| Bug | Description |
|---|
| CVE-2024-2312 | GRUB2 does not call the module fini functions on exit, leading to Debi ... |
| CVE-2024-1048 | A flaw was found in the grub2-set-bootflag utility of grub2. After the ... |
| CVE-2023-4693 | An out-of-bounds read flaw was found on grub2's NTFS filesystem driver ... |
| CVE-2023-4692 | An out-of-bounds write flaw was found in grub2's NTFS filesystem drive ... |
| CVE-2023-4001 | An authentication bypass flaw was found in GRUB due to the way that GR ... |
| CVE-2022-28736 | There's a use-after-free vulnerability in grub_cmd_chainloader() funct ... |
| CVE-2022-28735 | The GRUB2's shim_lock verifier allows non-kernel files to be loaded on ... |
| CVE-2022-28734 | Out-of-bounds write when handling split HTTP headers; When handling sp ... |
| CVE-2022-28733 | Integer underflow in grub_net_recv_ip4_packets; A malicious crafted IP ... |
| CVE-2022-3775 | When rendering certain unicode sequences, grub2's font code doesn't pr ... |
| CVE-2022-2601 | A buffer overflow was found in grub_font_construct_glyph(). A maliciou ... |
| CVE-2021-46705 | A Insecure Temporary File vulnerability in grub-once of grub2 in SUSE ... |
| CVE-2021-20233 | A flaw was found in grub2 in versions prior to 2.06. Setparam_prefix() ... |
| CVE-2021-20225 | A flaw was found in grub2 in versions prior to 2.06. The option parser ... |
| CVE-2021-3697 | A crafted JPEG image may lead the JPEG reader to underflow its data po ... |
| CVE-2021-3696 | A heap out-of-bounds write may heppen during the handling of Huffman t ... |
| CVE-2021-3695 | A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write ... |
| CVE-2021-3418 | If certificates that signed grub are installed into db, grub can be bo ... |
| CVE-2020-27779 | A flaw was found in grub2 in versions prior to 2.06. The cutmem comman ... |
| CVE-2020-27749 | A flaw was found in grub2 in versions prior to 2.06. Variable names pr ... |
| CVE-2020-25647 | A flaw was found in grub2 in versions prior to 2.06. During USB device ... |
| CVE-2020-25632 | A flaw was found in grub2 in versions prior to 2.06. The rmmod impleme ... |
| CVE-2020-15707 | Integer overflows were discovered in the functions grub_cmd_initrd and ... |
| CVE-2020-15706 | GRUB2 contains a race condition in grub_script_function_create() leadi ... |
| CVE-2020-15705 | GRUB2 fails to validate kernel signature when booted directly without ... |
| CVE-2020-14372 | A flaw was found in grub2 in versions prior to 2.06, where it incorrec ... |
| CVE-2020-14311 | There is an issue with grub2 before version 2.06 while handling symlin ... |
| CVE-2020-14310 | There is an issue on grub2 before version 2.06 at function read_sectio ... |
| CVE-2020-14309 | There's an issue with grub2 in all versions before 2.06 when handling ... |
| CVE-2020-14308 | In grub2 versions before 2.06 the grub memory allocator doesn't check ... |
| CVE-2020-10713 | A flaw was found in grub2, prior to version 2.06. An attacker may use ... |
| CVE-2019-14865 | A flaw was found in the grub2-set-bootflag utility of grub2. A local a ... |
| CVE-2017-9763 | The grub_ext2_read_block function in fs/ext2.c in GNU GRUB before 2013 ... |
| CVE-2015-8370 | Multiple integer underflows in Grub2 1.98 through 2.02 allow physicall ... |
| CVE-2015-5281 | The grub2 package before 2.02-0.29 in Red Hat Enterprise Linux (RHEL) ... |
| CVE-2013-4577 | A certain Debian patch for GNU GRUB uses world-readable permissions fo ... |
| CVE-2009-4128 | GNU GRand Unified Bootloader (GRUB) 2 1.97 only compares the submitted ... |