Every CVE whose affected-product data names Gnu Grub, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2023-4949 — CVSS 8.1 (high): An attacker with local access to a system (either through a disk or external drive) can present a modified XFS partition to grub-legacy in…
CVE-2013-4577 — CVSS 2.1 (low): A certain Debian patch for GNU GRUB uses world-readable permissions for grub.cfg, which allows local users to obtain password hashes, as…