Where
-Infinity
0

Trending

Last week
Last month
Last year

Microsoft azl3 grub2 2.06-25Grub2: missing unregister call for normal_exit command may lead to use-after-free

Risk 40
Severity
4.9
First published (updated )
CVE-2025-61664

Microsoft azl3 grub2 2.06-25Grub2: missing unregister call for normal commands may lead to use-after-free

Risk 40
Severity
4.9
First published (updated )
CVE-2025-61663

Microsoft cbl2 grub2 2.06-15Grub2: missing unregister call for gettext command may lead to use-after-free

Risk 75
Severity
7.8
First published (updated )
CVE-2025-61662

GNU GRUB2Grub2: use-after-free in net_set_vlan

Risk 40
Severity
4.9
First published (updated )
CVE-2025-54770

redhat Enterprise LinuxGrub2: grub-core/gettext: integer overflow leads to heap oob write.

Risk 64
Severity
6.7
First published (updated )
CVE-2024-45777
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

GNU GRUB2Grub2: fs/hfs: integer overflow may lead to heap based out-of-bounds write

Risk 72
Severity
7.8
First published (updated )
CVE-2025-1125

GNU GRUB2Grub2: commands/dump: the dump command is not in lockdown when secure boot is enabled

Risk 28
Severity
4.4
First published (updated )
CVE-2025-1118

GNU GRUB 2Grub2: udf: heap based buffer overflow in grub_udf_read_block() may lead to arbitrary code execution

Risk 72
Severity
7.8
First published (updated )
CVE-2025-0689

GNU GRUB2Grub2: net: out-of-bounds write in grub_net_search_config_file()

Risk 66
Severity
7.6
First published (updated )
CVE-2025-0624

GNU GRUB2Grub2: command/gpg: use-after-free due to hooks not being removed on module unload

Risk 60
Severity
6.4
First published (updated )
CVE-2025-0622
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

GNU GRUB2Grub2: fs/ufs: oob write in the heap

Risk 64
Severity
6.7
First published (updated )
CVE-2024-45781

GNU GRUB2Grub2: fs/tar: integer overflow causes heap oob write

Risk 64
Severity
6.7
First published (updated )
CVE-2024-45780

redhat Enterprise LinuxGrub2: fs/bfs: integer overflow in the bfs parser.

Risk 34
Severity
5.5
First published (updated )
CVE-2024-45778

GNU GRUB2Grub2: grub-core/gettext: integer overflow leads to heap oob write and read.

Risk 64
Severity
6.7
First published (updated )
CVE-2024-45776

GNU GRUB2Grub2: commands/extcmd: missing check for failed allocation

Risk 43
Severity
5.2
First published (updated )
CVE-2024-45775
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

GNU GRUB2Grub2: reader/jpeg: heap oob write during jpeg parsing

Risk 64
Severity
6.7
First published (updated )
CVE-2024-45774

ubuntu/grub2-unsignedGrub2: out-of-bounds read at fs/ntfs.c

Risk 31
Severity
5.3
First published (updated )
CVE-2023-4693

ubuntu/grub2-unsignedGrub2: out-of-bounds write at fs/ntfs.c may lead to unsigned code execution

Risk 75
Severity
7.8
First published (updated )
CVE-2023-4692

redhat/grub2There's a use-after-free vulnerability in grub_cmd_chainloader() function

Risk 71
Severity
7.8
First published (updated )
CVE-2022-28736

redhat/grub2A flaw was found in grub2. The shim_lock verifier from grub2 allows non-kernel files to be loaded wh…

Risk 71
Severity
7.8
First published (updated )
CVE-2022-28735
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

redhat/grub2Out-of-bounds write when handling split HTTP headers

Risk 89
Severity
9.8
First published (updated )
CVE-2022-28734

redhat/grub2Integer underflow in grub_net_recv_ip4_packets

Risk 77
Severity
8.1
First published (updated )
CVE-2022-28733

GNU GRUB2grub2-once uses fixed file name in /var/tmp

Risk 32
Severity
5.1
First published (updated )
CVE-2021-46705

redhat Enterprise Linux Server AusThere's a flaw on grub2 menu rendering code setparam_prefix() in the menu rendering code performs a …

Risk 64
Severity
8.2
First published (updated )
CVE-2021-20233

redhat Enterprise Linux Server AusThe option parser in grub2 allows an attacker to write past the end of a heap-allocated buffer by ca…

Risk 63
Severity
7.2
First published (updated )
CVE-2021-20225
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

redhat/grub2GRUB2 contained integer overflows when handling the initrd command, leading to a heap-based buffer overflow.

Risk 59
Severity
6.4
First published (updated )
CVE-2020-15707

redhat/grub2GRUB2 contains a race condition leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing.

Risk 59
Severity
6.4
First published (updated )
CVE-2020-15706

redhat/grub2GRUB2: avoid loading unsigned kernels when GRUB is booted directly under secureboot without shim

Risk 59
Severity
6.4
First published (updated )
CVE-2020-15705

redhat/grub2Buffer Overflow, Integer Overflow

Risk 46
Severity
6
First published (updated )
CVE-2020-14310

redhat/grub2Buffer Overflow, Integer Overflow

Risk 63
Severity
6.7
First published (updated )
CVE-2020-14309
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203