CVEs from 2024
Total
6,592
critical
critical 174
high
high 1,069
medium
medium 2,083
low
low 49
% Critical
2.6%
% with KEV
2.5%
% with exploit
3.4%
Top products
- mbed_tls 15
- operations_analytics_log_analysis 14
- surveillance_station 12
- checkmk 10
- office 8
- profilegrid 8
- office_long_term_servicing_channel 6
- propertyhive 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-45018 | medium | 5.5 | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-31227 | medium | — | 5.5 | 2y ago | Moderate: redis:7 security update | |||
| CVE-2024-41009 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-42244 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-50226 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-52337 | medium | — | 5.5 | 2y ago | RHSA-2024:11161: tuned security update (Moderate) | |||
| CVE-2024-53101 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: fs: Fix uninitialized value issue in from_kuid and from_kgid ocfs2_setattr() uses attr->ia_mode, attr->ia_uid and attr->ia_gid in… | |||
| CVE-2024-45321 | medium | — | 5.5 | 2y ago | RHSA-2024:10219: perl-App-cpanminus:1.7044 security update (Moderate) | |||
| CVE-2024-7130 | medium | 5.5 | 5.5 | 2y ago | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kion Computer KION Exchange Programs Software allows Reflected XSS. This issue affects KI… | |||
| CVE-2024-11404 | medium | 5.5 | 5.5 | 2y ago | Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in django CMS Association django Filer allows Input Data M… | |||
| CVE-2024-5197 | medium | — | 5.5 | 2y ago | RHSA-2024:5941: libvpx security update (Moderate) | |||
| CVE-2024-46824 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-42283 | medium | 5.5 | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-46858 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-50602 | medium | — | 5.5 | 2y ago | RHSA-2024:9502: expat security update (Moderate) | |||
| CVE-2024-27404 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data races on remote_id Similar to the previous patch, address the data race on remote_id, adding the suitable ONCE an… | |||
| CVE-2024-43826 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: nfs: pass explicit offset/count to trace events nfs_folio_length is unsafe to use without having the folio locked and a check for… | |||
| CVE-2024-26903 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security During our fuzz testing of the connection and disconnection proces… | |||
| CVE-2024-26901 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak syzbot identified a kernel information leak vulnerability in do_sys… | |||
| CVE-2024-26906 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault() When trying to use copy_from_kernel_nofault() to read vsyscall… | |||
| CVE-2024-26900 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: md: fix kmemleak of rdev->serial If kobject_add() is fail in bind_rdev_to_array(), 'rdev->serial' will be alloc not be freed, and… | |||
| CVE-2024-43856 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: dma: fix call order in dmam_free_coherent dmam_free_coherent() frees a DMA allocation, which makes the freed vaddr available for … | |||
| CVE-2024-42276 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: nvme-pci: add missing condition check for existence of mapped data nvme_map_data() is called when request has physical segments, … | |||
| CVE-2024-43865 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: s390/fpu: Re-add exception handling in load_fpu_state() With the recent rewrite of the fpu code exception handling for the lfpc i… | |||
| CVE-2024-43869 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: perf: Fix event leak upon exec and file release The perf pending task work is never waited upon the matching event release. In th… | |||
| CVE-2024-43870 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: perf: Fix event leak upon exit When a task is scheduled out, pending sigtrap deliveries are deferred to the target task upon resu… | |||
| CVE-2024-43879 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he() Currently NL80211_RATE_INFO_HE_RU_ALLOC_2x996 is no… | |||
| CVE-2024-42258 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mm: huge_memory: use !CONFIG_64BIT to relax huge page alignment on 32 bit machines Yves-Alexis Perez reported commit 4ef9ad19e176… | |||
| CVE-2024-43888 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mm: list_lru: fix UAF for memory cgroup The mem_cgroup_from_slab_obj() is supposed to be called under rcu lock or cgroup_mutex or… | |||
| CVE-2024-39488 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY When CONFIG_DEBUG_BUGVERBOSE=n, we fail to add necessary padding bytes to … | |||
| CVE-2024-34055 | medium | — | 5.5 | 2y ago | Moderate: cyrus-imapd security update | |||
| CVE-2024-43892 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: memcg: protect concurrent access to mem_cgroup_idr Commit 73f576c04b94 ("mm: memcontrol: fix cgroup creation failure after many s… | |||
| CVE-2024-42245 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Revert "sched/fair: Make sure to try to detach at least one movable task" This reverts commit b0defa7ae03ecf91b8bfd10ede430cff12f… | |||
| CVE-2024-27025 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: nbd: null check for nla_nest_start nla_nest_start() may fail and return NULL. Insert a check and set errno based on other call si… | |||
| CVE-2024-43842 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter() In rtw89_sta_info_get_iter() 'status->he_gi' is compared to arr… | |||
| CVE-2024-26650 | medium | — | 5.5 | 2y ago | RHSA-2024:9315: kernel security update (Moderate) | |||
| CVE-2024-41093 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: avoid using null object of framebuffer Instead of using state->fb->obj[0] directly, get object from framebuffer by ca… | |||
| CVE-2024-26922 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate the parameters of bo mapping operations more clearly Verify the parameters of amdgpu_vm_bo_(map/replace_map/… | |||
| CVE-2024-26924 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: do not free live element Pablo reports a crash with large batches of elements with a back-to-back add/… | |||
| CVE-2024-26928 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_debug_files_proc_show() Skip sessions that are being teared down (status == SES_EXITING) t… | |||
| CVE-2024-0340 | medium | — | 5.5 | 2y ago | A vulnerability was found in vhost_new_msg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between virtual guests and the host operating sys… | |||
| CVE-2024-42141 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Check socket flag instead of hcon This fixes the following Smatch static checker warning: net/bluetooth/iso.c:13… | |||
| CVE-2024-42132 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bluetooth/hci: disallow setting handle bigger than HCI_CONN_HANDLE_MAX Syzbot hit warning in hci_conn_del() caused by freeing han… | |||
| CVE-2024-44947 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: fuse: Initialize beyond-EOF page contents before setting uptodate fuse_notify_store(), unlike fuse_do_readpage(), does not enable… | |||
| CVE-2024-42123 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix double free err_addr pointer warnings In amdgpu_umc_bad_page_polling_timeout, the amdgpu_umc_handle_bad_pages wil… | |||
| CVE-2024-1151 | medium | — | 5.5 | 2y ago | A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel. The flaw occurs when a recursive operation of code push recursively calls into the code block. The OVS module does … | |||
| CVE-2024-2236 | medium | — | 5.5 | 2y ago | Moderate: libgcrypt security update | |||
| CVE-2024-25739 | medium | 5.5 | 5.5 | 2y ago | create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing check for ubi->leb_size. | |||
| CVE-2024-38618 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Set lower bound of start tick time Currently ALSA timer doesn't have the lower limit of the start tick time, and it … | |||
| CVE-2024-27062 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: nouveau: lock the client object tree. It appears the client object tree has no locking unless I've missed something else. Fix rac… | |||
| CVE-2024-27057 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-pcm: Workaround for crashed firmware on system suspend When the system is suspended while audio is active, the so… | |||
| CVE-2024-22211 | medium | — | 5.5 | 2y ago | Moderate: freerdp security update | |||
| CVE-2024-42101 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes In nouveau_connector_get_modes(), the return value of dr… | |||
| CVE-2024-26670 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: arm64: entry: fix ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD Currently the ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD workaround isn'… | |||
| CVE-2024-43911 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL dereference at band check in starting tx ba session In MLD connection, link_data/link_conf are dynamical… | |||
| CVE-2024-42090 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER In create_pinctrl(), pinctrl_maps_mutex is acquired before … | |||
| CVE-2024-27079 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix NULL domain on device release In the kdump kernel, the IOMMU operates in deferred_attach mode. In this mode, info… | |||
| CVE-2024-42070 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers register store validation for NFT_DATA_VALUE is co… | |||
| CVE-2024-42301 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of-bounds risk Fixed array out-of-bounds issues caused by sprintf by replacing it with snprintf fo… | |||
| CVE-2024-44960 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: usb: gadget: core: Check for unset descriptor Make sure the descriptor has been set before looking at maxpacket. This fixes a nul… | |||
| CVE-2024-35957 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix WARN_ON in iommu probe path Commit 1a75cc710b95 ("iommu/vt-d: Use rbtree to track iommu probed devices") adds all… | |||
| CVE-2024-42271 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/iucv: fix use after free in iucv_sock_close() iucv_sever_path() is called from process context and from bh context. iucv->pat… | |||
| CVE-2024-26700 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix MST Null Ptr for RV The change try to fix below error specific to RV platform: BUG: kernel NULL pointer der… | |||
| CVE-2024-30204 | medium | — | 5.5 | 2y ago | In Emacs before 29.3, LaTeX preview is enabled by default for e-mail attachments. | |||
| CVE-2024-35928 | medium | — | 5.5 | 2y ago | RHSA-2024:9315: kernel security update (Moderate) | |||
| CVE-2024-24814 | medium | — | 5.5 | 2y ago | RHSA-2024:5289: mod_auth_openidc:2.3 security update (Moderate) | |||
| CVE-2024-26953 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: esp: fix bad handling of pages from page_pool When the skb is reorganized during esp_output (!esp->inline), the pages coming… | |||
| CVE-2024-36022 | medium | — | 5.5 | 2y ago | RHSA-2024:9315: kernel security update (Moderate) | |||
| CVE-2024-36039 | medium | — | 5.5 | 2y ago | PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input because keys are not escaped by escape_dict. | |||
| CVE-2024-43817 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: missing check virtio Two missing check in virtio_net_hdr_to_skb() allowed syzbot to crash kernels again 1. After the skb_se… | |||
| CVE-2024-25081 | medium | — | 5.5 | 2y ago | RHSA-2024:4267: fontforge security update (Moderate) | |||
| CVE-2024-27038 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: clk: Fix clk_core_get NULL dereference It is possible for clk_core_get to dereference a NULL in the following sequence: clk_core… | |||
| CVE-2024-26890 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btrtl: fix out of bounds memory access The problem is detected by KASAN. btrtl driver uses private hci data to store '… | |||
| CVE-2024-27048 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: brcm80211: handle pmk_op allocation failure The kzalloc() in brcmf_pmksa_v3_op() will return null if the physical memory ha… | |||
| CVE-2024-35877 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: x86/mm/pat: fix VM_PAT handling in COW mappings PAT handling won't do the right thing in COW mappings: the first PTE (or, in fact… | |||
| CVE-2024-26992 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: KVM: x86/pmu: Disable support for adaptive PEBS Drop support for virtualizing adaptive PEBS, as KVM's implementation is architect… | |||
| CVE-2024-35995 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Use access_width over bit_width for system memory accesses To align with ACPI 6.3+, since bit_width can be any 8-bit … | |||
| CVE-2024-26889 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: Fix possible buffer overflow struct hci_dev_info has a fixed size name[8] field so in the event that hdev->n… | |||
| CVE-2024-36902 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action() syzbot is able to trigger the following crash [1], caused… | |||
| CVE-2024-40907 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ionic: fix kernel panic in XDP_TX action In the XDP_TX path, ionic driver sends a packet to the TX path with rx page and correspo… | |||
| CVE-2024-35942 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: imx8mp_blk: Add fdcc clock to hdmimix domain According to i.MX8MP RM and HDMI ADD, the fdcc clock is p… | |||
| CVE-2024-40945 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: iommu: Return right value in iommu_sva_bind_device() iommu_sva_bind_device() should return either a sva bond handle or an ERR_PTR… | |||
| CVE-2024-40923 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: vmxnet3: disable rx data ring on dma allocation failure When vmxnet3_rq_create() fails to allocate memory for rq->data_ring.base,… | |||
| CVE-2024-41032 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mm: vmalloc: check if a hash-index is in cpu_possible_mask The problem is that there are systems where cpu_possible_mask has gaps… | |||
| CVE-2024-26950 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: access device through ctx instead of peer The previous commit fixed a bug that led to a NULL peer->device bei… | |||
| CVE-2024-36944 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Reapply "drm/qxl: simplify qxl_fence_wait" This reverts commit 07ed11afb68d94eadd4ffc082b97c2331307c5ea. Stephen Rostedt reports… | |||
| CVE-2024-41079 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: nvmet: always initialize cqe.result The spec doesn't mandate that the first two double words (aka results) for the command queue … | |||
| CVE-2024-36932 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Prevent use-after-free from occurring after cdev removal Since thermal_debug_cdev_remove() does not run under cd… | |||
| CVE-2024-36926 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: LPAR panics during boot up with a frozen PE At the time of LPAR boot up, partition firmware provides Open … | |||
| CVE-2024-26989 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: arm64: hibernate: Fix level3 translation fault in swsusp_save() On arm64 machines, swsusp_save() faults if it attempts to access … | |||
| CVE-2024-45005 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: KVM: s390: fix validity interception issue when gisa is switched off We might run into a SIE validity if gisa has been disabled e… | |||
| CVE-2024-36881 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mm/userfaultfd: reset ptes when close() for wr-protected ones Userfaultfd unregister includes a step to remove wr-protect bits fr… | |||
| CVE-2024-36030 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: fix the double free in rvu_npc_freemem() Clang static checker(scan-build) warning: drivers/net/ethernet/marvell/oct… | |||
| CVE-2024-36002 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: dpll: fix dpll_pin_on_pin_register() for multiple parent pins In scenario where pin is registered with multiple parent pins via d… | |||
| CVE-2024-35983 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bounds: Use the right number of bits for power-of-two CONFIG_NR_CPUS bits_per() rounds up to the next power of two when passed a … | |||
| CVE-2024-35892 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/sched: fix lockdep splat in qdisc_tree_reduce_backlog() qdisc_tree_reduce_backlog() is called with the qdisc lock held, not R… | |||
| CVE-2024-8235 | medium | — | 5.5 | 2y ago | Moderate: libvirt security update | |||
| CVE-2024-1298 | medium | — | 5.5 | 2y ago | RHSA-2024:5297: edk2 security update (Moderate) | |||
| CVE-2024-58239 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tls: stop recv() if initial process_rx_list gave us non-DATA If we have a non-DATA record on the rx_list and another record of th… | |||
| CVE-2024-36472 | medium | — | 5.5 | 2y ago | In GNOME Shell through 45.7, a portal helper can be launched automatically (without user confirmation) based on network responses provided by an adversary (e.g., an adversary who controls the local W… |