module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A…

  • CVE-2025-0685Mar 3, 2025
    risk 0.00cvss epss 0.00

    A flaw was found in grub2. When reading data from a jfs filesystem, grub's jfs filesystem module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciouly crafted…

  • CVE-2025-0684Mar 3, 2025
    risk 0.00cvss epss 0.00

    A flaw was found in grub2. When performing a symlink lookup from a reiserfs filesystem, grub's reiserfs fs module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciouly…

  • CVE-2024-45779Mar 3, 2025
    risk 0.00cvss epss 0.00

    An integer overflow flaw was found in the BFS file system driver in grub2. When reading a file with an indirect extent map, grub2 fails to validate the number of extent entries to be read. A crafted or corrupted BFS filesystem may cause an integer overflow during the file…

  • CVE-2024-45780Mar 3, 2025
    risk 0.00cvss epss 0.00

    A flaw was found in grub2. When reading tar files, grub2 allocates an internal buffer for the file name. However, it fails to properly verify the allocation against possible integer overflows. It's possible to cause the allocation length to overflow with a crafted tar file,…

  • CVE-2024-45777Feb 19, 2025
    risk 0.00cvss epss 0.00

    A flaw was found in grub2. The calculation of the translation buffer when reading a language .mo file in grub_gettext_getstr_from_position() may overflow, leading to a Out-of-bound write. This issue can be leveraged by an attacker to overwrite grub2's sensitive heap data,…

  • CVE-2024-1048Feb 6, 2024
    risk 0.00cvss epss 0.00

    A flaw was found in the grub2-set-bootflag utility of grub2. After the fix of CVE-2019-14865, grub2-set-bootflag will create a temporary file with the new grubenv content and rename it to the original grubenv file. If the program is killed before the rename operation, the…

  • CVE-2023-4001Jan 15, 2024
    risk 0.00cvss epss 0.01

    An authentication bypass flaw was found in GRUB due to the way that GRUB uses the UUID of a device to search for the configuration file that contains the password hash for the GRUB password protection feature. An attacker capable of attaching an external drive such as a USB…

  • CVE-2023-4692Oct 25, 2023
    risk 0.00cvss epss 0.01

    An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a specially crafted NTFS filesystem image, leading to grub's heap metadata corruption. In some circumstances, the attack may also corrupt the UEFI firmware heap…

  • CVE-2022-3560Feb 2, 2023
    risk 0.00cvss epss 0.00

    A flaw was found in pesign. The pesign package provides a systemd service used to start the pesign daemon. This service unit runs a script to set ACLs for /etc/pki/pesign and /run/pesign directories to grant access privileges to users in the 'pesign' group. However, the script…

  • CVE-2022-1249Apr 29, 2022
    risk 0.00cvss epss 0.00

    A NULL pointer dereference flaw was found in pesign's cms_set_pw_data() function of the cms_common.c file. The function fails to handle the NULL pwdata invocation from daemon.c, which leads to an explicit NULL dereference and crash on all attempts to daemonize pesign.

  • CVE-2021-46705Mar 16, 2022
    risk 0.00cvss epss 0.00

    A Insecure Temporary File vulnerability in grub-once of grub2 in SUSE Linux Enterprise Server 15 SP4, openSUSE Factory allows local attackers to truncate arbitrary files. This issue affects: SUSE Linux Enterprise Server 15 SP4 grub2 versions prior to 2.06-150400.7.1. SUSE…