VIR Vulnerability Intelligence Relay

Search

Found 9,839 results in 800ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2024-50612 medium 5.5 FIX rhel rocky sles 2y ago RHSA-2024:11192: libsndfile security update (Moderate)
CVE-2024-38796 medium 5.5 FIX rhel rockydebian debian 2y ago RHSA-2024:11185: edk2:20220126gitbb1bba3d77 security update (Moderate)
CVE-2024-34156 high 8.0 FIX rhel rockydebian debian 2y ago RHSA-2024:8038: container-tools:rhel8 security update (Important)
CVE-2024-10573 medium 5.5 FIX rhel rocky sles 2y ago RHSA-2024:11193: mpg123 security update (Moderate)
CVE-2024-10041 high 8.0 FIX rhel rocky sles 2y ago RHSA-2024:10379: pam security update (Important)
CVE-2024-47615 high 8.0 FIX rhel rockydebian debian 2y ago RHSA-2024:11345: gstreamer1-plugins-base security update (Important)
CVE-2024-47613 high 8.0 FIX rhel rockydebian debian 2y ago GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been identified in `gst_gdk_pixbuf_dec_flush` within `gstgdkpixbufdec.c`. Thi…
CVE-2024-47607 high 8.0 FIX rhel rockydebian debian 2y ago RHSA-2024:11345: gstreamer1-plugins-base security update (Important)
CVE-2024-47606 high 8.0 FIX rhel rockydebian debian 2y ago GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemux_parse_theora_extension within qtdemux.c. The vulnerability …
CVE-2024-47540 high 8.0 FIX rhel rockydebian debian 2y ago GStreamer is a library for constructing graphs of media-handling components. An uninitialized stack variable vulnerability has been identified in the gst_matroska_demux_add_wvpk_header function withi…
CVE-2024-47539 high 8.0 FIX rhel rockydebian debian 2y ago GStreamer is a library for constructing graphs of media-handling components. An out-of-bounds write vulnerability was identified in the convert_to_s334_1a function in isomp4/qtdemux.c. The vulnerabil…
CVE-2024-47538 high 8.0 FIX rhel rockydebian debian 2y ago RHSA-2024:11345: gstreamer1-plugins-base security update (Important)
CVE-2024-47537 high 8.0 FIX rhel rockydebian debian 2y ago GStreamer is a library for constructing graphs of media-handling components. The program attempts to reallocate the memory pointed to by stream->samples to accommodate stream->n_samples + samples_cou…
CVE-2024-9287 high 8.0 FIX rocky rhel sles 2y ago A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands int…
CVE-2024-12254 high 8.0 FIX rhel rocky sles 2y ago RHSA-2024:10980: python3.12 security update (Important)
CVE-2024-11168 high 8.0 FIX rocky rhel sles 2y ago The urllib.parse.urlsplit() and urlparse() functions improperly validated bracketed hosts (`[]`), allowing hosts that weren't IPv6 or IPvFuture. This behavior was not conformant to RFC 3986 and poten…
CVE-2024-0397 medium 5.5 FIX rhel slesdebian debian 2y ago A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “cert_store_stats()” and “get_ca_certs()”. The race condition can be triggere…
CVE-2024-9026 medium 5.5 FIX rhelalmalinux almalinux rocky 2y ago RHSA-2024:10952: php:7.4 security update (Moderate)
CVE-2024-8927 medium 5.5 FIX almalinux almalinux rhel rocky 2y ago RHSA-2024:10952: php:7.4 security update (Moderate)
CVE-2024-8925 medium 5.5 FIX rhelalmalinux almalinux rocky 2y ago RHSA-2024:10952: php:7.4 security update (Moderate)
CVE-2024-5458 medium 5.5 FIX rhelalmalinux almalinux rocky 2y ago RHSA-2024:10952: php:7.4 security update (Moderate)
CVE-2024-50251 medium 6.2 6.2 FIX rhel slesdebian debian 2y ago Moderate: kernel security update
CVE-2024-49949 medium 5.5 5.5 FIX rhel rocky sles 2y ago Moderate: kernel security update
CVE-2024-46695 medium 5.5 FIX rhel rocky sles 2y ago Moderate: kernel security update
CVE-2024-45018 medium 5.5 5.5 FIX rhel rocky sles 2y ago Moderate: kernel security update
CVE-2024-44994 medium 5.5 FIX rhel slesdebian debian 2y ago Moderate: kernel security update
CVE-2024-43854 medium 5.5 FIX rhel rocky sles 2y ago Moderate: kernel security update
CVE-2024-3096 medium 5.5 FIX rhelalmalinux almalinux rocky 2y ago RHSA-2024:10952: php:7.4 security update (Moderate)
CVE-2024-2756 medium 5.5 FIX rhelalmalinux almalinux rocky 2y ago RHSA-2024:10952: php:7.4 security update (Moderate)
CVE-2024-26615 medium 5.5 FIX rhel rocky sles 2y ago Moderate: kernel security update
CVE-2024-31449 high 8.0 FIX rhel rocky sles 2y ago Important: redis security update
CVE-2024-31228 high 8.0 FIX rhel rocky sles 2y ago Important: redis security update
CVE-2024-31227 medium 5.5 FIX rhel slesdebian debian 2y ago Moderate: redis:7 security update
CVE-2023-45145 high 8.0 FIX rhel rocky sles 2y ago Important: redis security update
CVE-2023-41053 medium 5.5 FIX rhel slesdebian debian 2y ago Moderate: redis:7 security update
CVE-2024-10979 high 8.0 FIX rhel rocky sles 2y ago RHSA-2024:10832: postgresql:13 security update (Important)
CVE-2024-10978 high 8.0 FIX rhel rocky sles 2y ago RHSA-2024:10832: postgresql:13 security update (Important)
CVE-2024-10976 high 8.0 FIX rhel rocky sles 2y ago RHSA-2024:10832: postgresql:13 security update (Important)
CVE-2024-52804 high 8.0 FIX rhel rocky sles 2y ago RHSA-2025:2872: pcs security update (Important)
CVE-2024-11699 high 8.0 FIX rhel rockydebian debian 2y ago Memory safety bugs present in Firefox 132, Firefox ESR 128.4, and Thunderbird 128.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could…
CVE-2024-11697 high 8.0 FIX rhel rockydebian debian 2y ago When handling keypress events, an attacker may have been able to trick a user into bypassing the "Open Executable File?" confirmation dialog. This could have led to malicious code execution. This vul…
CVE-2024-11696 high 8.0 FIX rhel rockydebian debian 2y ago The application failed to account for exceptions thrown by the `loadManifestFromFile` method during add-on signature verification. This flaw, triggered by an invalid or unsupported extension manifest…
CVE-2024-11695 high 8.0 FIX rhel rockydebian debian 2y ago A crafted URL containing Arabic script and whitespace characters could have hidden the true origin of the page, resulting in a potential spoofing attack. This vulnerability affects Firefox < 133, Fir…
CVE-2024-11694 high 8.0 FIX rhel rockydebian debian 2y ago Enhanced Tracking Protection's Strict mode may have inadvertently allowed a CSP `frame-src` bypass and DOM-based XSS through the Google SafeFrame shim in the Web Compatibility extension. This issue c…
CVE-2024-11692 high 8.0 FIX rhel rockydebian debian 2y ago An attacker could cause a select dropdown to be shown over another tab; this could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 133, Firefox ESR < 12…
CVE-2024-11159 high 8.0 FIX rhel rocky sles 2y ago RHSA-2024:10591: thunderbird security update (Important)
CVE-2024-44309 high 9.5 KEVFIX rhel rocky sles 2y ago A cookie management issue was addressed with improved state management. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, iOS 18.1.1 and iPadOS 18.1.1, macOS Sequoia 15.1.1, visionO…
CVE-2024-52337 medium 5.5 FIX rhel rocky sles 2y ago RHSA-2024:11161: tuned security update (Moderate)
CVE-2024-52336 high 8.0 FIX rhel sles rocky 2y ago Important: tuned security update
CVE-2024-50226 medium 5.5 FIX rhel slesdebian debian 2y ago Moderate: kernel security update
CVE-2024-46679 medium 4.7 4.7 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: ethtool: check device is present when getting link settings A sysfs reader can race with a device reset or removal, attempting to…
CVE-2024-42244 medium 5.5 FIX rhel rocky sles 2y ago Moderate: kernel security update
CVE-2024-41009 medium 5.5 FIX rhel rocky sles 2y ago Moderate: kernel security update
CVE-2024-45321 medium 5.5 rhel rockydebian debian 2y ago RHSA-2024:10219: perl-App-cpanminus:1.7044 security update (Moderate)
CVE-2024-10963 high 8.0 FIX rhel rocky sles 2y ago RHSA-2024:10379: pam security update (Important)
CVE-2024-53899 high 8.0 FIX rocky slesdebian debian 2y ago virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual environment. Magic template strings are not quoted correctly when replacing. NOTE: this is not the same…
CVE-2024-9632 high 8.0 FIX rhel rocky sles 2y ago A flaw was found in the X.org server. Due to improperly tracked allocation size in _XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially crafted payloa…
CVE-2024-5197 medium 5.5 FIX rhel rocky sles 2y ago RHSA-2024:5941: libvpx security update (Moderate)
CVE-2024-46858 medium 5.5 FIX rhel rocky sles 2y ago Moderate: kernel security update
CVE-2024-46824 medium 5.5 FIX rhel slesdebian debian 2y ago Moderate: kernel security update
CVE-2024-45802 high 8.0 FIX rhel rocky sles 2y ago RHSA-2024:9644: squid:4 security update (Important)
CVE-2024-42283 medium 5.5 5.5 FIX rhel slesdebian debian 2y ago Moderate: kernel security update
CVE-2024-9050 high 8.0 rhel rocky 2y ago RHSA-2024:8353: NetworkManager-libreswan security update (Important)
CVE-2024-52532 high 8.0 FIX rhel rocky sles 2y ago RHSA-2024:9573: libsoup security update (Important)
CVE-2024-52530 high 8.0 FIX rhel rocky sles 2y ago RHSA-2024:9573: libsoup security update (Important)
CVE-2024-50602 medium 5.5 FIX rhel rockydebian debian 2y ago RHSA-2024:9502: expat security update (Moderate)
CVE-2024-44296 high 8.0 FIX rocky slesdebian debian 2y ago The issue was addressed with improved checks. This issue is fixed in Safari 18.1, iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. Pr…
CVE-2024-44244 high 8.0 FIX rhel rocky sles 2y ago A memory corruption issue was addressed with improved input validation. This issue is fixed in Safari 18.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. Proces…
CVE-2024-43499 high 8.0 FIX rhelalmalinux almalinux 2y ago Important: .NET 9.0 security update
CVE-2024-43498 high 8.0 FIX rhelalmalinux almalinux 2y ago Important: .NET 9.0 security update
CVE-2024-8235 medium 5.5 FIX rhel slesdebian debian 2y ago Moderate: libvirt security update
CVE-2024-7409 medium 5.5 FIX rhel rocky sles 2y ago A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service (DoS) attack via improper synchronization during socket closure when a client keeps a socket open as the server …
CVE-2024-6655 medium 5.5 FIX rhel rockydebian debian 2y ago RHSA-2024:6963: gtk3 security update (Moderate)
CVE-2024-6239 medium 5.5 FIX rhel sles rocky 2y ago A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to c…
CVE-2024-58239 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: tls: stop recv() if initial process_rx_list gave us non-DATA If we have a non-DATA record on the rx_list and another record of th…
CVE-2024-45005 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: KVM: s390: fix validity interception issue when gisa is switched off We might run into a SIE validity if gisa has been disabled e…
CVE-2024-44984 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix double DMA unmapping for XDP_REDIRECT Remove the dma_unmap_page_attrs() call in the driver's XDP_REDIRECT code path.…
CVE-2024-44970 high 8.0 FIX rhel rocky sles 2y ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink When all the strides in a WQE have been consumed, the WQE is unlinked from t…
CVE-2024-44965 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix pti_clone_pgtable() alignment assumption Guenter reported dodgy crashes on an i386-nosmp build using GCC-11 that had …
CVE-2024-44960 medium 5.5 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: usb: gadget: core: Check for unset descriptor Make sure the descriptor has been set before looking at maxpacket. This fixes a nul…
CVE-2024-44947 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: fuse: Initialize beyond-EOF page contents before setting uptodate fuse_notify_store(), unlike fuse_do_readpage(), does not enable…
CVE-2024-43911 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL dereference at band check in starting tx ba session In MLD connection, link_data/link_conf are dynamical…
CVE-2024-43892 medium 5.5 FIX rhel rocky sles 2y ago In the Linux kernel, the following vulnerability has been resolved: memcg: protect concurrent access to mem_cgroup_idr Commit 73f576c04b94 ("mm: memcontrol: fix cgroup creation failure after many s…
CVE-2024-43888 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: mm: list_lru: fix UAF for memory cgroup The mem_cgroup_from_slab_obj() is supposed to be called under rcu lock or cgroup_mutex or…
CVE-2024-43879 medium 5.5 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he() Currently NL80211_RATE_INFO_HE_RU_ALLOC_2x996 is no…
CVE-2024-43870 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: perf: Fix event leak upon exit When a task is scheduled out, pending sigtrap deliveries are deferred to the target task upon resu…
CVE-2024-43869 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: perf: Fix event leak upon exec and file release The perf pending task work is never waited upon the matching event release. In th…
CVE-2024-43866 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Always drain health in shutdown callback There is no point in recovery during device shutdown. if health work started n…
CVE-2024-43865 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: s390/fpu: Re-add exception handling in load_fpu_state() With the recent rewrite of the fpu code exception handling for the lfpc i…
CVE-2024-43856 medium 5.5 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: dma: fix call order in dmam_free_coherent dmam_free_coherent() frees a DMA allocation, which makes the freed vaddr available for …
CVE-2024-43842 medium 5.5 FIX rhel rocky sles 2y ago In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter() In rtw89_sta_info_get_iter() 'status->he_gi' is compared to arr…
CVE-2024-43830 high 7.8 7.8 FIX rhel rocky sles 2y ago In the Linux kernel, the following vulnerability has been resolved: leds: trigger: Unregister sysfs attributes before calling deactivate() Triggers which have trigger specific sysfs attributes typi…
CVE-2024-43826 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: nfs: pass explicit offset/count to trace events nfs_folio_length is unsafe to use without having the folio locked and a check for…
CVE-2024-43817 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: net: missing check virtio Two missing check in virtio_net_hdr_to_skb() allowed syzbot to crash kernels again 1. After the skb_se…
CVE-2024-42301 medium 5.5 FIX rhel rocky sles 2y ago In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of-bounds risk Fixed array out-of-bounds issues caused by sprintf by replacing it with snprintf fo…
CVE-2024-42276 medium 5.5 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: nvme-pci: add missing condition check for existence of mapped data nvme_map_data() is called when request has physical segments, …
CVE-2024-42271 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: net/iucv: fix use after free in iucv_sock_close() iucv_sever_path() is called from process context and from bh context. iucv->pat…
CVE-2024-42268 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix missing lock on sync reset reload On sync reset reload work, when remote host updates devlink on reload actions per…
CVE-2024-42258 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: mm: huge_memory: use !CONFIG_64BIT to relax huge page alignment on 32 bit machines Yves-Alexis Perez reported commit 4ef9ad19e176…
CVE-2024-42245 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: Revert "sched/fair: Make sure to try to detach at least one movable task" This reverts commit b0defa7ae03ecf91b8bfd10ede430cff12f…