CVEs from 2024
Total
6,592
critical
critical 174
high
high 1,069
medium
medium 2,083
low
low 49
% Critical
2.6%
% with KEV
2.5%
% with exploit
3.4%
Top products
- mbed_tls 15
- operations_analytics_log_analysis 14
- surveillance_station 12
- checkmk 10
- office 8
- profilegrid 8
- office_long_term_servicing_channel 6
- propertyhive 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-53123 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: mptcp: error out earlier on disconnect Eric reported a division by zero splat in the MPTCP protocol: Oops: divide error: 0000 [#… | |||
| CVE-2024-50055 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: driver core: bus: Fix double free in driver API bus_register() For bus_register(), any error which happens after kset_register() … | |||
| CVE-2024-49968 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: filesystems without casefold feature cannot be mounted with siphash When mounting the ext4 filesystem, if the default hash … | |||
| CVE-2024-49962 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ACPICA: check null return of ACPI_ALLOCATE_ZEROED() in acpi_db_convert_to_package() ACPICA commit 4d4547cf13cca820ff7e0f859ba83e1… | |||
| CVE-2024-53134 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx93-blk-ctrl: correct remove path The check condition should be 'i < bc->onecell_data.num_domains', not 'bc->onecell_… | |||
| CVE-2024-49959 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error In __jbd2_log_wait_for_space(), we might call jbd2_cl… | |||
| CVE-2024-49951 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix possible crash on mgmt_index_removed If mgmt_index_removed is called while there are commands queued on cmd_… | |||
| CVE-2024-49960 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: fix timer use-after-free on failed mount Syzbot has found an ODEBUG bug in ext4_fill_super The del_timer_sync function can… | |||
| CVE-2024-53160 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: rcu/kvfree: Fix data-race in __mod_timer / kvfree_call_rcu KCSAN reports a data race when access the krcp->monitor_work.timer.exp… | |||
| CVE-2024-53161 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: EDAC/bluefield: Fix potential integer overflow The 64-bit argument for the "get DIMM info" SMC call consists of mem_ctrl_idx left… | |||
| CVE-2024-53173 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: NFSv4.0: Fix a use-after-free problem in the asynchronous open() Yang Erkun reports that when two threads are opening files at th… | |||
| CVE-2024-53174 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: SUNRPC: make sure cache entry active before cache_show The function `c_show` was called with protection from RCU. This only ensur… | |||
| CVE-2024-49937 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Set correct chandef when starting CAC When starting CAC in a mode other than AP mode, it return a "WARNING: CPU: … | |||
| CVE-2024-53194 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: PCI: Fix use-after-free of slot->bus on hot remove Dennis reports a boot crash on recent Lenovo laptops with a USB4 dock. Since … | |||
| CVE-2024-49933 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: blk_iocost: fix more out of bound shifts Recently running UBSAN caught few out of bound shifts in the ioc_forgive_debts() functio… | |||
| CVE-2024-49929 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: avoid NULL pointer dereference iwl_mvm_tx_skb_sta() and iwl_mvm_tx_mpdu() verify that the mvmvsta pointer is … | |||
| CVE-2024-49928 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: avoid reading out of bounds when loading TX power FW elements Because the loop-expression will do one more time befo… | |||
| CVE-2024-53232 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: iommu/s390: Implement blocking domain This fixes a crash when surprise hot-unplugging a PCI device. This crash happens because du… | |||
| CVE-2024-56591 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_conn: Use disable_delayed_work_sync This makes use of disable_delayed_work_sync instead cancel_delayed_work_sync a… | |||
| CVE-2024-56601 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inet_create() sock_init_data() attaches the allocated sk object to the provided … | |||
| CVE-2024-56604 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() bt_sock_alloc() attaches allocated sk object to the p… | |||
| CVE-2024-56614 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: xsk: fix OOB map writes when deleting elements Jordy says: " In the xsk_map_delete_elem function an unsigned integer (map->max_e… | |||
| CVE-2024-35978 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix memory leak in hci_req_sync_complete() In 'hci_req_sync_complete()', always free the previous sync request state b… | |||
| CVE-2024-35964 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix not validating setsockopt user input Check user input length before copying data. | |||
| CVE-2024-41010 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix too early release of tcx_entry Pedro Pinto and later independently also Hyunwoo Kim and Wongi Lee reported an issue that… | |||
| CVE-2024-35934 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net/smc: reduce rtnl pressure in smc_pnet_create_pnetids_list() Many syzbot reports show extreme rtnl pressure, and many of them … | |||
| CVE-2024-35933 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel: Fix null ptr deref in btintel_read_version If hci_cmd_sync_complete() is triggered and skb is NULL, then hdev… | |||
| CVE-2024-53920 | medium | — | 5.5 | 1y ago | RHSA-2025:11030: emacs security update (Moderate) | |||
| CVE-2024-3567 | medium | — | 5.5 | 1y ago | A flaw was found in QEMU. An assertion failure was present in the update_sctp_checksum() function in hw/net/net_tx_pkt.c when trying to calculate the checksum of a short-sized fragmented packet. This… | |||
| CVE-2024-46826 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ELF: fix kernel.randomize_va_space double read ELF loader uses "randomize_va_space" twice. It is sysctl and can change at any mom… | |||
| CVE-2024-44990 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: bonding: fix null pointer deref in bond_ipsec_offload_ok We must check if there is an active slave before dereferencing the point… | |||
| CVE-2024-8929 | medium | — | 5.5 | 1y ago | Moderate: php:8.1 security update | |||
| CVE-2024-11234 | medium | — | 5.5 | 1y ago | Moderate: php:8.1 security update | |||
| CVE-2024-11233 | medium | — | 5.5 | 1y ago | Moderate: php:8.1 security update | |||
| CVE-2024-45341 | medium | — | 5.5 | 1y ago | RHSA-2025:3772: go-toolset:rhel8 security update (Moderate) | |||
| CVE-2024-43855 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: md: fix deadlock between mddev_suspend and flush bio Deadlock occurs when mddev is being suspended while some flush bio is in pro… | |||
| CVE-2024-8176 | medium | — | 5.5 | 1y ago | RHSA-2025:4048: xmlrpc-c security update (Moderate) | |||
| CVE-2024-45336 | medium | — | 5.5 | 1y ago | RHSA-2025:3772: go-toolset:rhel8 security update (Moderate) | |||
| CVE-2024-7347 | medium | — | 5.5 | 1y ago | Moderate: nginx:1.24 security update | |||
| CVE-2024-10306 | medium | — | 5.5 | 1y ago | Moderate: mod_proxy_cluster security update | |||
| CVE-2024-58085 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: tomoyo: don't emit warning in tomoyo_write_control() syzbot is reporting too large allocation warning at tomoyo_write_control(), … | |||
| CVE-2024-58071 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: team: prevent adding a device which is already a team device lower Prevent adding a device which is already a team device lower, … | |||
| CVE-2024-58063 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: fix memory leaks and invalid access at probe error path Deinitialize at reverse order when probe fails. When init… | |||
| CVE-2024-58058 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ubifs: skip dumping tnc tree when zroot is null Clearing slab cache will free all znode in memory and make c->zroot.znode = NULL,… | |||
| CVE-2024-58051 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ipmi: ipmb: Add check devm_kasprintf() returned value devm_kasprintf() can return a NULL pointer on failure but this returned val… | |||
| CVE-2024-58020 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Add NULL check in mt_input_configured devm_kasprintf() can return a NULL pointer on failure,but this returned va… | |||
| CVE-2024-58017 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX Shifting 1 << 31 on a 32-bit int causes signed integer overflow… | |||
| CVE-2024-58016 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: safesetid: check size of policy writes syzbot attempts to write a buffer with a large size to a sysfs entry with writes handled b… | |||
| CVE-2024-57996 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: don't allow 1 packet limit The current implementation does not work correctly with a limit of 1. iproute2 act… | |||
| CVE-2024-57977 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: memcg: fix soft lockup in the OOM process A soft lockup issue was found in the product with about 56,000 tasks were in the OOM cg… | |||
| CVE-2024-41184 | medium | — | 5.5 | 1y ago | RHSA-2025:0743: keepalived security update (Moderate) | |||
| CVE-2024-21096 | medium | — | 5.5 | 1y ago | Vulnerability in the MySQL Server product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnera… | |||
| CVE-2024-52533 | medium | — | 5.5 | 1y ago | RHSA-2025:11327: glib2 security update (Moderate) | |||
| CVE-2024-57948 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: mac802154: check local interfaces before deleting sdata list syzkaller reported a corrupted list in ieee802154_if_remove. [1] Re… | |||
| CVE-2024-10539 | medium | 5.5 | 5.5 | 1y ago | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Uyumsoft Informatin Systems Uyumsoft ERP allows XSS Using Invalid Characters, Reflected XS… | |||
| CVE-2024-50275 | medium | — | 5.5 | 1y ago | Moderate: kernel security update | |||
| CVE-2024-57947 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo: fix initial map fill The initial buffer has to be inited to all-ones, but it must restrict it to the si… | |||
| CVE-2024-50154 | medium | — | 5.5 | 1y ago | Moderate: kernel security update | |||
| CVE-2024-53088 | medium | — | 5.5 | 1y ago | Moderate: kernel security update | |||
| CVE-2024-57924 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: fs: relax assertions on failure to encode file handles Encoding file handles is usually performed by a filesystem >encode_fh() me… | |||
| CVE-2024-3661 | medium | — | 5.5 | 1y ago | Moderate: Security and bug fixes for NetworkManager | |||
| CVE-2024-57902 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: af_packet: fix vlan_get_tci() vs MSG_PEEK Blamed commit forgot MSG_PEEK case, allowing a crash [1] as found by syzbot. Rework vl… | |||
| CVE-2024-57901 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: af_packet: fix vlan_get_protocol_dgram() vs MSG_PEEK Blamed commit forgot MSG_PEEK case, allowing a crash [1] as found by syzbot.… | |||
| CVE-2024-11029 | medium | — | 5.5 | 1y ago | Moderate: ipa security update | |||
| CVE-2024-47809 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: dlm: fix possible lkb_resource null dereference This patch fixes a possible null pointer dereference when this function is called… | |||
| CVE-2024-56727 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_flows.c Adding error pointer check after calling otx2_mbox_get_rsp(). | |||
| CVE-2024-56719 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix TSO DMA API usage causing oops Commit 66600fac7a98 ("net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-page… | |||
| CVE-2024-56657 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Avoid WARN() for symlink errors Using WARN() for showing the error of symlink creations don't give more informatio… | |||
| CVE-2024-53221 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: f2fs: fix null-ptr-deref in f2fs_submit_page_bio() There's issue as follows when concurrently installing the f2fs.ko module and m… | |||
| CVE-2024-45020 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-50255 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-50192 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-50099 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-50124 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-50223 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-47675 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-38564 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-50148 | medium | 5.5 | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-49888 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-50115 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-50110 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-27399 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-50125 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-46697 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-50142 | medium | 5.5 | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-50612 | medium | — | 5.5 | 2y ago | RHSA-2024:11192: libsndfile security update (Moderate) | |||
| CVE-2024-10573 | medium | — | 5.5 | 2y ago | RHSA-2024:11193: mpg123 security update (Moderate) | |||
| CVE-2024-38796 | medium | — | 5.5 | 2y ago | RHSA-2024:11185: edk2:20220126gitbb1bba3d77 security update (Moderate) | |||
| CVE-2024-0397 | medium | — | 5.5 | 2y ago | A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “cert_store_stats()” and “get_ca_certs()”. The race condition can be triggere… | |||
| CVE-2024-5458 | medium | — | 5.5 | 2y ago | RHSA-2024:10952: php:7.4 security update (Moderate) | |||
| CVE-2024-9026 | medium | — | 5.5 | 2y ago | RHSA-2024:10952: php:7.4 security update (Moderate) | |||
| CVE-2024-8927 | medium | — | 5.5 | 2y ago | RHSA-2024:10952: php:7.4 security update (Moderate) | |||
| CVE-2024-46695 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-3096 | medium | — | 5.5 | 2y ago | RHSA-2024:10952: php:7.4 security update (Moderate) | |||
| CVE-2024-2756 | medium | — | 5.5 | 2y ago | RHSA-2024:10952: php:7.4 security update (Moderate) | |||
| CVE-2024-26615 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-49949 | medium | 5.5 | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-44994 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-8925 | medium | — | 5.5 | 2y ago | RHSA-2024:10952: php:7.4 security update (Moderate) | |||
| CVE-2024-45018 | medium | 5.5 | 5.5 | 2y ago | Moderate: kernel security update |