CVEs from 2024
Total
6,592
critical
critical 174
high
high 1,069
medium
medium 2,083
low
low 49
% Critical
2.6%
% with KEV
2.5%
% with exploit
3.4%
Top products
- mbed_tls 15
- operations_analytics_log_analysis 14
- surveillance_station 12
- checkmk 10
- office 8
- profilegrid 8
- office_long_term_servicing_channel 6
- propertyhive 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-56621 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Cancel RTC work during ufshcd_remove() Currently, RTC work is only cancelled during __ufshcd_wl_suspend(). When … | |||
| CVE-2024-56624 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: iommufd: Fix out_fput in iommufd_fault_alloc() As fput() calls the file->f_op->release op, where fault obj and ictx are getting r… | |||
| CVE-2024-27629 | unknown | — | — | — | An issue in dc2niix before v.1.0.20240202 allows a local attacker to execute arbitrary code via the generated file name is not properly escaped and injected into a system call when certain types of c… | |||
| CVE-2024-56625 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: can: dev: can_set_termination(): allow sleeping GPIOs In commit 6e86a1543c37 ("can: dev: provide optional GPIO based termination … | |||
| CVE-2024-56626 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix Out-of-Bounds Write in ksmbd_vfs_stream_write An offset from client could be a negative value, It could allows to writ… | |||
| CVE-2024-56627 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix Out-of-Bounds Read in ksmbd_vfs_stream_read An offset from client could be a negative value, It could lead to an out-o… | |||
| CVE-2024-56630 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ocfs2: free inode when ocfs2_get_init_inode() fails syzbot is reporting busy inodes after unmount, for commit 9c89fe0af826 ("ocfs… | |||
| CVE-2024-56632 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix the memleak while create new ctrl failed Now while we create new ctrl failed, we have not free the tagset occupied … | |||
| CVE-2024-56637 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Hold module reference while requesting a module User space may unload ip_set.ko while it is itself requesting a… | |||
| CVE-2024-56639 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: hsr: must allocate more bytes for RedBox support Blamed commit forgot to change hsr_init_skb() to allocate larger skb for Re… | |||
| CVE-2024-56638 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_inner: incorrect percpu area handling under softirq Softirq can interrupt ongoing packet from process context that… | |||
| CVE-2024-56651 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: can: hi311x: hi3110_can_ist(): fix potential use-after-free The commit a22bd630cfff ("can: hi311x: do not report txerr and rxerr … | |||
| CVE-2024-56640 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net/smc: fix LGR and link use-after-free issue We encountered a LGR/link use-after-free issue, which manifested as the LGR/link r… | |||
| CVE-2024-56641 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net/smc: initialize close_work early to avoid warning We encountered a warning that close_work was canceled before initialization… | |||
| CVE-2024-49369 | unknown | — | — | — | Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. The TLS certificate validation in all Icinga… | |||
| CVE-2024-56643 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: dccp: Fix memory leak in dccp_feat_change_recv If dccp_feat_push_confirm() fails after new value for SP feature was accepted with… | |||
| CVE-2024-24856 | unknown | — | — | — | The memory allocation function ACPI_ALLOCATE_ZEROED does not guarantee a successful allocation, but the subsequent code directly dereferences the pointer that receives it, which may lead to null poin… | |||
| CVE-2024-56648 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid potential out-of-bound access in fill_frame_info() syzbot is able to feed a packet with 14 bytes, pretending it i… | |||
| CVE-2024-56649 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: enetc: Do not configure preemptible TCs if SIs do not support Both ENETC PF and VF drivers share enetc_setup_tc_mqprio() to … | |||
| CVE-2024-56650 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: netfilter: x_tables: fix LED ID check in led_tg_check() Syzbot has reported the following BUG detected by KASAN: BUG: KASAN: sla… | |||
| CVE-2024-56652 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/xe/reg_sr: Remove register pool That pool implementation doesn't really work: if the krealloc happens to move the memory and … | |||
| CVE-2024-56656 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix aggregation ID mask to prevent oops on 5760X chips The 5760X (P7) chip's HW GRO/LRO interface is very similar to tha… | |||
| CVE-2024-56655 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: do not defer rule destruction via call_rcu nf_tables_chain_destroy can sleep, it can't be used from call_rc… | |||
| CVE-2024-56658 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: defer final 'struct net' free in netns dismantle Ilya reported a slab-use-after-free in dst_destroy [1] Issue is in xfrm6_n… | |||
| CVE-2024-56659 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: lapb: increase LAPB_HEADER_LEN It is unclear if net/lapb code is supposed to be ready for 8021q. We can at least avoid cras… | |||
| CVE-2024-56660 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: DR, prevent potential error pointer dereference The dr_domain_add_vport_cap() function generally returns NULL on error … | |||
| CVE-2024-56661 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: tipc: fix NULL deref in cleanup_bearer() syzbot found [1] that after blamed commit, ub->ubsock->sk was NULL when attempting the a… | |||
| CVE-2024-56665 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: bpf,perf: Fix invalid prog_array access in perf_event_detach_bpf_prog Syzbot reported [1] crash that happens for following tracin… | |||
| CVE-2024-56666 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Dereference null return value In the function pqm_uninit there is a call-assignment of "pdd = kfd_get_process_device_… | |||
| CVE-2024-56668 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix qi_batch NULL pointer with nested parent domain The qi_batch is allocated when assigning cache tag for a domain. … | |||
| CVE-2024-56669 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Remove cache tags before disabling ATS The current implementation removes cache tags after disabling ATS, leading to … | |||
| CVE-2024-56670 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: usb: gadget: u_serial: Fix the issue that gs_start_io crashed due to accessing null pointer Considering that in some extreme case… | |||
| CVE-2024-7589 | unknown | — | — | — | A signal handler in sshd(8) may call a logging function that is not async-signal-safe. The signal handler is invoked when a client does not authenticate within the LoginGraceTime seconds (120 by def… | |||
| CVE-2024-56671 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: gpio: graniterapids: Fix vGPIO driver crash Move setting irq_chip.name from probe() function to the initialization of "irq_chip" … | |||
| CVE-2024-56674 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: virtio_net: correct netdev_tx_reset_queue() invocation point When virtnet_close is followed by virtnet_open, some TX completions … | |||
| CVE-2024-56676 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: thermal: testing: Initialize some variables annoteded with _free() Variables annotated with __free() need to be initialized if th… | |||
| CVE-2024-56677 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: powerpc/fadump: Move fadump_cma_init to setup_arch() after initmem_init() During early init CMA_MIN_ALIGNMENT_BYTES can be PAGE_S… | |||
| CVE-2024-56682 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: irqchip/riscv-aplic: Prevent crash when MSI domain is missing If the APLIC driver is probed before the IMSIC driver, the parent M… | |||
| CVE-2024-56678 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: powerpc/mm/fault: Fix kfence page fault reporting copy_from_kernel_nofault() can be called when doing read of /proc/kcore. /proc/… | |||
| CVE-2024-56679 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_common.c Add error pointer check after calling otx2_mbox_get_rsp(). | |||
| CVE-2024-56681 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: crypto: bcm - add error check in the ahash_hmac_init function The ahash_init functions may return fails. The ahash_hmac_init shou… | |||
| CVE-2024-56683 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/vc4: hdmi: Avoid hang with debug registers when suspended Trying to read /sys/kernel/debug/dri/1/hdmi1_regs when the hdmi is … | |||
| CVE-2024-56684 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mailbox: mtk-cmdq: fix wrong use of sizeof in cmdq_get_clocks() It should be size of the struct clk_bulk_data, not data pointer p… | |||
| CVE-2024-56685 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: Check num_codecs is not zero to avoid panic during probe Following commit 13f58267cda3 ("ASoC: soc.h: don't creat… | |||
| CVE-2024-56692 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on node blkaddr in truncate_node() syzbot reports a f2fs bug as below: ------------[ cut here ]----… | |||
| CVE-2024-56689 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: epf-mhi: Avoid NULL dereference if DT lacks 'mmio' If platform_get_resource_byname() fails and returns NULL becaus… | |||
| CVE-2024-56691 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mfd: intel_soc_pmic_bxtwc: Use IRQ domain for USB Type-C device While design wise the idea of converting the driver to use the hi… | |||
| CVE-2024-56694 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: bpf: fix recursive lock when verdict program return SK_PASS When the stream_verdict program returns SK_PASS, it places the receiv… | |||
| CVE-2024-56695 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Use dynamic allocation for CU occupancy array in 'kfd_get_cu_occupancy()' The `kfd_get_cu_occupancy` function previou… | |||
| CVE-2024-56696 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ALSA: core: Fix possible NULL dereference caused by kunit_kzalloc() kunit_kzalloc() may return a NULL pointer, dereferencing it w… | |||
| CVE-2024-56697 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix the memory allocation issue in amdgpu_discovery_get_nps_info() Fix two issues with memory allocation in amdgpu_di… | |||
| CVE-2024-56698 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Fix looping of queued SG entries The dwc3_request->num_queued_sgs is decremented on completion. If a partially… | |||
| CVE-2024-56699 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: s390/pci: Fix potential double remove of hotplug slot In commit 6ee600bfbe0f ("s390/pci: remove hotplug slot when releasing the d… | |||
| CVE-2024-56700 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: wl128x: Fix atomicity violation in fmc_send_cmd() Atomicity violation occurs when the fmc_send_cmd() function is executed … | |||
| CVE-2024-56701 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Fix dtl_access_lock to be a rw_semaphore The dtl_access_lock needs to be a rw_sempahore, a sleeping lock, becaus… | |||
| CVE-2024-56703 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix soft lockups in fib6_select_path under high next hop churn Soft lockups have been observed on a cluster of Linux-based … | |||
| CVE-2024-56704 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: 9p/xen: fix release of IRQ Kernel logs indicate an IRQ was double-freed. Pass correct device ID during IRQ release. [Dominique:… | |||
| CVE-2024-56705 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: atomisp: Add check for rgby_data memory allocation failure In ia_css_3a_statistics_allocate(), there is no check on the al… | |||
| CVE-2024-56706 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: s390/cpum_sf: Fix and protect memory allocation of SDBs with mutex Reservation of the PMU hardware is done at first event creatio… | |||
| CVE-2024-56707 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dmac_flt.c Add error pointer checks after calling otx2_mbox_get_rsp(). | |||
| CVE-2024-56708 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: EDAC/igen6: Avoid segmentation fault on module unload The segmentation fault happens because: During modprobe: 1. In igen6_probe… | |||
| CVE-2024-56711 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/panel: himax-hx83102: Add a check to prevent NULL pointer dereference drm_mode_duplicate() could return NULL due to lack of m… | |||
| CVE-2024-56710 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ceph: fix memory leak in ceph_direct_read_write() The bvecs array which is allocated in iter_get_bvecs_alloc() is leaked and page… | |||
| CVE-2024-56712 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: udmabuf: fix memory leak on last export_udmabuf() error path In export_udmabuf(), if dma_buf_fd() fails because the FD table is f… | |||
| CVE-2024-56713 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: netdevsim: fix nsim_pp_hold_write() nsim_pp_hold_write() has two problems: 1) It may return with rtnl held, as found by syz… | |||
| CVE-2024-56714 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ionic: no double destroy workqueue There are some FW error handling paths that can cause us to try to destroy the workqueue more … | |||
| CVE-2024-56715 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ionic: Fix netdev notifier unregister on failure If register_netdev() fails, then the driver leaks the netdev notifier. Fix this … | |||
| CVE-2024-56716 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: netdevsim: prevent bad user input in nsim_dev_health_break_write() If either a zero count or a large one is provided, kernel can … | |||
| CVE-2024-23659 | unknown | — | — | — | SPIP before 4.1.14 and 4.2.x before 4.2.8 allows XSS via the name of an uploaded file. This is related to javascript/bigup.js and javascript/bigup.utils.js. | |||
| CVE-2024-56072 | unknown | — | — | — | An issue was discovered in FastNetMon Community Edition through 1.2.7. The sFlow v5 plugin allows remote attackers to cause a denial of service (application crash) via a crafted packet that specifies… | |||
| CVE-2024-56073 | unknown | — | — | — | An issue was discovered in FastNetMon Community Edition through 1.2.7. Zero-length templates for Netflow v9 allow remote attackers to cause a denial of service (divide-by-zero error and application c… | |||
| CVE-2024-43767 | unknown | — | — | — | In prepare_to_draw_into_mask of SkBlurMaskFilterImpl.cpp, there is a possible heap overflow due to improper input validation. This could lead to remote code execution with no additional execution pri… | |||
| CVE-2024-43768 | unknown | — | — | — | In skia_alloc_func of SkDeflate.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges neede… | |||
| CVE-2024-2886 | unknown | — | — | — | Use after free in WebCodecs in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2024-1939 | unknown | — | — | — | Type Confusion in V8 in Google Chrome prior to 122.0.6261.94 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2024-2884 | unknown | — | — | — | Out of bounds read in V8 in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Me… | |||
| CVE-2024-24510 | unknown | — | — | — | Cross Site Scripting vulnerability in Alinto SOGo before 5.10.0 allows a remote attacker to execute arbitrary code via the import function to the mail component. | |||
| CVE-2024-3158 | unknown | — | — | — | Use after free in Bookmarks in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2024-22667 | unknown | — | — | — | Vim before 9.0.2142 has a stack-based buffer overflow because did_set_langmap in map.c calls sprintf to write to the error buffer that is passed down to the option callback functions. | |||
| CVE-2024-41957 | unknown | — | — | — | Vim is an open source command line text editor. Vim < v9.1.0647 has double free in src/alloc.c:616. When closing a window, the corresponding tagstack data will be cleared and freed. However a bit lat… | |||
| CVE-2024-34462 | unknown | — | — | — | Alinto SOGo through 5.10.0 allows XSS during attachment preview. | |||
| CVE-2024-41965 | unknown | — | — | — | Vim is an open source command line text editor. double-free in dialog_changed() in Vim < v9.1.0648. When abandoning a buffer, Vim may ask the user what to do with the modified buffer. If the user wan… | |||
| CVE-2024-43374 | unknown | — | — | — | The UNIX editor Vim prior to version 9.1.0678 has a use-after-free error in argument list handling. When adding a new file to the argument list, this triggers `Buf*` autocommands. If in such an autoc… | |||
| CVE-2024-43790 | unknown | — | — | — | Vim is an open source command line text editor. When performing a search and displaying the search-count message is disabled (:set shm+=S), the search pattern is displayed at the bottom of the screen… | |||
| CVE-2024-43802 | unknown | — | — | — | Vim is an improved version of the unix vi text editor. When flushing the typeahead buffer, Vim moves the current position in the typeahead buffer but does not check whether there is enough space left… | |||
| CVE-2024-3847 | unknown | — | — | — | Insufficient policy enforcement in WebUI in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low) | |||
| CVE-2024-45306 | unknown | — | — | — | Vim is an open source, command line text editor. Patch v9.1.0038 optimized how the cursor position is calculated and removed a loop, that verified that the cursor position always points inside a line… | |||
| CVE-2024-47814 | unknown | — | — | — | Vim is an open source, command line text editor. A use-after-free was found in Vim < 9.1.0764. When closing a buffer (visible in a window) a BufWinLeave auto command can cause an use-after-free if th… | |||
| CVE-2024-5835 | unknown | — | — | — | Heap buffer overflow in Tab Groups in Google Chrome prior to 126.0.6478.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via … | |||
| CVE-2024-7000 | unknown | — | — | — | Use after free in CSS in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTM… | |||
| CVE-2024-7003 | unknown | — | — | — | Inappropriate implementation in FedCM in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTM… | |||
| CVE-2024-7019 | unknown | — | — | — | Inappropriate implementation in UI in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML p… | |||
| CVE-2024-7980 | unknown | — | — | — | Insufficient data validation in Installer in Google Chrome on Windows prior to 128.0.6613.84 allowed a local attacker to perform privilege escalation via a crafted symbolic link. (Chromium security s… | |||
| CVE-2024-8906 | unknown | — | — | — | Incorrect security UI in Downloads in Google Chrome prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML p… | |||
| CVE-2024-8907 | unknown | — | — | — | Insufficient data validation in Omnibox in Google Chrome on Android prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts… | |||
| CVE-2024-40446 | unknown | — | — | — | An issue in forkosh Mime Tex before v.1.77 allows an attacker to execute arbitrary code via a crafted script | |||
| CVE-2024-46955 | unknown | — | — | — | An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space. | |||
| CVE-2024-38440 | unknown | — | — | — | Netatalk before 3.2.1 has an off-by-one error, and resultant heap-based buffer overflow and segmentation violation, because of incorrectly using FPLoginExt in BN_bin2bn in etc/uams/uams_dhx_pam.c. Th… | |||
| CVE-2024-38441 | unknown | — | — | — | Netatalk before 3.2.1 has an off-by-one error and resultant heap-based buffer overflow because of setting ibuf[len] to '\0' in FPMapName in afp_mapname in etc/afpd/directory.c. 2.4.1 and 3.1.19 are a… | |||
| CVE-2024-26805 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter syzbot reported the following uninit-value access issue [1]: netl… |