Search for packages
| purl | pkg:deb/debian/grub2@2.14-2?distro=trixie |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-1a1n-tuft-ufhy | Multiple vulnerabilities have been found in GRUB, the worst might allow for circumvention of UEFI Secure Boot. |
CVE-2020-14309
|
| VCID-1tdk-6d8a-m7h8 | grub2: Missing unregister call for gettext command may lead to use-after-free |
CVE-2025-61662
|
| VCID-1vtj-un1a-afax | grub2: jfs: Integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading data |
CVE-2025-0685
|
| VCID-26tq-2zsm-67fz | A certain Debian patch for GNU GRUB uses world-readable permissions for grub.cfg, which allows local users to obtain password hashes, as demonstrated by reading the password_pbkdf2 directive in the file. |
CVE-2013-4577
|
| VCID-29d7-asmu-e7ev | Multiple vulnerabilities have been discovered in GRUB, the worst of which may allow for secureboot bypass. |
CVE-2021-3981
|
| VCID-2f6m-msj2-2fgy | Multiple vulnerabilities have been discovered in GRUB, the worst of which may allow for secureboot bypass. |
CVE-2021-3697
|
| VCID-33ec-pjax-nkak | Multiple vulnerabilities have been discoverd in GRUB, which may lead to secure boot circumvention or code execution. |
CVE-2022-3775
|
| VCID-3vhv-ya75-cuhc | grub2: command/gpg: Use-after-free due to hooks not being removed on module unload |
CVE-2025-0622
|
| VCID-428v-jh9w-g3g6 | grub2: Stack exhaustion in grub_ext2_read_block |
CVE-2017-9763
|
| VCID-4nrc-eeyb-uqaz | grub2: bypass the GRUB password protection feature |
CVE-2023-4001
|
| VCID-53x3-83by-gueq | grub2: Use-after-free in grub_file_close() |
CVE-2025-54771
|
| VCID-5a7e-ctj7-dqab | grub2: UFS: Integer overflow may lead to heap based out-of-bounds write when handling symlinks |
CVE-2025-0677
|
| VCID-5m3u-p8q4-kfhx | grub2: commands/extcmd: Missing check for failed allocation |
CVE-2024-45775
|
| VCID-5m6c-h4j2-mqcg | grub2: grub-core/gettext: Integer overflow leads to Heap OOB Write. |
CVE-2024-45777
|
| VCID-5vyx-ut4z-jucd | grub2: udf: Heap based buffer overflow in grub_udf_read_block() may lead to arbitrary code execution |
CVE-2025-0689
|
| VCID-6cpn-v8j3-7ub3 | grub2: grub-core/gettext: Integer overflow leads to Heap OOB Write and Read. |
CVE-2024-45776
|
| VCID-6jes-p579-uyg3 | Multiple vulnerabilities have been discovered in GRUB, the worst of which may allow for secureboot bypass. |
CVE-2022-28735
|
| VCID-6tg5-6gjc-nygy | grub2: read: Integer overflow may lead to out-of-bounds write |
CVE-2025-0690
|
| VCID-6vxc-35x2-3fek | grub2: fs/bfs: Integer overflow in the BFS parser. |
CVE-2024-45778
|
| VCID-744c-pb2n-5kf4 | Multiple vulnerabilities have been found in GRUB, the worst might allow for circumvention of UEFI Secure Boot. |
CVE-2021-20225
|
| VCID-7m7x-bjrn-fkgg | grub2: grub2 allows bypassing TPM-bound disk encryption on SL(E)M encrypted Images |
CVE-2024-49504
|
| VCID-8axp-fasm-8ka4 | Multiple vulnerabilities have been found in GRUB, the worst might allow for circumvention of UEFI Secure Boot. |
CVE-2020-27779
|
| VCID-8kh4-ym2x-k3he | grub2: out-of-bounds read at fs/ntfs.c |
CVE-2023-4693
|
| VCID-8zje-6cet-h3a4 | Multiple vulnerabilities have been discovered in GRUB, the worst of which may allow for secureboot bypass. |
CVE-2021-3695
|
| VCID-9dkn-kkgd-37ce | Multiple vulnerabilities have been discovered in GRUB, the worst of which may allow for secureboot bypass. |
CVE-2022-28733
|
| VCID-9mut-ye1e-pbdx | grub2: Out-of-bounds write at fs/ntfs.c may lead to unsigned code execution |
CVE-2023-4692
|
| VCID-c2vg-36gb-bqas | grub2: Missing unregister call for normal_exit command may lead to use-after-free |
CVE-2025-61664
|
| VCID-ctvs-7qdg-ebh3 | grub2: modules built in on EFI builds that allow loading arbitrary code, circumventing secure boot |
CVE-2015-5281
|
| VCID-dee9-zb16-sbeb | Multiple vulnerabilities have been found in GRUB, the worst might allow for circumvention of UEFI Secure Boot. |
CVE-2020-15707
|
| VCID-dn64-5ysd-yfer | grub2: heap-based buffer overflow |
CVE-2024-56737
|
| VCID-eek6-ufv4-kydb | Multiple vulnerabilities have been found in GRUB, the worst might allow for circumvention of UEFI Secure Boot. |
CVE-2020-14310
|
| VCID-f6ad-7qb1-9bcd | Multiple vulnerabilities have been found in GRUB, the worst might allow for circumvention of UEFI Secure Boot. |
CVE-2021-20233
|
| VCID-g3tz-5rzv-wkgk | Multiple vulnerabilities have been discovered in GRUB, the worst of which may allow for secureboot bypass. |
CVE-2022-28734
|
| VCID-gaet-924c-57dv | grub2: Use-after-free in net_set_vlan |
CVE-2025-54770
|
| VCID-gjbg-nve3-m3gy | Multiple vulnerabilities have been discoverd in GRUB, which may lead to secure boot circumvention or code execution. |
CVE-2022-2601
|
| VCID-gjnt-nd6z-v3hf | grub2: grub2-set-bootflag utility causes grubenv corruption rendering the system non-bootable |
CVE-2019-14865
|
| VCID-h2ca-d9yc-vbex | grub2: fs/hfs: Integer overflow may lead to heap based out-of-bounds write |
CVE-2025-1125
|
| VCID-hn4b-sdcq-j3bx | grub2: commands/dump: The dump command is not in lockdown when secure boot is enabled |
CVE-2025-1118
|
| VCID-hn7g-vvzw-c7g5 | A Insecure Temporary File vulnerability in grub-once of grub2 in SUSE Linux Enterprise Server 15 SP4, openSUSE Factory allows local attackers to truncate arbitrary files. This issue affects: SUSE Linux Enterprise Server 15 SP4 grub2 versions prior to 2.06-150400.7.1. SUSE openSUSE Factory grub2 versions prior to 2.06-18.1. |
CVE-2021-46705
|
| VCID-kf2m-fx4q-wbhz | Multiple vulnerabilities have been found in GRUB, the worst might allow for circumvention of UEFI Secure Boot. |
CVE-2020-15705
|
| VCID-m4y5-twzm-dqcw | Multiple vulnerabilities have been found in GRUB, the worst might allow for circumvention of UEFI Secure Boot. |
CVE-2020-27749
|
| VCID-m5vd-4m54-6ygc | Multiple vulnerabilities have been found in GRUB, the worst might allow for circumvention of UEFI Secure Boot. |
CVE-2020-25647
|
| VCID-nn2e-jq31-n7bc | Multiple vulnerabilities have been discovered in GRUB, the worst of which may allow for secureboot bypass. |
CVE-2021-3696
|
| VCID-nphq-62t2-b7bk | grub2: reiserfs: Integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading data |
CVE-2025-0684
|
| VCID-nu7m-84c3-uyfu | grub2: grub 2.05 reintroduced CVE-2020-15705 |
CVE-2021-3418
|
| VCID-nyx2-qahu-w7f1 | grub2: grub2-set-bootflag can be abused by local (pseudo-)users |
CVE-2024-1048
|
| VCID-p4uv-kcsu-fqbr | Multiple vulnerabilities have been found in GRUB, the worst might allow for circumvention of UEFI Secure Boot. |
CVE-2020-15706
|
| VCID-pjq7-bxwk-uqec | grub2: fs/hfs+: refcount can be decremented twice |
CVE-2024-45783
|
| VCID-psu8-3m29-7udp | grub2: grub-efi crashes upon `exit` |
CVE-2024-2312
|
| VCID-pyp5-qjk4-7bc3 | grub2: Improper password checking |
CVE-2009-4128
|
| VCID-s86w-7czc-s3a9 | grub2: reader/jpeg: Heap OOB Write during JPEG parsing |
CVE-2024-45774
|
| VCID-sub1-vd8w-dka7 | grub2: net: Out-of-bounds write in grub_net_search_config_file() |
CVE-2025-0624
|
| VCID-swtj-9pmu-4ugn | grub2: grub allow access to encrypted device through CLI once root device is unlocked via TPM |
CVE-2025-4382
|
| VCID-tkur-tbms-zkcz | grub2: squash4: Integer overflow may lead to heap based out-of-bounds write when reading data |
CVE-2025-0678
|
| VCID-uqg4-wh5j-6ud1 | Multiple vulnerabilities have been found in GRUB, the worst might allow for circumvention of UEFI Secure Boot. |
CVE-2020-14372
|
| VCID-ur99-cm1x-cfdm | grub2: Missing unregister call for normal commands may lead to use-after-free |
CVE-2025-61663
|
| VCID-v98w-vw6u-dyb3 | Multiple vulnerabilities have been found in GRUB, the worst might allow for circumvention of UEFI Secure Boot. |
CVE-2020-25632
|
| VCID-vuj2-9dc2-bbhv | Multiple vulnerabilities have been found in GRUB, the worst might allow for circumvention of UEFI Secure Boot. |
CVE-2020-14308
|
| VCID-wenh-wyf1-m3c1 | Multiple vulnerabilities have been found in GRUB, the worst might allow for circumvention of UEFI Secure Boot. |
CVE-2020-10713
|
| VCID-wju5-h4aq-e7ag | GRUB's authentication prompt can be bypassed by entering a sequence of backspace characters. |
CVE-2015-8370
|
| VCID-wp1a-2ueg-mych | Multiple vulnerabilities have been discovered in GRUB, the worst of which may allow for secureboot bypass. |
CVE-2022-28736
|
| VCID-wy3p-p9zf-r7ef | grub2: grub2: Out-of-bounds write via malicious USB device |
CVE-2025-61661
|
| VCID-x57b-4ggt-5qdf | grub2: fs/tar: Integer Overflow causes Heap OOB Write |
CVE-2024-45780
|
| VCID-xamt-2k26-p3ev | grub2: fs/hfs: strcpy() using the volume name (fs/hfs.c:382) |
CVE-2024-45782
|
| VCID-xjtf-q3gz-7ug8 | grub2: fs/bfs: Integer overflow leads to Heap OOB Read in the BFS parser |
CVE-2024-45779
|
| VCID-ymw1-gk3r-kfhz | grub2: romfs: Integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading dat |
CVE-2025-0686
|
| VCID-yw2r-4rr8-pkfd | grub2: fs/ufs: OOB write in the heap |
CVE-2024-45781
|
| VCID-zqvy-2txw-9uhz | Multiple vulnerabilities have been found in GRUB, the worst might allow for circumvention of UEFI Secure Boot. |
CVE-2020-14311
|