CVEs from 2024
Total
6,606
critical
critical 174
high
high 1,069
medium
medium 2,083
low
low 49
% Critical
2.6%
% with KEV
2.5%
% with exploit
3.4%
Top products
- mbed_tls 15
- operations_analytics_log_analysis 14
- surveillance_station 12
- checkmk 10
- office 8
- profilegrid 8
- office_long_term_servicing_channel 6
- propertyhive 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-27003 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: clk: Get runtime PM before walking tree for clk_summary Similar to the previous commit, we should make sure that all devices are … | |||
| CVE-2024-35865 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_valid_oplock_break() Skip sessions that are being teared down (status == SES_EXITING) t… | |||
| CVE-2024-26691 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix circular locking dependency The rule inside kvm enforces that the vcpu->mutex is taken *inside* kvm->lock. The ru… | |||
| CVE-2024-32661 | medium | — | 5.5 | 2y ago | Moderate: freerdp security update | |||
| CVE-2024-26976 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: KVM: Always flush async #PF workqueue when vCPU is being destroyed Always flush the per-vCPU async #PF workqueue when a vCPU is c… | |||
| CVE-2024-7409 | medium | — | 5.5 | 2y ago | A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service (DoS) attack via improper synchronization during socket closure when a client keeps a socket open as the server … | |||
| CVE-2024-26892 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921e: fix use-after-free in free_irq() From commit a304e1b82808 ("[PATCH] Debug shared irqs"), there is a test to … | |||
| CVE-2024-26774 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: avoid dividing by 0 in mb_update_avg_fragment_size() when block bitmap corrupt Determine if bb_fragments is 0 instead of de… | |||
| CVE-2024-26803 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: veth: clear GRO when clearing XDP even when down veth sets NETIF_F_GRO automatically when XDP is enabled, because both featu… | |||
| CVE-2024-26743 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/qedr: Fix qedr_create_user_qp error flow Avoid the following warning by making sure to free the allocated resources in case … | |||
| CVE-2024-27079 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix NULL domain on device release In the kdump kernel, the IOMMU operates in deferred_attach mode. In this mode, info… | |||
| CVE-2024-35864 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_valid_lease_break() Skip sessions that are being teared down (status == SES_EXITING) to… | |||
| CVE-2024-32658 | medium | — | 5.5 | 2y ago | Moderate: freerdp security update | |||
| CVE-2024-26767 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fixed integer types and null check locations [why]: issues fixed: - comparison with wider integer type in loop c… | |||
| CVE-2024-35863 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in is_valid_oplock_break() Skip sessions that are being teared down (status == SES_EXITING) to avo… | |||
| CVE-2024-35862 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_network_name_deleted() Skip sessions that are being teared down (status == SES_EXITING)… | |||
| CVE-2024-26646 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: thermal: intel: hfi: Add syscore callbacks for system-wide PM The kernel allocates a memory buffer and provides its location to t… | |||
| CVE-2024-26857 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: geneve: make sure to pull inner header in geneve_rx() syzbot triggered a bug in geneve_rx() [1] Issue is similar to the one I fi… | |||
| CVE-2024-35877 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: x86/mm/pat: fix VM_PAT handling in COW mappings PAT handling won't do the right thing in COW mappings: the first PTE (or, in fact… | |||
| CVE-2024-35861 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect() Skip sessions that are being teared down (status == SES_EXITI… | |||
| CVE-2024-26650 | medium | — | 5.5 | 2y ago | RHSA-2024:9315: kernel security update (Moderate) | |||
| CVE-2024-35859 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: block: fix module reference leakage from bdev_open_by_dev error path At the time bdev_may_open() is called, module reference is g… | |||
| CVE-2024-6655 | medium | — | 5.5 | 2y ago | RHSA-2024:6963: gtk3 security update (Moderate) | |||
| CVE-2024-26611 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: xsk: fix usage of multi-buffer BPF helpers for ZC XDP Currently when packet is shrunk via bpf_xdp_adjust_tail() and memory type i… | |||
| CVE-2024-35795 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix deadlock while reading mqd from debugfs An errant disk backup on my desktop got into debugfs and triggered the fo… | |||
| CVE-2024-35840 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() subflow_finish_connect() uses four fields (backup, join_id, thmac,… | |||
| CVE-2024-35843 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Use device rbtree in iopf reporting path The existing I/O page fault handler currently locates the PCI device by call… | |||
| CVE-2024-35923 | medium | — | 5.5 | 2y ago | RHSA-2024:9315: kernel security update (Moderate) | |||
| CVE-2024-25081 | medium | — | 5.5 | 2y ago | RHSA-2024:4267: fontforge security update (Moderate) | |||
| CVE-2024-27414 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: rtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back In the commit d73ef2d69c0d ("rtnetlink: let rtnl_bridge_setlink chec… | |||
| CVE-2024-38618 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Set lower bound of start tick time Currently ALSA timer doesn't have the lower limit of the start tick time, and it … | |||
| CVE-2024-26601 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: regenerate buddy after block freeing failed if under fc replay This mostly reverts commit 6bd97bf273bd ("ext4: remove redun… | |||
| CVE-2024-26327 | medium | — | 5.5 | 2y ago | An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c mishandles the situation where a guest writes NumVFs greater than TotalVFs, leading to a buffer overflow in VF… | |||
| CVE-2024-3446 | medium | — | 5.5 | 2y ago | A double free vulnerability was found in QEMU virtio devices (virtio-gpu, virtio-serial-bus, virtio-crypto), where the mem_reentrancy_guard flag insufficiently protects against DMA reentrancy issues.… | |||
| CVE-2024-26618 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: arm64/sme: Always exit sme_alloc() early with existing storage When sme_alloc() is called with existing storage and we are not fl… | |||
| CVE-2024-0340 | medium | — | 5.5 | 2y ago | A vulnerability was found in vhost_new_msg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between virtual guests and the host operating sys… | |||
| CVE-2024-26641 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() syzbot found __ip6_tnl_rcv() could access unitiliazed data [1]. Ca… | |||
| CVE-2024-43911 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL dereference at band check in starting tx ba session In MLD connection, link_data/link_conf are dynamical… | |||
| CVE-2024-27404 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data races on remote_id Similar to the previous patch, address the data race on remote_id, adding the suitable ONCE an… | |||
| CVE-2024-9676 | medium | — | 5.5 | 2y ago | RHSA-2024:10289: container-tools:rhel8 security update (Moderate) | |||
| CVE-2024-50210 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: posix-clock: posix-clock: Fix unbalanced locking in pc_clock_settime() If get_clock_desc() succeeds, it calls fget() for the cloc… | |||
| CVE-2024-50205 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size() The step variable is initialized to zero. It is changed … | |||
| CVE-2024-50188 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: phy: dp83869: fix memory corruption when enabling fiber When configuring the fiber port, the DP83869 PHY driver incorrectly … | |||
| CVE-2024-50134 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/vboxvideo: Replace fake VLA at end of vbva_mouse_pointer_shape with real VLA Replace the fake VLA at end of the vbva_mouse_po… | |||
| CVE-2024-50095 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/mad: Improve handling of timed out WRs of mad agent Current timeout handler of mad agent acquires/releases mad_agent_priv lo… | |||
| CVE-2024-7006 | medium | — | 5.5 | 2y ago | RHSA-2024:8833: libtiff security update (Moderate) | |||
| CVE-2024-43880 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_erp: Fix object nesting warning ACLs in Spectrum-2 and newer ASICs can reside in the algorithmic TCAM (A-TCAM… | |||
| CVE-2024-41066 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Add tx check to prevent skb leak Below is a summary of how the driver stores a reference to an skb during transmit: … | |||
| CVE-2024-21510 | medium | — | 5.5 | 2y ago | RHSA-2024:10987: pcs security update (Moderate) | |||
| CVE-2024-10462 | medium | — | 5.5 | 2y ago | Truncation of a long URL could have allowed origin spoofing in a permission prompt. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. | |||
| CVE-2024-10461 | medium | — | 5.5 | 2y ago | In multipart/x-mixed-replace responses, `Content-Disposition: attachment` in the response header was not respected and did not force a download, which could allow XSS attacks. This vulnerability affe… | |||
| CVE-2024-10459 | medium | — | 5.5 | 2y ago | An attacker could have caused a use-after-free when accessibility was enabled, leading to a potentially exploitable crash. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR <… | |||
| CVE-2024-10467 | medium | — | 5.5 | 2y ago | Memory safety bugs present in Firefox 131, Firefox ESR 128.3, and Thunderbird 128.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could… | |||
| CVE-2024-10460 | medium | — | 5.5 | 2y ago | The origin of an external protocol handler prompt could have been obscured using a data: URL within an `iframe`. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, an… | |||
| CVE-2024-10466 | medium | — | 5.5 | 2y ago | By sending a specially crafted push message, a remote server could have hung the parent process, causing the browser to become unresponsive. This vulnerability affects Firefox < 132, Firefox ESR < 12… | |||
| CVE-2024-10458 | medium | — | 5.5 | 2y ago | A permission leak could have occurred from a trusted site to an untrusted site via `embed` or `object` elements. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, T… | |||
| CVE-2024-10463 | medium | — | 5.5 | 2y ago | Video frames could have been leaked between origins in some situations. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132. | |||
| CVE-2024-10464 | medium | — | 5.5 | 2y ago | Repeated writes to history interface attributes could have been used to cause a Denial of Service condition in the browser. This was addressed by introducing rate-limiting to this API. This vulnerabi… | |||
| CVE-2024-10465 | medium | — | 5.5 | 2y ago | A clipboard "paste" button could persist across tabs which allowed a spoofing attack. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. | |||
| CVE-2024-39472 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-26935 | medium | 5.5 | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-40995 | medium | 5.5 | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-36244 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-26826 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-40998 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-2201 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-26640 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-40904 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-39504 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-40960 | medium | 5.5 | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-40972 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-41013 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-40931 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-40977 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-41014 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-49761 | medium | — | 5.5 | 2y ago | RHSA-2025:11047: pcs security update (Moderate) | |||
| CVE-2024-49767 | medium | — | 5.5 | 2y ago | Werkzeug possible resource exhaustion when parsing file data in forms | |||
| CVE-2024-6232 | medium | — | 5.5 | 2y ago | Moderate: python3.12 security update | |||
| CVE-2024-50045 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: br_netfilter: fix panic with metadata_dst skb Fix a kernel panic in the br_netfilter module when sending untagged traf… | |||
| CVE-2024-50040 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: igb: Do not bring the device up after non-fatal error Commit 004d25060c78 ("igb: Fix igb_down hung on surprise removal") changed … | |||
| CVE-2024-50012 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: cpufreq: Avoid a bad reference count on CPU node In the parse_perf_domain function, if the call to of_parse_phandle_with_args ret… | |||
| CVE-2024-50001 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix error path in multi-packet WQE transmit Remove the erroneous unmap in case no DMA mapping was established The mult… | |||
| CVE-2024-49955 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ACPI: battery: Fix possible crash when unregistering a battery hook When a battery hook returns an error when adding a new batter… | |||
| CVE-2024-49952 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: prevent nf_skb_duplicated corruption syzbot found that nf_dup_ipv4() or nf_dup_ipv6() could write per-cpu v… | |||
| CVE-2024-49944 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start In sctp_listen_start() invoked by sctp_inet_listen(), it… | |||
| CVE-2024-49925 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: fbdev: efifb: Register sysfs groups through driver core The driver core can register and cleanup sysfs groups already. Make use o… | |||
| CVE-2024-49902 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: jfs: check if leafidx greater than num leaves per dmap tree syzbot report a out of bounds in dbSplit, it because dmt_leafidx grea… | |||
| CVE-2024-49892 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Initialize get_bytes_per_element's default to 1 Variables, used as denominators and maybe not assigned to other … | |||
| CVE-2024-49890 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: ensure the fw_info is not null before using it This resolves the dereference null return value warning reported by Co… | |||
| CVE-2024-47735 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix spin_unlock_irqrestore() called with IRQs enabled Fix missuse of spin_lock_irq()/spin_unlock_irq() when spin_lock_i… | |||
| CVE-2024-47709 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: can: bcm: Clear bo->bcm_proc_read after remove_proc_entry(). syzbot reported a warning in bcm_release(). [0] The blamed change f… | |||
| CVE-2024-47707 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev() Blamed commit accidentally removed a check for rt->rt6i_idev bei… | |||
| CVE-2024-47704 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check link_res->hpo_dp_link_enc before using it [WHAT & HOW] Functions dp_enable_link_phy and dp_disable_link_ph… | |||
| CVE-2024-47699 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential null-ptr-deref in nilfs_btree_insert() Patch series "nilfs2: fix potential issues with empty b-tree nodes".… | |||
| CVE-2024-47684 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tcp: check skb is non-NULL in tcp_rto_delta_us() We have some machines running stock Ubuntu 20.04.6 which is their 5.4.0-174-gene… | |||
| CVE-2024-42272 | medium | 5.5 | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-39483 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-27403 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-38556 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-36889 | medium | — | 5.5 | 2y ago | Moderate: kernel security update |