CVEs from 2024
Total
6,594
critical
critical 174
high
high 1,069
medium
medium 2,083
low
low 49
% Critical
2.6%
% with KEV
2.5%
% with exploit
3.4%
Top products
- mbed_tls 15
- operations_analytics_log_analysis 14
- surveillance_station 12
- checkmk 10
- office 8
- profilegrid 8
- office_long_term_servicing_channel 6
- propertyhive 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-42082 | medium | 5.5 | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-41073 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-41055 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-41044 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-41040 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-40936 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-36883 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-36019 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-35791 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-26946 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-26720 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-26629 | medium | 5.5 | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-26630 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-41096 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-42096 | medium | 5.5 | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-23185 | medium | — | 5.5 | 2y ago | Very large headers can cause resource exhaustion when parsing message. The message-parser normally reads reasonably sized chunks of the message. However, when it feeds them to message-header-parser, … | |||
| CVE-2024-23184 | medium | — | 5.5 | 2y ago | Having a large number of address headers (From, To, Cc, Bcc, etc.) becomes excessively CPU intensive. With 100k header lines CPU usage is already 12 seconds, and in a production environment we observ… | |||
| CVE-2024-39331 | medium | — | 5.5 | 2y ago | RHSA-2024:6987: emacs security update (Moderate) | |||
| CVE-2024-44948 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: x86/mtrr: Check if fixed MTRRs exist before saving them MTRRs have an obsolete fixed variant for fine grained caching control of … | |||
| CVE-2024-33869 | medium | — | 5.5 | 2y ago | An issue was discovered in Artifex Ghostscript before 10.03.1. Path traversal and command execution can occur (via a crafted PostScript document) because of path reduction in base/gpmisc.c. For examp… | |||
| CVE-2024-33870 | medium | — | 5.5 | 2y ago | An issue was discovered in Artifex Ghostscript before 10.03.1. There is path traversal (via a crafted PostScript document) to arbitrary files if the current directory is in the permitted paths. For e… | |||
| CVE-2024-8088 | medium | — | 5.5 | 2y ago | There is a HIGH severity vulnerability affecting the CPython "zipfile" module affecting "zipfile.Path". Note that the more common API "zipfile.ZipFile" class is unaffected. When iterating over n… | |||
| CVE-2024-6923 | medium | — | 5.5 | 2y ago | There is a MEDIUM severity vulnerability affecting CPython. The email module didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when a… | |||
| CVE-2024-28863 | medium | — | 5.5 | 2y ago | RHSA-2024:6148: nodejs:18 security update (Moderate) | |||
| CVE-2024-40897 | medium | — | 5.5 | 2y ago | RHSA-2024:5306: orc security update (Moderate) | |||
| CVE-2024-38428 | medium | — | 5.5 | 2y ago | RHSA-2024:5299: wget security update (Moderate) | |||
| CVE-2024-44944 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: use helper function to calculate expect ID Delete expectation path is missing a call to the nf_expect_get_i… | |||
| CVE-2024-35898 | medium | 5.5 | 5.5 | 2y ago | Important: kernel security update | |||
| CVE-2024-40941 | medium | 5.5 | 5.5 | 2y ago | Important: kernel security update | |||
| CVE-2024-35897 | medium | 5.5 | 5.5 | 2y ago | Important: kernel security update | |||
| CVE-2024-26855 | medium | 5.5 | 5.5 | 2y ago | Important: kernel security update | |||
| CVE-2024-26925 | medium | 5.5 | 5.5 | 2y ago | Important: kernel security update | |||
| CVE-2024-38579 | medium | 5.5 | 5.5 | 2y ago | Important: kernel security update | |||
| CVE-2024-40912 | medium | 5.5 | 5.5 | 2y ago | Important: kernel security update | |||
| CVE-2024-35962 | medium | 5.5 | 5.5 | 2y ago | Important: kernel security update | |||
| CVE-2024-44935 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: sctp: Fix null-ptr-deref in reuseport_add_sock(). syzbot reported a null-ptr-deref while accessing sk2->sk_reuseport_cb in reusep… | |||
| CVE-2024-43902 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null checker before passing variables Checks null pointer before passing variables to functions. This fixes… | |||
| CVE-2024-43893 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: serial: core: check uartclk for zero to avoid divide by zero Calling ioctl TIOCSSERIAL with an invalid baud_base can result in ua… | |||
| CVE-2024-43890 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tracing: Fix overflow in get_free_elt() "tracing_map->next_elt" in get_free_elt() is at risk of overflowing. Once it overflows, … | |||
| CVE-2024-22020 | medium | — | 5.5 | 2y ago | RHSA-2024:6148: nodejs:18 security update (Moderate) | |||
| CVE-2024-36137 | medium | — | 5.5 | 2y ago | RHSA-2024:5814: nodejs:20 security update (Moderate) | |||
| CVE-2024-22018 | medium | — | 5.5 | 2y ago | RHSA-2024:5814: nodejs:20 security update (Moderate) | |||
| CVE-2024-43398 | medium | — | 5.5 | 2y ago | RHSA-2025:4063: ruby:3.1 security update (Moderate) | |||
| CVE-2024-2398 | medium | — | 5.5 | 2y ago | When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. Whe… | |||
| CVE-2024-6472 | medium | — | 5.5 | 2y ago | Moderate: libreoffice security update | |||
| CVE-2024-42306 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: udf: Avoid using corrupted block bitmap buffer When the filesystem block bitmap is corrupted, we detect the corruption while load… | |||
| CVE-2024-42281 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a segment issue when downgrading gso_size Linearize the skb when downgrading gso_size because it may trigger a BUG_ON() … | |||
| CVE-2024-38558 | medium | 5.5 | 5.5 | 2y ago | Important: kernel security update | |||
| CVE-2024-36929 | medium | 5.5 | 5.5 | 2y ago | Important: kernel security update | |||
| CVE-2024-40961 | medium | 5.5 | 5.5 | 2y ago | Important: kernel security update | |||
| CVE-2024-33621 | medium | 5.5 | 5.5 | 2y ago | Important: kernel security update | |||
| CVE-2024-36922 | medium | 5.5 | 5.5 | 2y ago | Important: kernel security update | |||
| CVE-2024-36489 | medium | 5.5 | 5.5 | 2y ago | Important: kernel security update | |||
| CVE-2024-36020 | medium | 5.5 | 5.5 | 2y ago | Important: kernel security update | |||
| CVE-2024-38167 | medium | — | 5.5 | 2y ago | RHSA-2024:5337: .NET 8.0 security update (Moderate) | |||
| CVE-2024-36005 | medium | 5.5 | 5.5 | 2y ago | Important: kernel security update | |||
| CVE-2024-37356 | medium | 5.5 | 5.5 | 2y ago | Important: kernel security update | |||
| CVE-2024-35969 | medium | 5.5 | 5.5 | 2y ago | Important: kernel security update | |||
| CVE-2024-42259 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Fix Virtual Memory mapping boundaries calculation Calculating the size of the mapped area as the lesser value betwe… | |||
| CVE-2024-5953 | medium | — | 5.5 | 2y ago | RHSA-2024:6569: 389-ds:1.4 security update (Moderate) | |||
| CVE-2024-6237 | medium | — | 5.5 | 2y ago | Moderate: 389-ds-base security update | |||
| CVE-2024-41123 | medium | — | 5.5 | 2y ago | RHSA-2025:4063: ruby:3.1 security update (Moderate) | |||
| CVE-2024-41946 | medium | — | 5.5 | 2y ago | RHSA-2025:4063: ruby:3.1 security update (Moderate) | |||
| CVE-2024-38580 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-26880 | medium | 5.5 | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-35907 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-26737 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-35885 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-36952 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-36924 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-35857 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-27046 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-27030 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-26773 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-42097 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ALSA: emux: improve patch ioctl data validation In load_data(), make the validation of and skipping over the main info block matc… | |||
| CVE-2024-41016 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() xattr in ocfs2 maybe 'non-indexed', which saved with addition… | |||
| CVE-2024-37894 | medium | — | 5.5 | 2y ago | Moderate: squid security update | |||
| CVE-2024-3044 | medium | — | 5.5 | 2y ago | Unchecked script execution in Graphic on-click binding in affected LibreOffice versions allows an attacker to create a document which without prompt will execute scripts built-into LibreOffice on cli… | |||
| CVE-2024-24806 | medium | — | 5.5 | 2y ago | libuv is a multi-platform support library with a focus on asynchronous I/O. The `uv_getaddrinfo` function in `src/unix/getaddrinfo.c` (and its windows counterpart `src/win/getaddrinfo.c`), truncates … | |||
| CVE-2024-35235 | medium | — | 5.5 | 2y ago | Moderate: cups security update | |||
| CVE-2024-36270 | medium | 5.5 | 5.5 | 2y ago | Important: kernel security update | |||
| CVE-2024-35958 | medium | 5.5 | 5.5 | 2y ago | Important: kernel security update | |||
| CVE-2024-39908 | medium | — | 5.5 | 2y ago | RHSA-2025:4063: ruby:3.1 security update (Moderate) | |||
| CVE-2024-41006 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netrom: Fix a memory leak in nr_heartbeat_expiry() syzbot reported a memory leak in nr_create() [0]. Commit 409db27e3a2e ("netro… | |||
| CVE-2024-41004 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tracing: Build event generation tests only as modules The kprobes and synth event generation test modules add events and lock (ge… | |||
| CVE-2024-40993 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Fix suspicious rcu_dereference_protected() When destroying all sets, we are either in pernet exit phase or are … | |||
| CVE-2024-40980 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drop_monitor: replace spin_lock by raw_spin_lock trace_drop_common() is called with preemption disabled, and it acquires a spin_l… | |||
| CVE-2024-40971 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: f2fs: remove clear SB_INLINECRYPT flag in default_options In f2fs_remount, SB_INLINECRYPT flag will be clear and re-set. If creat… | |||
| CVE-2024-40942 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects The hwmp code use objects of type mesh_preq_queue, added to a list in i… | |||
| CVE-2024-40934 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode() Fix a memory leak on logi_dj_recv_send_report() error path. | |||
| CVE-2024-40916 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found When reading EDID fails and driver reports no modes a… | |||
| CVE-2024-39509 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: HID: core: remove unnecessary WARN_ON() in implement() Syzkaller hit a warning [1] in a call to implement() when trying to write … | |||
| CVE-2024-39493 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak Using completion_done to determine whether the caller has gone away only works a… | |||
| CVE-2024-39489 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix memleak in seg6_hmac_init_algo seg6_hmac_init_algo returns without cleaning up the previous allocations if one fail… | |||
| CVE-2024-6409 | medium | — | 5.5 | 2y ago | A race condition vulnerability was discovered in how signals are handled by OpenSSH's server (sshd). If a remote attacker does not authenticate within a set time period, then sshd's SIGALRM handler i… | |||
| CVE-2024-35870 | medium | — | 5.5 | 2y ago | Moderate: kernel security and bug fix update | |||
| CVE-2024-26801 | medium | — | 5.5 | 2y ago | Moderate: kernel security and bug fix update | |||
| CVE-2024-27393 | medium | — | 5.5 | 2y ago | Moderate: kernel security and bug fix update | |||
| CVE-2024-39482 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bcache: fix variable length array abuse in btree_iter btree_iter is used in two ways: either allocated on the stack with a fixed … | |||
| CVE-2024-24790 | medium | — | 5.5 | 2y ago | RHSA-2024:8876: go-toolset:rhel8 security update (Moderate) |