CVEs from 2024
Total
6,583
critical
critical 174
high
high 1,069
medium
medium 2,083
low
low 49
% Critical
2.6%
% with KEV
2.5%
% with exploit
3.4%
Top products
- mbed_tls 15
- operations_analytics_log_analysis 14
- surveillance_station 12
- checkmk 10
- office 8
- profilegrid 8
- office_long_term_servicing_channel 6
- propertyhive 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-24790 | medium | — | 5.5 | 2y ago | RHSA-2024:8876: go-toolset:rhel8 security update (Moderate) | |||
| CVE-2024-39468 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix deadlock in smb2_find_smb_tcon() Unlock cifs_tcp_ses_lock before calling cifs_put_smb_ses() to avoid such deadlo… | |||
| CVE-2024-0450 | medium | — | 5.5 | 2y ago | An issue was found in the CPython `zipfile` module affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The zipfile module is vulnerable to “quoted-overlap” zip-bombs which expl… | |||
| CVE-2024-33847 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: don't allow unaligned truncation on released compress inode f2fs image may be corrupted after below testcase: - m… | |||
| CVE-2024-3652 | medium | — | 5.5 | 2y ago | RHSA-2024:4376: libreswan security update (Moderate) | |||
| CVE-2024-38780 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: dma-buf/sw-sync: don't enable IRQ from sync_print_obj() Since commit a6aa8fca4d79 ("dma-buf/sw-sync: Reduce irqsave/irqrestore fr… | |||
| CVE-2024-36288 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix loop termination condition in gss_free_in_token_pages() The in_token->pages[] array is not NULL terminated. This resu… | |||
| CVE-2024-36484 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: relax socket state check at accept time. Christoph reported the following splat: WARNING: CPU: 1 PID: 772 at net/ipv4/af_in… | |||
| CVE-2024-36286 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu() syzbot reported that nf_reinject() could be called … | |||
| CVE-2024-38589 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netrom: fix possible dead-lock in nr_rt_ioctl() syzbot loves netrom, and found a possible deadlock in nr_rt_ioctl [1] Make sure … | |||
| CVE-2024-38567 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: add a proper sanity check for endpoints Syzkaller reports [1] hitting a warning which is caused by presence of a … | |||
| CVE-2024-38565 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: ar5523: enable proper endpoint verification Syzkaller reports [1] hitting a warning about an endpoint in use not having an … | |||
| CVE-2024-38547 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: media: atomisp: ssh_css: Fix a null-pointer dereference in load_video_binaries The allocation failure of mycs->yuv_scaler_binary … | |||
| CVE-2024-26664 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: hwmon: (coretemp) Fix out-of-bounds memory access Fix a bug that pdata->cpu_map[] is set before out-of-bounds check. The problem … | |||
| CVE-2024-37891 | medium | — | 5.5 | 2y ago | Moderate: python3.11-urllib3 security update | |||
| CVE-2024-3651 | medium | — | 5.5 | 2y ago | RHSA-2024:4260: python-idna security update (Moderate) | |||
| CVE-2024-24788 | medium | — | 5.5 | 2y ago | RHSA-2024:6969: container-tools:rhel8 security update (Moderate) | |||
| CVE-2024-2947 | medium | — | 5.5 | 2y ago | A flaw was found in Cockpit. Deleting a sosreport with a crafted name via the Cockpit web interface can lead to a command injection vulnerability, resulting in privilege escalation. This issue affect… | |||
| CVE-2024-28176 | medium | — | 5.5 | 2y ago | RHSA-2024:5294: jose security update (Moderate) | |||
| CVE-2024-34064 | medium | — | 5.5 | 2y ago | Moderate: fence-agents security update | |||
| CVE-2024-2905 | medium | — | 5.5 | 2y ago | Moderate: rpm-ostree security update | |||
| CVE-2024-27282 | medium | — | 5.5 | 2y ago | RHSA-2024:4499: ruby security update (Moderate) | |||
| CVE-2024-26694 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix double-free bug The storage for the TLV PC register data wasn't done like all the other storage in the drv->fw… | |||
| CVE-2024-26919 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: usb: ulpi: Fix debugfs directory leak The ULPI per-device debugfs root is named after the ulpi device's parent, but ulpi_unregist… | |||
| CVE-2024-27056 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: ensure offloading TID queue exists The resume code path assumes that the TX queue for the offloading TID has … | |||
| CVE-2024-26610 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix a memory corruption iwl_fw_ini_trigger_tlv::data is a pointer to a __le32, which means that if we copy to iwl_… | |||
| CVE-2024-26779 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix race condition on enabling fast-xmit fast-xmit must only be enabled after the sta has been uploaded to the dr… | |||
| CVE-2024-26993 | medium | 5.5 | 5.5 | 2y ago | Moderate: kernel security and bug fix update | |||
| CVE-2024-26693 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix a crash when we run out of stations A DoS tool that injects loads of authentication frames made our AP cr… | |||
| CVE-2024-26735 | medium | — | 5.5 | 2y ago | Moderate: kernel security and bug fix update | |||
| CVE-2024-36959 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map() If we fail to allocate propname buffer, we need to drop the referen… | |||
| CVE-2024-26804 | medium | — | 5.5 | 2y ago | Moderate: kernel security and bug fix update | |||
| CVE-2024-35890 | medium | — | 5.5 | 2y ago | Moderate: kernel security and bug fix update | |||
| CVE-2024-26642 | medium | 5.5 | 5.5 | 2y ago | Moderate: kernel security and bug fix update | |||
| CVE-2024-26673 | medium | — | 5.5 | 2y ago | Moderate: kernel security and bug fix update | |||
| CVE-2024-26643 | medium | 5.5 | 5.5 | 2y ago | Moderate: kernel security and bug fix update | |||
| CVE-2024-1062 | medium | — | 5.5 | 2y ago | RHSA-2024:3047: 389-ds:1.4 security update (Moderate) | |||
| CVE-2024-36008 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ipv4: check for NULL idev in ip_route_use_hint() syzbot was able to trigger a NULL deref in fib_validate_source() in an old tree … | |||
| CVE-2024-36007 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix warning during rehash As previously explained, the rehash delayed work migrates filters from one re… | |||
| CVE-2024-36004 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: i40e: Do not use WQ_MEM_RECLAIM flag for workqueue Issue reported by customer during SRIOV testing, call trace: When both i40e an… | |||
| CVE-2024-35997 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up The flag I2C_HID_READ_PENDING is used to serialize I2C operatio… | |||
| CVE-2024-35996 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: cpu: Re-enable CPU mitigations by default for !X86 architectures Rename x86's to CPU_MITIGATIONS, define it in generic code, and … | |||
| CVE-2024-35990 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: dma: xilinx_dpdma: Fix locking There are several places where either chan->lock or chan->vchan.lock was not held. Add appropriate… | |||
| CVE-2024-35988 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: riscv: Fix TASK_SIZE on 64-bit NOMMU On NOMMU, userspace memory can come from anywhere in physical RAM. The current definition of… | |||
| CVE-2024-35984 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: i2c: smbus: fix NULL function pointer dereference Baruch reported an OOPS when using the designware controller as target only. Ta… | |||
| CVE-2024-35982 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid infinite loop trying to resize local TT If the MTU of one of an attached interface becomes too small to transmi… | |||
| CVE-2024-35940 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: pstore/zone: Add a null pointer check to the psz_kmsg_read kasprintf() returns a pointer to dynamically allocated memory which ca… | |||
| CVE-2024-35936 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() The unhandled case in btrfs_relocate_sys_chunks() loop is a … | |||
| CVE-2024-35922 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: fbmon: prevent division by zero in fb_videomode_from_videomode() The expression htotal * vtotal can have a zero value on overflow… | |||
| CVE-2024-35915 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet syzbot reported the following uninit-value access issue [1][2]: nci_… | |||
| CVE-2024-35902 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/rds: fix possible cp null dereference cp might be null, calling cp->cp_conn would produce null dereference [Simon Horman add… | |||
| CVE-2024-35893 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/sched: act_skbmod: prevent kernel-infoleak syzbot found that tcf_skbmod_dump() was copying four bytes from kernel stack to us… | |||
| CVE-2024-35884 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: udp: do not accept non-tunnel GSO skbs landing in a tunnel When rx-udp-gro-forwarding is enabled UDP packets might be GROed when … | |||
| CVE-2024-35828 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() In the for statement of lbs_allocate_cmd_buffer(), if the allocati… | |||
| CVE-2024-35815 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion The first kiocb_set_cancel_fn() argument may point at a struct k… | |||
| CVE-2024-35813 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mmc: core: Avoid negative index with array access Commit 4d0c8d0aef63 ("mmc: core: Use mrq.sbc in close-ended ffu") assigns prev_… | |||
| CVE-2024-35811 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach This is the candidate patch of CVE-2023-47233 : https://nvd.nist.… | |||
| CVE-2024-4769 | medium | — | 5.5 | 2y ago | When importing resources using Web Workers, error messages would distinguish the difference between `application/javascript` responses and non-script responses. This could have been abused to learn … | |||
| CVE-2024-4777 | medium | — | 5.5 | 2y ago | Memory safety bugs present in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these cou… | |||
| CVE-2024-4768 | medium | — | 5.5 | 2y ago | A bug in popup notifications' interaction with WebAuthn made it easier for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and T… | |||
| CVE-2024-4767 | medium | — | 5.5 | 2y ago | If the `browser.privatebrowsing.autostart` preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox. This vulnera… | |||
| CVE-2024-4770 | medium | — | 5.5 | 2y ago | When saving a page to PDF, certain font styles could have led to a potential use-after-free crash. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. | |||
| CVE-2024-28182 | medium | — | 5.5 | 2y ago | RHSA-2024:4252: nghttp2 security update (Moderate) | |||
| CVE-2024-25742 | medium | — | 5.5 | 2y ago | Moderate: kernel security and bug fix update | |||
| CVE-2024-25743 | medium | — | 5.5 | 2y ago | Moderate: kernel security and bug fix update | |||
| CVE-2024-33948 | medium | 5.5 | 5.5 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pixel Industry TweetScroll Widget allows Stored XSS.This issue affects TweetScroll Widget: from n… | |||
| CVE-2024-25062 | medium | — | 5.5 | 2y ago | An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can… | |||
| CVE-2024-27078 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: media: v4l2-tpg: fix some memleaks in tpg_alloc In tpg_alloc, resources should be deallocated in each and every error-handling pa… | |||
| CVE-2024-27077 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity The entity->name (i.e. name) is allocated in v4l2_m2m_register_ent… | |||
| CVE-2024-27076 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak Free the memory allocated in v4l2_ctrl_handler_init on release. | |||
| CVE-2024-27072 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: media: usbtv: Remove useless locks in usbtv_video_free() Remove locks calls in usbtv_video_free() because are useless and may led… | |||
| CVE-2024-27059 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command The isd200 sub-driver in usb-storage uses the HEADS and SECTORS… | |||
| CVE-2024-27047 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: phy: fix phy_get_internal_delay accessing an empty array The phy_get_internal_delay function could try to access to an empty… | |||
| CVE-2024-25580 | medium | — | 5.5 | 2y ago | An issue was discovered in gui/util/qktxhandler.cpp in Qt before 5.15.17, 6.x before 6.2.12, 6.3.x through 6.5.x before 6.5.5, and 6.6.x before 6.6.2. A buffer overflow and application crash can occu… | |||
| CVE-2024-28102 | medium | — | 5.5 | 2y ago | RHSA-2024:3267: idm:DL1 and idm:client security update (Moderate) | |||
| CVE-2024-24259 | medium | — | 5.5 | 2y ago | Moderate: freeglut security update | |||
| CVE-2024-26830 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: i40e: Do not allow untrusted VF to remove administratively set MAC Currently when PF administratively sets VF's MAC address and t… | |||
| CVE-2024-24258 | medium | — | 5.5 | 2y ago | Moderate: freeglut security update | |||
| CVE-2024-0409 | medium | — | 5.5 | 2y ago | A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiat… | |||
| CVE-2024-2494 | medium | — | 5.5 | 2y ago | RHSA-2024:3253: virt:rhel and virt-devel:rhel security update (Moderate) | |||
| CVE-2024-22195 | medium | — | 5.5 | 2y ago | Moderate: fence-agents security and bug fix update | |||
| CVE-2024-28180 | medium | — | 5.5 | 2y ago | RHSA-2024:3968: container-tools:rhel8 bug fix and enhancement update (Moderate) | |||
| CVE-2024-2496 | medium | — | 5.5 | 2y ago | Moderate: libvirt security update | |||
| CVE-2024-0690 | medium | — | 5.5 | 2y ago | RHSA-2024:3043: ansible-core bug fix, enhancement, and security update (Moderate) | |||
| CVE-2024-0408 | medium | — | 5.5 | 2y ago | A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (… | |||
| CVE-2024-1048 | medium | — | 5.5 | 2y ago | Moderate: grub2 security update | |||
| CVE-2024-24784 | medium | — | 5.5 | 2y ago | RHSA-2024:6969: container-tools:rhel8 security update (Moderate) | |||
| CVE-2024-24783 | medium | — | 5.5 | 2y ago | RHSA-2024:6969: container-tools:rhel8 security update (Moderate) | |||
| CVE-2024-1441 | medium | — | 5.5 | 2y ago | Moderate: libvirt security and bug fix update | |||
| CVE-2024-0727 | medium | 5.5 | 5.5 | 2y ago | Low: openssl and openssl-fips-provider security update | |||
| CVE-2024-1481 | medium | — | 5.5 | 2y ago | RHSA-2024:3044: idm:DL1 security update (Moderate) | |||
| CVE-2024-22365 | medium | 5.5 | 5.5 | 2y ago | Moderate: pam security update | |||
| CVE-2024-2307 | medium | — | 5.5 | 2y ago | RHSA-2024:2961: Image builder components bug fix, enhancement and security update (Moderate) | |||
| CVE-2024-24786 | medium | — | 5.5 | 2y ago | RHSA-2024:4246: container-tools security update (Moderate) | |||
| CVE-2024-2357 | medium | — | 5.5 | 2y ago | RHSA-2024:1998: libreswan security update (Moderate) | |||
| CVE-2024-21012 | medium | — | 5.5 | 2y ago | RHSA-2024:1828: java-21-openjdk security update (Moderate) | |||
| CVE-2024-31229 | medium | 5.5 | 5.5 | 2y ago | Server-Side Request Forgery (SSRF) vulnerability in Really Simple Plugins Really Simple SSL.This issue affects Really Simple SSL: from n/a through 7.2.3. | |||
| CVE-2024-28834 | medium | — | 5.5 | 2y ago | RHSA-2024:1784: gnutls security update (Moderate) | |||
| CVE-2024-28835 | medium | — | 5.5 | 2y ago | Moderate: gnutls security update | |||
| CVE-2024-21011 | medium | — | 5.5 | 2y ago | Moderate: java-1.8.0-openjdk security update |