CVEs from 2024
Total
6,597
critical
critical 174
high
high 1,069
medium
medium 2,083
low
low 49
% Critical
2.6%
% with KEV
2.5%
% with exploit
3.4%
Top products
- mbed_tls 15
- operations_analytics_log_analysis 14
- surveillance_station 12
- checkmk 10
- office 8
- profilegrid 8
- office_long_term_servicing_channel 6
- propertyhive 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-2756 | medium | — | 5.5 | 2y ago | RHSA-2024:10952: php:7.4 security update (Moderate) | |||
| CVE-2024-31227 | medium | — | 5.5 | 2y ago | Moderate: redis:7 security update | |||
| CVE-2024-50226 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-41009 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-52337 | medium | — | 5.5 | 2y ago | RHSA-2024:11161: tuned security update (Moderate) | |||
| CVE-2024-42244 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-53101 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: fs: Fix uninitialized value issue in from_kuid and from_kgid ocfs2_setattr() uses attr->ia_mode, attr->ia_uid and attr->ia_gid in… | |||
| CVE-2024-45321 | medium | — | 5.5 | 2y ago | RHSA-2024:10219: perl-App-cpanminus:1.7044 security update (Moderate) | |||
| CVE-2024-7130 | medium | 5.5 | 5.5 | 2y ago | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kion Computer KION Exchange Programs Software allows Reflected XSS. This issue affects KI… | |||
| CVE-2024-11404 | medium | 5.5 | 5.5 | 2y ago | Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in django CMS Association django Filer allows Input Data M… | |||
| CVE-2024-5197 | medium | — | 5.5 | 2y ago | RHSA-2024:5941: libvpx security update (Moderate) | |||
| CVE-2024-46858 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-42283 | medium | 5.5 | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-46824 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-50602 | medium | — | 5.5 | 2y ago | RHSA-2024:9502: expat security update (Moderate) | |||
| CVE-2024-3446 | medium | — | 5.5 | 2y ago | A double free vulnerability was found in QEMU virtio devices (virtio-gpu, virtio-serial-bus, virtio-crypto), where the mem_reentrancy_guard flag insufficiently protects against DMA reentrancy issues.… | |||
| CVE-2024-26605 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix deadlock when enabling ASPM A last minute revert in 6.7-final introduced a potential deadlock when enabling ASPM du… | |||
| CVE-2024-35888 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: erspan: make sure erspan_base_hdr is present in skb->head syzbot reported a problem in ip6erspan_rcv() [1] Issue is that ip6ersp… | |||
| CVE-2024-26691 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix circular locking dependency The rule inside kvm enforces that the vcpu->mutex is taken *inside* kvm->lock. The ru… | |||
| CVE-2024-32662 | medium | — | 5.5 | 2y ago | Moderate: freerdp security update | |||
| CVE-2024-26708 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mptcp: really cope with fastopen race Fastopen and PM-trigger subflow shutdown can race, as reported by syzkaller. In my first a… | |||
| CVE-2024-35957 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix WARN_ON in iommu probe path Commit 1a75cc710b95 ("iommu/vt-d: Use rbtree to track iommu probed devices") adds all… | |||
| CVE-2024-32659 | medium | — | 5.5 | 2y ago | Moderate: freerdp security update | |||
| CVE-2024-36022 | medium | — | 5.5 | 2y ago | RHSA-2024:9315: kernel security update (Moderate) | |||
| CVE-2024-32039 | medium | — | 5.5 | 2y ago | Moderate: freerdp security update | |||
| CVE-2024-8235 | medium | — | 5.5 | 2y ago | Moderate: libvirt security update | |||
| CVE-2024-42268 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix missing lock on sync reset reload On sync reset reload work, when remote host updates devlink on reload actions per… | |||
| CVE-2024-26815 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: proper TCA_TAPRIO_TC_ENTRY_INDEX check taprio_parse_tc_entry() is not correctly checking TCA_TAPRIO_TC_ENTRY_I… | |||
| CVE-2024-26812 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Create persistent INTx handler A vulnerability exists where the eventfd for INTx signaling can be deconfigured, which u… | |||
| CVE-2024-6655 | medium | — | 5.5 | 2y ago | RHSA-2024:6963: gtk3 security update (Moderate) | |||
| CVE-2024-26327 | medium | — | 5.5 | 2y ago | An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c mishandles the situation where a guest writes NumVFs greater than TotalVFs, leading to a buffer overflow in VF… | |||
| CVE-2024-26746 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Ensure safe user copy of completion record If CONFIG_HARDENED_USERCOPY is enabled, copying completion record fro… | |||
| CVE-2024-36472 | medium | — | 5.5 | 2y ago | RHSA-2024:5298: gnome-shell security update (Moderate) | |||
| CVE-2024-1298 | medium | — | 5.5 | 2y ago | RHSA-2024:5297: edk2 security update (Moderate) | |||
| CVE-2024-26890 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btrtl: fix out of bounds memory access The problem is detected by KASAN. btrtl driver uses private hci data to store '… | |||
| CVE-2024-26920 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tracing/trigger: Fix to return error if failed to alloc snapshot Fix register_snapshot_trigger() to return error code if it faile… | |||
| CVE-2024-26927 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Add some bounds checking to firmware data Smatch complains about "head->full_size - head->header_size" can underflow. … | |||
| CVE-2024-43911 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL dereference at band check in starting tx ba session In MLD connection, link_data/link_conf are dynamical… | |||
| CVE-2024-26933 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix deadlock in port "disable" sysfs attribute The show and store callback routines for the "disable" sysfs attribute … | |||
| CVE-2024-32040 | medium | — | 5.5 | 2y ago | Moderate: freerdp security update | |||
| CVE-2024-26462 | medium | — | 5.5 | 2y ago | Moderate: krb5 security update | |||
| CVE-2024-26950 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: access device through ctx instead of peer The previous commit fixed a bug that led to a NULL peer->device bei… | |||
| CVE-2024-26953 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: esp: fix bad handling of pages from page_pool When the skb is reorganized during esp_output (!esp->inline), the pages coming… | |||
| CVE-2024-26962 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: dm-raid456, md/raid456: fix a deadlock for dm-raid456 while io concurrent with reshape For raid456, if reshape is still in progre… | |||
| CVE-2024-25082 | medium | — | 5.5 | 2y ago | RHSA-2024:4267: fontforge security update (Moderate) | |||
| CVE-2024-26964 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Add error handling in xhci_map_urb_for_dma Currently xhci_map_urb_for_dma() creates a temporary buffer and copies the … | |||
| CVE-2024-26990 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status Check kvm_mmu_page_ad_need_write_protect() when decidi… | |||
| CVE-2024-26992 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: KVM: x86/pmu: Disable support for adaptive PEBS Drop support for virtualizing adaptive PEBS, as KVM's implementation is architect… | |||
| CVE-2024-35995 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Use access_width over bit_width for system memory accesses To align with ACPI 6.3+, since bit_width can be any 8-bit … | |||
| CVE-2024-26892 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921e: fix use-after-free in free_irq() From commit a304e1b82808 ("[PATCH] Debug shared irqs"), there is a test to … | |||
| CVE-2024-39291 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix buffer size in gfx_v9_4_3_init_ cp_compute_microcode() and rlc_microcode() The function gfx_v9_4_3_init_microcode… | |||
| CVE-2024-38632 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: vfio/pci: fix potential memory leak in vfio_intx_enable() If vfio_irq_ctx_alloc() failed will lead to 'name' memory leak. | |||
| CVE-2024-27038 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: clk: Fix clk_core_get NULL dereference It is possible for clk_core_get to dereference a NULL in the following sequence: clk_core… | |||
| CVE-2024-27048 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: brcm80211: handle pmk_op allocation failure The kzalloc() in brcmf_pmksa_v3_op() will return null if the physical memory ha… | |||
| CVE-2024-43817 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: missing check virtio Two missing check in virtio_net_hdr_to_skb() allowed syzbot to crash kernels again 1. After the skb_se… | |||
| CVE-2024-38605 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ALSA: core: Fix NULL module pointer assignment at card init The commit 81033c6b584b ("ALSA: core: Warn on empty module") introduc… | |||
| CVE-2024-38604 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: block: refine the EOF check in blkdev_iomap_begin blkdev_iomap_begin rounds down the offset to the logical block size before stas… | |||
| CVE-2024-38598 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: md: fix resync softlockup when bitmap size is less than array size Is is reported that for dm-raid10, lvextend + lvchange --synca… | |||
| CVE-2024-38600 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ALSA: Fix deadlocks with kctl removals at disconnection In snd_card_disconnect(), we set card->shutdown flag at the beginning, ca… | |||
| CVE-2024-2236 | medium | — | 5.5 | 2y ago | Moderate: libgcrypt security update | |||
| CVE-2024-36891 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: maple_tree: fix mas_empty_area_rev() null pointer dereference Currently the code calls mas_start() followed by mas_data_end() if … | |||
| CVE-2024-36882 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mm: use memalloc_nofs_save() in page_cache_ra_order() See commit f2c817bed58d ("mm: use memalloc_nofs_save in readahead path"), e… | |||
| CVE-2024-41079 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: nvmet: always initialize cqe.result The spec doesn't mandate that the first two double words (aka results) for the command queue … | |||
| CVE-2024-36477 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer The TPM SPI transfer mechanism uses MAX_SPI_FRAMESIZE for… | |||
| CVE-2024-27436 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Stop parsing channels bits when all channels are found. If a usb audio device sets more bits than the amount of … | |||
| CVE-2024-36031 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: keys: Fix overwrite of key expiration on instantiation The expiry time of a key is unconditionally overwritten during instantiati… | |||
| CVE-2024-40922 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: io_uring/rsrc: don't lock while !TASK_RUNNING There is a report of io_rsrc_ref_quiesce() locking a mutex while not TASK_RUNNING, … | |||
| CVE-2024-6239 | medium | — | 5.5 | 2y ago | A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to c… | |||
| CVE-2024-36015 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ppdev: Add an error check in register_device In register_device, the return value of ida_simple_get is unchecked, in witch ida_si… | |||
| CVE-2024-58239 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tls: stop recv() if initial process_rx_list gave us non-DATA If we have a non-DATA record on the rx_list and another record of th… | |||
| CVE-2024-41057 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() We got the following issue in our fault injection stress test… | |||
| CVE-2024-41082 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: nvme-fabrics: use reserved tag for reg read/write command In some scenarios, if too many commands are issued by nvme command in t… | |||
| CVE-2024-26899 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: block: fix deadlock between bd_link_disk_holder and partition scan 'open_mutex' of gendisk is used to protect open/close block de… | |||
| CVE-2024-26937 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: Reset queue_priority_hint on parking Originally, with strict in order execution, we could complete execution only wh… | |||
| CVE-2024-26960 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mm: swap: fix race between free_swap_and_cache() and swapoff() There was previously a theoretical window where swapoff() could ru… | |||
| CVE-2024-36006 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix incorrect list API usage Both the function that migrates all the chunks within a region and the fun… | |||
| CVE-2024-35930 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() The call to lpfc_sli4_resume_rpi() in lpfc_rcv_padisc() may return an u… | |||
| CVE-2024-26915 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Reset IH OVERFLOW_CLEAR bit Allows us to detect subsequent IH ring buffer overflows as well. | |||
| CVE-2024-35939 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: dma-direct: Leak pages on dma_set_decrypted() failure On TDX it is possible for the untrusted host to cause set_memory_encrypted(… | |||
| CVE-2024-35913 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: pick the version of SESSION_PROTECTION_NOTIF When we want to know whether we should look for the mac_id or th… | |||
| CVE-2024-25739 | medium | 5.5 | 5.5 | 2y ago | create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing check for ubi->leb_size. | |||
| CVE-2024-26589 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS For PTR_TO_FLOW_KEYS, check_flow_keys_access() only uses fixed off for valida… | |||
| CVE-2024-26591 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix re-attachment branch in bpf_tracing_prog_attach The following case can cause a crash due to missing attach_btf: 1) load… | |||
| CVE-2024-26601 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: regenerate buddy after block freeing failed if under fc replay This mostly reverts commit 6bd97bf273bd ("ext4: remove redun… | |||
| CVE-2024-26611 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: xsk: fix usage of multi-buffer BPF helpers for ZC XDP Currently when packet is shrunk via bpf_xdp_adjust_tail() and memory type i… | |||
| CVE-2024-26612 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfs, fscache: Prevent Oops in fscache_put_cache() This function dereferences "cache" and then checks if it's IS_ERR_OR_NULL(). … | |||
| CVE-2024-26618 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: arm64/sme: Always exit sme_alloc() early with existing storage When sme_alloc() is called with existing storage and we are not fl… | |||
| CVE-2024-26707 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: hsr: remove WARN_ONCE() in send_hsr_supervision_frame() Syzkaller reported [1] hitting a warning after failing to allocate r… | |||
| CVE-2024-26712 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Fix addr error caused by page alignment In kasan_init_region, when k_start is not page aligned, at the begin of fo… | |||
| CVE-2024-26719 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: nouveau: offload fence uevents work to workqueue This should break the deadlock between the fctx lock and the irq lock. This off… | |||
| CVE-2024-26734 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: devlink: fix possible use-after-free and memory leaks in devlink_init() The pernet operations structure for the subsystem must be… | |||
| CVE-2024-36905 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets TCP_SYN_RECV state is really special, it is only used by cross-syn co… | |||
| CVE-2024-26803 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: veth: clear GRO when clearing XDP even when down veth sets NETIF_F_GRO automatically when XDP is enabled, because both featu… | |||
| CVE-2024-35908 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tls: get psock ref after taking rxlock to avoid leak At the start of tls_sw_recvmsg, we take a reference on the psock, and then c… | |||
| CVE-2024-26835 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: set dormant flag on hook register failure We need to set the dormant flag again if we fail to register the … | |||
| CVE-2024-26838 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix KASAN issue with tasklet KASAN testing revealed the following issue assocated with freeing an IRQ. [50006.466686… | |||
| CVE-2024-26863 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: hsr: Fix uninit-value access in hsr_get_node() KMSAN reported the following uninit-value access issue [1]: =====================… | |||
| CVE-2024-35904 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: selinux: avoid dereference of garbage after mount failure In case kern_mount() fails and returns an error pointer return in the e… | |||
| CVE-2024-27004 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: clk: Get runtime PM before walking tree during disable_unused Doug reported [1] the following hung task: INFO: task swapper/0:1… | |||
| CVE-2024-27013 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tun: limit printing rate when illegal packet received by tun dev vhost_worker will call tun call backs to receive packets. If too… |