Vulnerabilities (CVE)

Filtered by vendor Gnu Subscribe
Filtered by product Grub
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2013-4577 1 Gnu 1 Grub 2024-01-16 2.1 LOW N/A
A certain Debian patch for GNU GRUB uses world-readable permissions for grub.cfg, which allows local users to obtain password hashes, as demonstrated by reading the password_pbkdf2 directive in the file.
CVE-2023-4949 2 Gnu, Xen 2 Grub, Xen 2023-12-10 N/A 6.7 MEDIUM
An attacker with local access to a system (either through a disk or external drive) can present a modified XFS partition to grub-legacy in such a way to exploit a memory corruption in grub’s XFS file system implementation.