Filtered by vendor Gnu Subscriptions
Filtered by product Grub Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-4949 2 Gnu, Xen 2 Grub, Xen 2024-11-21 8.1 High
An attacker with local access to a system (either through a disk or external drive) can present a modified XFS partition to grub-legacy in such a way to exploit a memory corruption in grub’s XFS file system implementation.
CVE-2013-4577 1 Gnu 1 Grub 2024-11-21 N/A
A certain Debian patch for GNU GRUB uses world-readable permissions for grub.cfg, which allows local users to obtain password hashes, as demonstrated by reading the password_pbkdf2 directive in the file.