CVEs from 2024
Total
6,592
critical
critical 174
high
high 1,069
medium
medium 2,083
low
low 49
% Critical
2.6%
% with KEV
2.5%
% with exploit
3.4%
Top products
- mbed_tls 15
- operations_analytics_log_analysis 14
- surveillance_station 12
- checkmk 10
- office 8
- profilegrid 8
- office_long_term_servicing_channel 6
- propertyhive 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-47597 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been detected in the function qtdemux_parse_samples within qtdemux.c. This issue arises when the function … | |||
| CVE-2024-56729 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: smb: Initialize cfid->tcon before performing network ops Avoid leaking a tcon ref when a lease break races with opening the cache… | |||
| CVE-2024-47596 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in the qtdemux_parse_svq3_stsd_data function within qtdemux.c. In the FOURCC_SMI_ case, se… | |||
| CVE-2024-47546 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in extract_cc_from_data function within qtdemux.c. In the FOURCC_c708 case, the sub… | |||
| CVE-2024-47545 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in qtdemux_parse_trak function within qtdemux.c. During the strf parsing case, the … | |||
| CVE-2024-47601 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gst_matroska_demux_parse_blockgroup_or_simpleblock fun… | |||
| CVE-2024-47543 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been discovered in qtdemux_parse_container function within qtdemux.c. In the parent function… | |||
| CVE-2024-47544 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. The function qtdemux_parse_sbgp in qtdemux.c is affected by a null dereference vulnerability. This vulnerability is fixed … | |||
| CVE-2024-43910 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: add missing check_func_arg_reg_off() to prevent out-of-bounds memory accesses Currently, it's possible to pass in a modified… | |||
| CVE-2024-50067 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: uprobe: avoid out-of-bounds memory access of fetching args Uprobe needs to fetch args into a percpu buffer, and then copy to ring… | |||
| CVE-2024-45775 | medium | — | 5.5 | 1y ago | Moderate: grub2 security update | |||
| CVE-2024-45776 | medium | — | 5.5 | 1y ago | Moderate: grub2 security update | |||
| CVE-2024-50200 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: maple_tree: correct tree corruption on spanning store Patch series "maple_tree: correct tree corruption on spanning store", v3. … | |||
| CVE-2024-57940 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: exfat: fix the infinite loop in exfat_readdir() If the file system is corrupted so that a cluster is linked to itself in the clus… | |||
| CVE-2024-56757 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: mediatek: add intf release flow when usb disconnect MediaTek claim an special usb intr interface for ISO data t… | |||
| CVE-2024-56760 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: PCI/MSI: Handle lack of irqdomain gracefully Alexandre observed a warning emitted from pci_msi_setup_msi_irqs() on a RISCV platfo… | |||
| CVE-2024-57885 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: mm/kmemleak: fix sleeping function called from invalid context at print message Address a bug in the kernel that triggers a "slee… | |||
| CVE-2024-43871 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: devres: Fix memory leakage caused by driver API devm_free_percpu() It will cause memory leakage when use driver API devm_free_per… | |||
| CVE-2024-46951 | medium | — | 5.5 | 1y ago | RHSA-2025:4362: ghostscript security update (Moderate) | |||
| CVE-2024-46954 | medium | — | 5.5 | 1y ago | RHSA-2025:4362: ghostscript security update (Moderate) | |||
| CVE-2024-46839 | medium | — | 5.5 | 1y ago | RHSA-2025:6966: kernel security update (Moderate) | |||
| CVE-2024-53237 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix use-after-free in device_for_each_child() Syzbot has reported the following KASAN splat: BUG: KASAN: slab-use-aft… | |||
| CVE-2024-42304 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: make sure the first directory block is not a hole The syzbot constructs a directory that has no dirblock but is non-inline,… | |||
| CVE-2024-49995 | medium | — | 5.5 | 1y ago | RHSA-2025:6966: kernel security update (Moderate) | |||
| CVE-2024-57884 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim() The task sometimes continues looping in … | |||
| CVE-2024-56779 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur The action force umount(umount -f) will attempt to kill all rpc_ta… | |||
| CVE-2024-47700 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: check stripe size compatibility on remount as well We disable stripe size in __ext4_fill_super if it is not a multiple of t… | |||
| CVE-2024-53920 | medium | — | 5.5 | 1y ago | RHSA-2025:11030: emacs security update (Moderate) | |||
| CVE-2024-3567 | medium | — | 5.5 | 1y ago | A flaw was found in QEMU. An assertion failure was present in the update_sctp_checksum() function in hw/net/net_tx_pkt.c when trying to calculate the checksum of a short-sized fragmented packet. This… | |||
| CVE-2024-46826 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ELF: fix kernel.randomize_va_space double read ELF loader uses "randomize_va_space" twice. It is sysctl and can change at any mom… | |||
| CVE-2024-44990 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: bonding: fix null pointer deref in bond_ipsec_offload_ok We must check if there is an active slave before dereferencing the point… | |||
| CVE-2024-8929 | medium | — | 5.5 | 1y ago | Moderate: php:8.1 security update | |||
| CVE-2024-11234 | medium | — | 5.5 | 1y ago | Moderate: php:8.1 security update | |||
| CVE-2024-11233 | medium | — | 5.5 | 1y ago | Moderate: php:8.1 security update | |||
| CVE-2024-45341 | medium | — | 5.5 | 1y ago | RHSA-2025:3772: go-toolset:rhel8 security update (Moderate) | |||
| CVE-2024-8176 | medium | — | 5.5 | 1y ago | RHSA-2025:4048: xmlrpc-c security update (Moderate) | |||
| CVE-2024-43855 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: md: fix deadlock between mddev_suspend and flush bio Deadlock occurs when mddev is being suspended while some flush bio is in pro… | |||
| CVE-2024-45336 | medium | — | 5.5 | 1y ago | RHSA-2025:3772: go-toolset:rhel8 security update (Moderate) | |||
| CVE-2024-7347 | medium | — | 5.5 | 1y ago | Moderate: nginx:1.24 security update | |||
| CVE-2024-10306 | medium | — | 5.5 | 1y ago | Moderate: mod_proxy_cluster security update | |||
| CVE-2024-58085 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: tomoyo: don't emit warning in tomoyo_write_control() syzbot is reporting too large allocation warning at tomoyo_write_control(), … | |||
| CVE-2024-58071 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: team: prevent adding a device which is already a team device lower Prevent adding a device which is already a team device lower, … | |||
| CVE-2024-58063 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: fix memory leaks and invalid access at probe error path Deinitialize at reverse order when probe fails. When init… | |||
| CVE-2024-58058 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ubifs: skip dumping tnc tree when zroot is null Clearing slab cache will free all znode in memory and make c->zroot.znode = NULL,… | |||
| CVE-2024-58051 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ipmi: ipmb: Add check devm_kasprintf() returned value devm_kasprintf() can return a NULL pointer on failure but this returned val… | |||
| CVE-2024-58020 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Add NULL check in mt_input_configured devm_kasprintf() can return a NULL pointer on failure,but this returned va… | |||
| CVE-2024-58017 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX Shifting 1 << 31 on a 32-bit int causes signed integer overflow… | |||
| CVE-2024-58016 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: safesetid: check size of policy writes syzbot attempts to write a buffer with a large size to a sysfs entry with writes handled b… | |||
| CVE-2024-57996 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: don't allow 1 packet limit The current implementation does not work correctly with a limit of 1. iproute2 act… | |||
| CVE-2024-57977 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: memcg: fix soft lockup in the OOM process A soft lockup issue was found in the product with about 56,000 tasks were in the OOM cg… | |||
| CVE-2024-41184 | medium | — | 5.5 | 1y ago | RHSA-2025:0743: keepalived security update (Moderate) | |||
| CVE-2024-52533 | medium | — | 5.5 | 1y ago | RHSA-2025:11327: glib2 security update (Moderate) | |||
| CVE-2024-21096 | medium | — | 5.5 | 1y ago | Vulnerability in the MySQL Server product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnera… | |||
| CVE-2024-57948 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: mac802154: check local interfaces before deleting sdata list syzkaller reported a corrupted list in ieee802154_if_remove. [1] Re… | |||
| CVE-2024-10539 | medium | 5.5 | 5.5 | 1y ago | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Uyumsoft Informatin Systems Uyumsoft ERP allows XSS Using Invalid Characters, Reflected XS… | |||
| CVE-2024-53088 | medium | — | 5.5 | 1y ago | Moderate: kernel security update | |||
| CVE-2024-50154 | medium | — | 5.5 | 1y ago | Moderate: kernel security update | |||
| CVE-2024-50275 | medium | — | 5.5 | 1y ago | Moderate: kernel security update | |||
| CVE-2024-57947 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo: fix initial map fill The initial buffer has to be inited to all-ones, but it must restrict it to the si… | |||
| CVE-2024-57924 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: fs: relax assertions on failure to encode file handles Encoding file handles is usually performed by a filesystem >encode_fh() me… | |||
| CVE-2024-3661 | medium | — | 5.5 | 1y ago | Moderate: Security and bug fixes for NetworkManager | |||
| CVE-2024-57902 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: af_packet: fix vlan_get_tci() vs MSG_PEEK Blamed commit forgot MSG_PEEK case, allowing a crash [1] as found by syzbot. Rework vl… | |||
| CVE-2024-57901 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: af_packet: fix vlan_get_protocol_dgram() vs MSG_PEEK Blamed commit forgot MSG_PEEK case, allowing a crash [1] as found by syzbot.… | |||
| CVE-2024-11029 | medium | — | 5.5 | 1y ago | Moderate: ipa security update | |||
| CVE-2024-47809 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: dlm: fix possible lkb_resource null dereference This patch fixes a possible null pointer dereference when this function is called… | |||
| CVE-2024-56727 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_flows.c Adding error pointer check after calling otx2_mbox_get_rsp(). | |||
| CVE-2024-56719 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix TSO DMA API usage causing oops Commit 66600fac7a98 ("net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-page… | |||
| CVE-2024-56657 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Avoid WARN() for symlink errors Using WARN() for showing the error of symlink creations don't give more informatio… | |||
| CVE-2024-53221 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: f2fs: fix null-ptr-deref in f2fs_submit_page_bio() There's issue as follows when concurrently installing the f2fs.ko module and m… | |||
| CVE-2024-50099 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-50192 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-45020 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-47675 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-50115 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-50110 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-49888 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-46697 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-50125 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-38564 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-50148 | medium | 5.5 | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-50142 | medium | 5.5 | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-50124 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-50255 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-27399 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-50223 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-10573 | medium | — | 5.5 | 2y ago | RHSA-2024:11193: mpg123 security update (Moderate) | |||
| CVE-2024-50612 | medium | — | 5.5 | 2y ago | RHSA-2024:11192: libsndfile security update (Moderate) | |||
| CVE-2024-38796 | medium | — | 5.5 | 2y ago | RHSA-2024:11185: edk2:20220126gitbb1bba3d77 security update (Moderate) | |||
| CVE-2024-0397 | medium | — | 5.5 | 2y ago | A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “cert_store_stats()” and “get_ca_certs()”. The race condition can be triggere… | |||
| CVE-2024-26615 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-49949 | medium | 5.5 | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-46695 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-44994 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-9026 | medium | — | 5.5 | 2y ago | RHSA-2024:10952: php:7.4 security update (Moderate) | |||
| CVE-2024-8927 | medium | — | 5.5 | 2y ago | RHSA-2024:10952: php:7.4 security update (Moderate) | |||
| CVE-2024-5458 | medium | — | 5.5 | 2y ago | RHSA-2024:10952: php:7.4 security update (Moderate) | |||
| CVE-2024-8925 | medium | — | 5.5 | 2y ago | RHSA-2024:10952: php:7.4 security update (Moderate) | |||
| CVE-2024-2756 | medium | — | 5.5 | 2y ago | RHSA-2024:10952: php:7.4 security update (Moderate) | |||
| CVE-2024-3096 | medium | — | 5.5 | 2y ago | RHSA-2024:10952: php:7.4 security update (Moderate) | |||
| CVE-2024-43854 | medium | — | 5.5 | 2y ago | Moderate: kernel security update |