CVEs from 2024
Total
6,583
critical
critical 174
high
high 1,069
medium
medium 2,083
low
low 49
% Critical
2.6%
% with KEV
2.5%
% with exploit
3.4%
Top products
- mbed_tls 15
- operations_analytics_log_analysis 14
- surveillance_station 12
- checkmk 10
- office 8
- profilegrid 8
- office_long_term_servicing_channel 6
- propertyhive 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-45018 | medium | 5.5 | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-31227 | medium | — | 5.5 | 2y ago | Moderate: redis:7 security update | |||
| CVE-2024-41009 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-52337 | medium | — | 5.5 | 2y ago | RHSA-2024:11161: tuned security update (Moderate) | |||
| CVE-2024-42244 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-50226 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-53101 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: fs: Fix uninitialized value issue in from_kuid and from_kgid ocfs2_setattr() uses attr->ia_mode, attr->ia_uid and attr->ia_gid in… | |||
| CVE-2024-45321 | medium | — | 5.5 | 2y ago | RHSA-2024:10219: perl-App-cpanminus:1.7044 security update (Moderate) | |||
| CVE-2024-7130 | medium | 5.5 | 5.5 | 2y ago | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kion Computer KION Exchange Programs Software allows Reflected XSS. This issue affects KI… | |||
| CVE-2024-11404 | medium | 5.5 | 5.5 | 2y ago | Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in django CMS Association django Filer allows Input Data M… | |||
| CVE-2024-5197 | medium | — | 5.5 | 2y ago | RHSA-2024:5941: libvpx security update (Moderate) | |||
| CVE-2024-46858 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-42283 | medium | 5.5 | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-46824 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-50602 | medium | — | 5.5 | 2y ago | RHSA-2024:9502: expat security update (Moderate) | |||
| CVE-2024-36944 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Reapply "drm/qxl: simplify qxl_fence_wait" This reverts commit 07ed11afb68d94eadd4ffc082b97c2331307c5ea. Stephen Rostedt reports… | |||
| CVE-2024-44960 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: usb: gadget: core: Check for unset descriptor Make sure the descriptor has been set before looking at maxpacket. This fixes a nul… | |||
| CVE-2024-36932 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Prevent use-after-free from occurring after cdev removal Since thermal_debug_cdev_remove() does not run under cd… | |||
| CVE-2024-26641 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() syzbot found __ip6_tnl_rcv() could access unitiliazed data [1]. Ca… | |||
| CVE-2024-26700 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix MST Null Ptr for RV The change try to fix below error specific to RV platform: BUG: kernel NULL pointer der… | |||
| CVE-2024-26462 | medium | — | 5.5 | 2y ago | Moderate: krb5 security update | |||
| CVE-2024-26903 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security During our fuzz testing of the connection and disconnection proces… | |||
| CVE-2024-36881 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mm/userfaultfd: reset ptes when close() for wr-protected ones Userfaultfd unregister includes a step to remove wr-protect bits fr… | |||
| CVE-2024-26900 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: md: fix kmemleak of rdev->serial If kobject_add() is fail in bind_rdev_to_array(), 'rdev->serial' will be alloc not be freed, and… | |||
| CVE-2024-43879 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he() Currently NL80211_RATE_INFO_HE_RU_ALLOC_2x996 is no… | |||
| CVE-2024-43870 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: perf: Fix event leak upon exit When a task is scheduled out, pending sigtrap deliveries are deferred to the target task upon resu… | |||
| CVE-2024-26661 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()' In "u32 otg_inst = pipe_ctx->stream_res.tg->inst;" pi… | |||
| CVE-2024-36030 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: fix the double free in rvu_npc_freemem() Clang static checker(scan-build) warning: drivers/net/ethernet/marvell/oct… | |||
| CVE-2024-26758 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: md: Don't ignore suspended array in md_check_recovery() mddev_suspend() never stop sync_thread, hence it doesn't make sense to ig… | |||
| CVE-2024-26767 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fixed integer types and null check locations [why]: issues fixed: - comparison with wider integer type in loop c… | |||
| CVE-2024-32661 | medium | — | 5.5 | 2y ago | Moderate: freerdp security update | |||
| CVE-2024-35892 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/sched: fix lockdep splat in qdisc_tree_reduce_backlog() qdisc_tree_reduce_backlog() is called with the qdisc lock held, not R… | |||
| CVE-2024-26603 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Stop relying on userspace for info to fault in xsave buffer Before this change, the expected size of the user space buff… | |||
| CVE-2024-26785 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: iommufd: Fix protection fault in iommufd_test_syz_conv_iova Syzkaller reported the following bug: general protection fault, pr… | |||
| CVE-2024-26605 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix deadlock when enabling ASPM A last minute revert in 6.7-final introduced a potential deadlock when enabling ASPM du… | |||
| CVE-2024-26725 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: dpll: fix possible deadlock during netlink dump operation Recently, I've been hitting following deadlock warning during dpll pin … | |||
| CVE-2024-26915 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Reset IH OVERFLOW_CLEAR bit Allows us to detect subsequent IH ring buffer overflows as well. | |||
| CVE-2024-27431 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: cpumap: Zero-initialise xdp_rxq_info struct before running XDP program When running an XDP program that is attached to a cpumap e… | |||
| CVE-2024-42070 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers register store validation for NFT_DATA_VALUE is co… | |||
| CVE-2024-41093 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: avoid using null object of framebuffer Instead of using state->fb->obj[0] directly, get object from framebuffer by ca… | |||
| CVE-2024-35957 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix WARN_ON in iommu probe path Commit 1a75cc710b95 ("iommu/vt-d: Use rbtree to track iommu probed devices") adds all… | |||
| CVE-2024-42301 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of-bounds risk Fixed array out-of-bounds issues caused by sprintf by replacing it with snprintf fo… | |||
| CVE-2024-8235 | medium | — | 5.5 | 2y ago | Moderate: libvirt security update | |||
| CVE-2024-3446 | medium | — | 5.5 | 2y ago | A double free vulnerability was found in QEMU virtio devices (virtio-gpu, virtio-serial-bus, virtio-crypto), where the mem_reentrancy_guard flag insufficiently protects against DMA reentrancy issues.… | |||
| CVE-2024-26691 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix circular locking dependency The rule inside kvm enforces that the vcpu->mutex is taken *inside* kvm->lock. The ru… | |||
| CVE-2024-27057 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-pcm: Workaround for crashed firmware on system suspend When the system is suspended while audio is active, the so… | |||
| CVE-2024-41079 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: nvmet: always initialize cqe.result The spec doesn't mandate that the first two double words (aka results) for the command queue … | |||
| CVE-2024-27038 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: clk: Fix clk_core_get NULL dereference It is possible for clk_core_get to dereference a NULL in the following sequence: clk_core… | |||
| CVE-2024-27023 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: md: Fix missing release of 'active_io' for flush submit_flushes atomic_set(&mddev->flush_pending, 1); rdev_for_each_rcu(rdev, m… | |||
| CVE-2024-27017 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: walk over current view on netlink dump The generation mask can be updated while netlink dump is in pro… | |||
| CVE-2024-27004 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: clk: Get runtime PM before walking tree during disable_unused Doug reported [1] the following hung task: INFO: task swapper/0:1… | |||
| CVE-2024-25081 | medium | — | 5.5 | 2y ago | RHSA-2024:4267: fontforge security update (Moderate) | |||
| CVE-2024-26976 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: KVM: Always flush async #PF workqueue when vCPU is being destroyed Always flush the per-vCPU async #PF workqueue when a vCPU is c… | |||
| CVE-2024-36028 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix DEBUG_LOCKS_WARN_ON(1) when dissolve_free_hugetlb_folio() When I did memory failure tests recently, below warning… | |||
| CVE-2024-44947 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: fuse: Initialize beyond-EOF page contents before setting uptodate fuse_notify_store(), unlike fuse_do_readpage(), does not enable… | |||
| CVE-2024-40919 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Adjust logging of firmware messages in case of released token in __hwrm_send() In case of token is released due to token… | |||
| CVE-2024-26743 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/qedr: Fix qedr_create_user_qp error flow Avoid the following warning by making sure to free the allocated resources in case … | |||
| CVE-2024-26992 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: KVM: x86/pmu: Disable support for adaptive PEBS Drop support for virtualizing adaptive PEBS, as KVM's implementation is architect… | |||
| CVE-2024-43817 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: missing check virtio Two missing check in virtio_net_hdr_to_skb() allowed syzbot to crash kernels again 1. After the skb_se… | |||
| CVE-2024-34055 | medium | — | 5.5 | 2y ago | Moderate: cyrus-imapd security update | |||
| CVE-2024-25082 | medium | — | 5.5 | 2y ago | RHSA-2024:4267: fontforge security update (Moderate) | |||
| CVE-2024-23848 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel through 6.7.1, there is a use-after-free in cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c. | |||
| CVE-2024-26962 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: dm-raid456, md/raid456: fix a deadlock for dm-raid456 while io concurrent with reshape For raid456, if reshape is still in progre… | |||
| CVE-2024-26950 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: access device through ctx instead of peer The previous commit fixed a bug that led to a NULL peer->device bei… | |||
| CVE-2024-27048 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: brcm80211: handle pmk_op allocation failure The kzalloc() in brcmf_pmksa_v3_op() will return null if the physical memory ha… | |||
| CVE-2024-22099 | medium | 5.5 | 5.5 | 2y ago | NULL Pointer Dereference vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (net, bluetooth modules) allows Overflow Buffers. This vulnerability is associated with program files /net/bluet… | |||
| CVE-2024-58239 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tls: stop recv() if initial process_rx_list gave us non-DATA If we have a non-DATA record on the rx_list and another record of th… | |||
| CVE-2024-26901 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak syzbot identified a kernel information leak vulnerability in do_sys… | |||
| CVE-2024-26933 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix deadlock in port "disable" sysfs attribute The show and store callback routines for the "disable" sysfs attribute … | |||
| CVE-2024-26989 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: arm64: hibernate: Fix level3 translation fault in swsusp_save() On arm64 machines, swsusp_save() faults if it attempts to access … | |||
| CVE-2024-40945 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: iommu: Return right value in iommu_sva_bind_device() iommu_sva_bind_device() should return either a sva bond handle or an ERR_PTR… | |||
| CVE-2024-35942 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: imx8mp_blk: Add fdcc clock to hdmimix domain According to i.MX8MP RM and HDMI ADD, the fdcc clock is p… | |||
| CVE-2024-35822 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: usb: udc: remove warning when queue disabled ep It is possible trigger below warning message from mass storage function, WARNING… | |||
| CVE-2024-35831 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: io_uring: Fix release of pinned pages when __io_uaddr_map fails Looking at the error path of __io_uaddr_map, if we fail after pin… | |||
| CVE-2024-26938 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/i915/bios: Tolerate devdata==NULL in intel_bios_encoder_supports_dp_dual_mode() If we have no VBT, or the VBT didn't declare … | |||
| CVE-2024-42271 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/iucv: fix use after free in iucv_sock_close() iucv_sever_path() is called from process context and from bh context. iucv->pat… | |||
| CVE-2024-36885 | medium | — | 5.5 | 2y ago | RHSA-2024:9315: kernel security update (Moderate) | |||
| CVE-2024-32041 | medium | — | 5.5 | 2y ago | Moderate: freerdp security update | |||
| CVE-2024-35928 | medium | — | 5.5 | 2y ago | RHSA-2024:9315: kernel security update (Moderate) | |||
| CVE-2024-26890 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btrtl: fix out of bounds memory access The problem is detected by KASAN. btrtl driver uses private hci data to store '… | |||
| CVE-2024-26746 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Ensure safe user copy of completion record If CONFIG_HARDENED_USERCOPY is enabled, copying completion record fro… | |||
| CVE-2024-38600 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ALSA: Fix deadlocks with kctl removals at disconnection In snd_card_disconnect(), we set card->shutdown flag at the beginning, ca… | |||
| CVE-2024-27389 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: pstore: inode: Only d_invalidate() is needed Unloading a modular pstore backend with records in pstorefs would trigger the dput()… | |||
| CVE-2024-41063 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: cancel all works upon hci_unregister_dev() syzbot is reporting that calling hci_release_dev() from hci_error… | |||
| CVE-2024-27404 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data races on remote_id Similar to the previous patch, address the data race on remote_id, adding the suitable ONCE an… | |||
| CVE-2024-41001 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: io_uring/sqpoll: work around a potential audit memory leak kmemleak complains that there's a memory leak related to connect handl… | |||
| CVE-2024-44984 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix double DMA unmapping for XDP_REDIRECT Remove the dma_unmap_page_attrs() call in the driver's XDP_REDIRECT code path.… | |||
| CVE-2024-39291 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix buffer size in gfx_v9_4_3_init_ cp_compute_microcode() and rlc_microcode() The function gfx_v9_4_3_init_microcode… | |||
| CVE-2024-44965 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix pti_clone_pgtable() alignment assumption Guenter reported dodgy crashes on an i386-nosmp build using GCC-11 that had … | |||
| CVE-2024-35867 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_stats_proc_show() Skip sessions that are being teared down (status == SES_EXITING) to avoi… | |||
| CVE-2024-35866 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_dump_full_key() Skip sessions that are being teared down (status == SES_EXITING) to avoid … | |||
| CVE-2024-35863 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in is_valid_oplock_break() Skip sessions that are being teared down (status == SES_EXITING) to avo… | |||
| CVE-2024-35861 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect() Skip sessions that are being teared down (status == SES_EXITI… | |||
| CVE-2024-35859 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: block: fix module reference leakage from bdev_open_by_dev error path At the time bdev_may_open() is called, module reference is g… | |||
| CVE-2024-35827 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: io_uring/net: fix overflow check in io_recvmsg_mshot_prep() The "controllen" variable is type size_t (unsigned long). Casting it… | |||
| CVE-2024-35931 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Skip do PCI error slot reset during RAS recovery Why: The PCI error slot reset maybe triggered after inject ue to… | |||
| CVE-2024-36926 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: LPAR panics during boot up with a frozen PE At the time of LPAR boot up, partition firmware provides Open … | |||
| CVE-2024-35923 | medium | — | 5.5 | 2y ago | RHSA-2024:9315: kernel security update (Moderate) | |||
| CVE-2024-27015 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: incorrect pppoe tuple pppoe traffic reaching ingress path does not match the flowtable entry because the pp… | |||
| CVE-2024-27014 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Prevent deadlock while disabling aRFS When disabling aRFS under the `priv->state_lock`, any scheduled aRFS works are c… |