CVEs from 2024
Total
6,593
critical
critical 174
high
high 1,069
medium
medium 2,083
low
low 49
% Critical
2.6%
% with KEV
2.5%
% with exploit
3.4%
Top products
- mbed_tls 15
- operations_analytics_log_analysis 14
- surveillance_station 12
- checkmk 10
- office 8
- profilegrid 8
- office_long_term_servicing_channel 6
- propertyhive 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-47603 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gst_matroska_demux_update_tracks function within matro… | |||
| CVE-2024-49993 | medium | — | 5.5 | 1y ago | RHSA-2025:6966: kernel security update (Moderate) | |||
| CVE-2024-41062 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: bluetooth/l2cap: sync sock recv cb and release The problem occurs between the system call to close the sock and hci_rx_work, wher… | |||
| CVE-2024-56688 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: sunrpc: clear XPRT_SOCK_UPD_TIMEOUT when reset transport Since transport->sock has been set to NULL during reset transport, XPRT_… | |||
| CVE-2024-47599 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gst_jpeg_dec_negotiate function in gstjpegdec.c. This … | |||
| CVE-2024-47598 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been discovered in the qtdemux_merge_sample_table function within qtdemux.c. The problem is … | |||
| CVE-2024-47597 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been detected in the function qtdemux_parse_samples within qtdemux.c. This issue arises when the function … | |||
| CVE-2024-42304 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: make sure the first directory block is not a hole The syzbot constructs a directory that has no dirblock but is non-inline,… | |||
| CVE-2024-47596 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in the qtdemux_parse_svq3_stsd_data function within qtdemux.c. In the FOURCC_SMI_ case, se… | |||
| CVE-2024-53044 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_api: fix xa_insert() error path in tcf_block_get_ext() This command: $ tc qdisc replace dev eth0 ingress_block 1 … | |||
| CVE-2024-53097 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: mm: krealloc: Fix MTE false alarm in __do_krealloc This patch addresses an issue introduced by commit 1a83a716ec233 ("mm: kreallo… | |||
| CVE-2024-47546 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in extract_cc_from_data function within qtdemux.c. In the FOURCC_c708 case, the sub… | |||
| CVE-2024-53121 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fs, lock FTE when checking if active The referenced commits introduced a two-step process for deleting FTEs: - Lock th… | |||
| CVE-2024-53123 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: mptcp: error out earlier on disconnect Eric reported a division by zero splat in the MPTCP protocol: Oops: divide error: 0000 [#… | |||
| CVE-2024-53134 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx93-blk-ctrl: correct remove path The check condition should be 'i < bc->onecell_data.num_domains', not 'bc->onecell_… | |||
| CVE-2024-53194 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: PCI: Fix use-after-free of slot->bus on hot remove Dennis reports a boot crash on recent Lenovo laptops with a USB4 dock. Since … | |||
| CVE-2024-42321 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net: flow_dissector: use DEBUG_NET_WARN_ON_ONCE The following splat is easy to reproduce upstream as well as in -stable kernels. … | |||
| CVE-2024-46750 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: PCI: Add missing bridge lock to pci_bus_lock() One of the true positives that the cfg_access_lock lockdep effort identified is th… | |||
| CVE-2024-47601 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gst_matroska_demux_parse_blockgroup_or_simpleblock fun… | |||
| CVE-2024-47700 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: check stripe size compatibility on remount as well We disable stripe size in __ext4_fill_super if it is not a multiple of t… | |||
| CVE-2024-56591 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_conn: Use disable_delayed_work_sync This makes use of disable_delayed_work_sync instead cancel_delayed_work_sync a… | |||
| CVE-2024-47543 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been discovered in qtdemux_parse_container function within qtdemux.c. In the parent function… | |||
| CVE-2024-49995 | medium | — | 5.5 | 1y ago | RHSA-2025:6966: kernel security update (Moderate) | |||
| CVE-2024-47544 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. The function qtdemux_parse_sbgp in qtdemux.c is affected by a null dereference vulnerability. This vulnerability is fixed … | |||
| CVE-2024-57798 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() While receiving an MST up request message from one … | |||
| CVE-2024-40956 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list Use list_for_each_entry_safe() to allow iterating through t… | |||
| CVE-2024-50018 | medium | — | 5.5 | 1y ago | RHSA-2025:6966: kernel security update (Moderate) | |||
| CVE-2024-53920 | medium | — | 5.5 | 1y ago | RHSA-2025:11030: emacs security update (Moderate) | |||
| CVE-2024-3567 | medium | — | 5.5 | 1y ago | A flaw was found in QEMU. An assertion failure was present in the update_sctp_checksum() function in hw/net/net_tx_pkt.c when trying to calculate the checksum of a short-sized fragmented packet. This… | |||
| CVE-2024-44990 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: bonding: fix null pointer deref in bond_ipsec_offload_ok We must check if there is an active slave before dereferencing the point… | |||
| CVE-2024-46826 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ELF: fix kernel.randomize_va_space double read ELF loader uses "randomize_va_space" twice. It is sysctl and can change at any mom… | |||
| CVE-2024-11234 | medium | — | 5.5 | 1y ago | Moderate: php:8.1 security update | |||
| CVE-2024-11233 | medium | — | 5.5 | 1y ago | Moderate: php:8.1 security update | |||
| CVE-2024-8929 | medium | — | 5.5 | 1y ago | Moderate: php:8.1 security update | |||
| CVE-2024-45341 | medium | — | 5.5 | 1y ago | RHSA-2025:3772: go-toolset:rhel8 security update (Moderate) | |||
| CVE-2024-43855 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: md: fix deadlock between mddev_suspend and flush bio Deadlock occurs when mddev is being suspended while some flush bio is in pro… | |||
| CVE-2024-8176 | medium | — | 5.5 | 1y ago | RHSA-2025:4048: xmlrpc-c security update (Moderate) | |||
| CVE-2024-45336 | medium | — | 5.5 | 1y ago | RHSA-2025:3772: go-toolset:rhel8 security update (Moderate) | |||
| CVE-2024-7347 | medium | — | 5.5 | 1y ago | Moderate: nginx:1.24 security update | |||
| CVE-2024-10306 | medium | — | 5.5 | 1y ago | Moderate: mod_proxy_cluster security update | |||
| CVE-2024-58085 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: tomoyo: don't emit warning in tomoyo_write_control() syzbot is reporting too large allocation warning at tomoyo_write_control(), … | |||
| CVE-2024-58071 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: team: prevent adding a device which is already a team device lower Prevent adding a device which is already a team device lower, … | |||
| CVE-2024-58063 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: fix memory leaks and invalid access at probe error path Deinitialize at reverse order when probe fails. When init… | |||
| CVE-2024-58058 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ubifs: skip dumping tnc tree when zroot is null Clearing slab cache will free all znode in memory and make c->zroot.znode = NULL,… | |||
| CVE-2024-58051 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ipmi: ipmb: Add check devm_kasprintf() returned value devm_kasprintf() can return a NULL pointer on failure but this returned val… | |||
| CVE-2024-58020 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Add NULL check in mt_input_configured devm_kasprintf() can return a NULL pointer on failure,but this returned va… | |||
| CVE-2024-58017 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX Shifting 1 << 31 on a 32-bit int causes signed integer overflow… | |||
| CVE-2024-58016 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: safesetid: check size of policy writes syzbot attempts to write a buffer with a large size to a sysfs entry with writes handled b… | |||
| CVE-2024-57996 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: don't allow 1 packet limit The current implementation does not work correctly with a limit of 1. iproute2 act… | |||
| CVE-2024-57977 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: memcg: fix soft lockup in the OOM process A soft lockup issue was found in the product with about 56,000 tasks were in the OOM cg… | |||
| CVE-2024-21096 | medium | — | 5.5 | 1y ago | Vulnerability in the MySQL Server product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnera… | |||
| CVE-2024-41184 | medium | — | 5.5 | 1y ago | RHSA-2025:0743: keepalived security update (Moderate) | |||
| CVE-2024-52533 | medium | — | 5.5 | 1y ago | RHSA-2025:11327: glib2 security update (Moderate) | |||
| CVE-2024-57948 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: mac802154: check local interfaces before deleting sdata list syzkaller reported a corrupted list in ieee802154_if_remove. [1] Re… | |||
| CVE-2024-10539 | medium | 5.5 | 5.5 | 1y ago | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Uyumsoft Informatin Systems Uyumsoft ERP allows XSS Using Invalid Characters, Reflected XS… | |||
| CVE-2024-50275 | medium | — | 5.5 | 1y ago | Moderate: kernel security update | |||
| CVE-2024-50154 | medium | — | 5.5 | 1y ago | Moderate: kernel security update | |||
| CVE-2024-57947 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo: fix initial map fill The initial buffer has to be inited to all-ones, but it must restrict it to the si… | |||
| CVE-2024-53088 | medium | — | 5.5 | 1y ago | Moderate: kernel security update | |||
| CVE-2024-57924 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: fs: relax assertions on failure to encode file handles Encoding file handles is usually performed by a filesystem >encode_fh() me… | |||
| CVE-2024-3661 | medium | — | 5.5 | 1y ago | Moderate: Security and bug fixes for NetworkManager | |||
| CVE-2024-57902 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: af_packet: fix vlan_get_tci() vs MSG_PEEK Blamed commit forgot MSG_PEEK case, allowing a crash [1] as found by syzbot. Rework vl… | |||
| CVE-2024-57901 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: af_packet: fix vlan_get_protocol_dgram() vs MSG_PEEK Blamed commit forgot MSG_PEEK case, allowing a crash [1] as found by syzbot.… | |||
| CVE-2024-11029 | medium | — | 5.5 | 1y ago | Moderate: ipa security update | |||
| CVE-2024-47809 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: dlm: fix possible lkb_resource null dereference This patch fixes a possible null pointer dereference when this function is called… | |||
| CVE-2024-56727 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_flows.c Adding error pointer check after calling otx2_mbox_get_rsp(). | |||
| CVE-2024-56719 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix TSO DMA API usage causing oops Commit 66600fac7a98 ("net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-page… | |||
| CVE-2024-56657 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Avoid WARN() for symlink errors Using WARN() for showing the error of symlink creations don't give more informatio… | |||
| CVE-2024-53221 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: f2fs: fix null-ptr-deref in f2fs_submit_page_bio() There's issue as follows when concurrently installing the f2fs.ko module and m… | |||
| CVE-2024-50255 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-50192 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-50099 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-50115 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-50223 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-50142 | medium | 5.5 | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-50148 | medium | 5.5 | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-49888 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-45020 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-47675 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-46697 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-50125 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-27399 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-50124 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-38564 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-50110 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-10573 | medium | — | 5.5 | 2y ago | RHSA-2024:11193: mpg123 security update (Moderate) | |||
| CVE-2024-38796 | medium | — | 5.5 | 2y ago | RHSA-2024:11185: edk2:20220126gitbb1bba3d77 security update (Moderate) | |||
| CVE-2024-50612 | medium | — | 5.5 | 2y ago | RHSA-2024:11192: libsndfile security update (Moderate) | |||
| CVE-2024-0397 | medium | — | 5.5 | 2y ago | A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “cert_store_stats()” and “get_ca_certs()”. The race condition can be triggere… | |||
| CVE-2024-2756 | medium | — | 5.5 | 2y ago | RHSA-2024:10952: php:7.4 security update (Moderate) | |||
| CVE-2024-8925 | medium | — | 5.5 | 2y ago | RHSA-2024:10952: php:7.4 security update (Moderate) | |||
| CVE-2024-5458 | medium | — | 5.5 | 2y ago | RHSA-2024:10952: php:7.4 security update (Moderate) | |||
| CVE-2024-3096 | medium | — | 5.5 | 2y ago | RHSA-2024:10952: php:7.4 security update (Moderate) | |||
| CVE-2024-8927 | medium | — | 5.5 | 2y ago | RHSA-2024:10952: php:7.4 security update (Moderate) | |||
| CVE-2024-45018 | medium | 5.5 | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-43854 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-9026 | medium | — | 5.5 | 2y ago | RHSA-2024:10952: php:7.4 security update (Moderate) | |||
| CVE-2024-26615 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-49949 | medium | 5.5 | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-46695 | medium | — | 5.5 | 2y ago | Moderate: kernel security update |