CVEs from 2024
Total
6,592
critical
critical 174
high
high 1,069
medium
medium 2,083
low
low 49
% Critical
2.6%
% with KEV
2.5%
% with exploit
3.4%
Top products
- mbed_tls 15
- operations_analytics_log_analysis 14
- surveillance_station 12
- checkmk 10
- office 8
- profilegrid 8
- office_long_term_servicing_channel 6
- propertyhive 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-49989 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix double free issue during amdgpu module unload Flexible endpoints use DIGs from available inflexible endpoint… | |||
| CVE-2024-49992 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/stm: Avoid use-after-free issues with crtc and plane ltdc_load() calls functions drm_crtc_init_with_planes(), drm_universal_p… | |||
| CVE-2024-49996 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: cifs: Fix buffer overflow when parsing NFS reparse points ReparseDataLength is sum of the InodeType size and DataBuffer size. So … | |||
| CVE-2024-50005 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mac802154: Fix potential RCU dereference issue in mac802154_scan_worker In the `mac802154_scan_worker` function, the `scan_req->t… | |||
| CVE-2024-50159 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Fix the double free in scmi_debugfs_common_setup() Clang static checker(scan-build) throws below warning: |… | |||
| CVE-2024-50157 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Avoid CPU lockups due fifo occupancy check loop Driver waits indefinitely for the fifo occupancy to go below a thre… | |||
| CVE-2024-50176 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: remoteproc: k3-r5: Fix error handling when power-up failed By simply bailing out, the driver was violating its rule and internal … | |||
| CVE-2024-50165 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: bpf: Preserve param->string when parsing mount options In bpf_parse_param(), keep the value of param->string intact so it can be … | |||
| CVE-2024-13745 | unknown | — | — | — | ||||
| CVE-2024-50172 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Fix a possible memory leak In bnxt_re_setup_chip_ctx() when bnxt_qplib_map_db_bar() fails driver is not freeing the… | |||
| CVE-2024-50175 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: qcom: camss: Remove use_count guard in stop_streaming The use_count check was introduced so that multiple concurrent Raw D… | |||
| CVE-2024-50187 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Stop the active perfmon before being destroyed Upon closing the file descriptor, the active performance monitor is not s… | |||
| CVE-2024-53046 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: arm64: dts: imx8ulp: correct the flexspi compatible string The flexspi on imx8ulp only has 16 LUTs, and imx8mm flexspi has 32 LUT… | |||
| CVE-2024-53063 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: dvbdev: prevent the risk of out of memory access The dvbdev contains a static variable used to store dvb minors. The beha… | |||
| CVE-2024-53071 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Be stricter about IO mapping flags The current panthor_device_mmap_io() implementation has two issues: 1. For mappi… | |||
| CVE-2024-53076 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: iio: gts-helper: Fix memory leaks for the error path of iio_gts_build_avail_scale_table() If per_time_scales[i] or per_time_gains… | |||
| CVE-2024-53077 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: rpcrdma: Always release the rpcrdma_device's xa_array Dai pointed out that the xa_init_flags() in rpcrdma_add_one() needs to have… | |||
| CVE-2024-53078 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/tegra: Fix NULL vs IS_ERR() check in probe() The iommu_paging_domain_alloc() function doesn't return NULL pointers, it retur… | |||
| CVE-2024-53186 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in SMB request handling A race condition exists between SMB request handling in `ksmbd_conn_handler_loo… | |||
| CVE-2024-53191 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix warning when unbinding If there is an error during some initialization related to firmware, the buffers dp->tx_… | |||
| CVE-2024-53196 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Don't retire aborted MMIO instruction Returning an abort to the guest for an unsupported MMIO access is a documented … | |||
| CVE-2024-53212 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: netlink: fix false positive warning in extack during dumps Commit under fixes extended extack reporting to dumps. It works under … | |||
| CVE-2024-53205 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: phy: realtek: usb: fix NULL deref in rtk_usb2phy_probe In rtk_usb2phy_probe() devm_kzalloc() may return NULL but this returned va… | |||
| CVE-2024-53207 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix possible deadlocks This fixes possible deadlocks like the following caused by hci_cmd_sync_dequeue causing t… | |||
| CVE-2024-53211 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net/l2tp: fix warning in l2tp_exit_net found by syzbot In l2tp's net exit handler, we check that an IDR is empty before destroyin… | |||
| CVE-2024-53214 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Properly hide first-in-list PCIe extended capability There are cases where a PCIe extended capability should be hidden … | |||
| CVE-2024-56579 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: amphion: Set video drvdata before register video device The video drvdata should be set before the video device is registe… | |||
| CVE-2024-56583 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: sched/deadline: Fix warning in migrate_enable for boosted tasks When running the following command: while true; do stress-ng… | |||
| CVE-2024-56586 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: f2fs: fix f2fs_bug_on when uninstalling filesystem call f2fs_evict_inode. creating a large files during checkpoint disable until … | |||
| CVE-2024-56606 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: af_packet: avoid erroring out after sock_init_data() in packet_create() After sock_init_data() the allocated sk object is attache… | |||
| CVE-2024-56615 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: bpf: fix OOB devmap writes when deleting elements Jordy reported issue against XSKMAP which also applies to DEVMAP - the index us… | |||
| CVE-2024-56617 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: cacheinfo: Allocate memory during CPU hotplug if not done from the primary CPU Commit 5944ce092b97 ("arch_topology: Build cach… | |||
| CVE-2024-56618 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx: gpcv2: Adjust delay after power up handshake The udelay(5) is not enough, sometimes below kernel panic still be tr… | |||
| CVE-2024-56777 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers in sti_gdp_atomic_check The return value of drm_atomic_get_crtc_state() ne… | |||
| CVE-2024-57883 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mm: hugetlb: independent PMD page table shared count The folio refcount may be increased unexpectly through try_get_folio() by ca… | |||
| CVE-2024-57892 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv When mounting ocfs2 and then remounting it as read-only, a slab-u… | |||
| CVE-2024-57900 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ila: serialize calls to nf_register_net_hooks() syzbot found a race in ila_add_mapping() [1] commit 031ae72825ce ("ila: call nf_… | |||
| CVE-2024-45234 | unknown | — | — | — | An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) an ROA or a Manifest containing a signedAttrs encod… | |||
| CVE-2024-45236 | unknown | — | — | — | An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) a signed object containing an empty signedAttribute… | |||
| CVE-2024-57919 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix divide error in DM plane scale calcs dm_get_plane_scale doesn't take into account plane scaled size equal to… | |||
| CVE-2024-45237 | unknown | — | — | — | An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) a resource certificate containing a Key Usage exten… | |||
| CVE-2024-56169 | unknown | — | — | — | A validation integrity issue was discovered in Fort through 1.6.4 before 2.0.0. RPKI Relying Parties (such as Fort) are supposed to maintain a backup cache of the remote RPKI data. This can be employ… | |||
| CVE-2024-45239 | unknown | — | — | — | An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) an ROA or a Manifest containing a null eContent fie… | |||
| CVE-2024-57933 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: gve: guard XSK operations on the existence of queues This patch predicates the enabling and disabling of XSK pools on the existen… | |||
| CVE-2024-58078 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: misc: misc_minor_alloc to use ida for all dynamic/misc dynamic minors misc_minor_alloc was allocating id using ida for minor only… | |||
| CVE-2024-58094 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: jfs: add check read-only before truncation in jfs_truncate_nolock() Added a check for "read-only" mode in the `jfs_truncate_noloc… | |||
| CVE-2024-58095 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: jfs: add check read-only before txBeginAnon() call Added a read-only check before calling `txBeginAnon` in `extAlloc` and `extRec… | |||
| CVE-2024-8805 | unknown | — | — | — | BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Bl… | |||
| CVE-2024-22029 | unknown | — | — | — | Insecure permissions in the packaging of tomcat allow local users that win a race during package installation to escalate to root | |||
| CVE-2024-6100 | unknown | — | — | — | Type Confusion in V8 in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2024-6774 | unknown | — | — | — | Use after free in Screen Capture in Google Chrome prior to 126.0.6478.182 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a… | |||
| CVE-2024-6775 | unknown | — | — | — | Use after free in Media Stream in Google Chrome prior to 126.0.6478.182 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a c… | |||
| CVE-2024-7964 | unknown | — | — | — | Use after free in Passwords in Google Chrome on Android prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: H… | |||
| CVE-2024-8638 | unknown | — | — | — | Type Confusion in V8 in Google Chrome prior to 128.0.6613.137 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2024-6991 | unknown | — | — | — | Use after free in Dawn in Google Chrome prior to 127.0.6533.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2024-7535 | unknown | — | — | — | Inappropriate implementation in V8 in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2024-7021 | unknown | — | — | — | Inappropriate implementation in Autofill in Google Chrome on Windows prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medi… | |||
| CVE-2024-7024 | unknown | — | — | — | Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low) | |||
| CVE-2024-7533 | unknown | — | — | — | Use after free in Sharing in Google Chrome on iOS prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2024-7534 | unknown | — | — | — | Heap buffer overflow in Layout in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2024-7966 | unknown | — | — | — | Out of bounds memory access in Skia in Google Chrome prior to 128.0.6613.84 allowed a remote attacker who had compromised the renderer process to perform out of bounds memory access via a crafted HTM… | |||
| CVE-2024-7973 | unknown | — | — | — | Heap buffer overflow in PDFium in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file. (Chromium security severity: Medium) | |||
| CVE-2024-7969 | unknown | — | — | — | Type Confusion in V8 in Google Chrome prior to 128.0.6613.113 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2024-7972 | unknown | — | — | — | Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security sev… | |||
| CVE-2024-8033 | unknown | — | — | — | Inappropriate implementation in WebApp Installs in Google Chrome on Windows prior to 128.0.6613.84 allowed an attacker who convinced a user to install a malicious application to perform UI spoofing v… | |||
| CVE-2024-8636 | unknown | — | — | — | Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2024-8193 | unknown | — | — | — | Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.113 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page… | |||
| CVE-2024-26912 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix several DMA buffer leaks Nouveau manages GSP-RM DMA buffers with nvkm_gsp_mem objects. Several of these buffers… | |||
| CVE-2024-23198 | unknown | — | — | — | Improper input validation in firmware for some Intel(R) PROSet/Wireless Software and Intel(R) Killer(TM) Wi-Fi products before version 23.40 may allow an unauthenticated user to enable denial of serv… | |||
| CVE-2024-24984 | unknown | — | — | — | Improper input validation for some Intel(R) Wireless Bluetooth(R) products for Windows before version 23.40 may allow an unauthenticated user to potentially enable denial of service via adjacent acce… | |||
| CVE-2024-25563 | unknown | — | — | — | Improper initialization in firmware for some Intel(R) PROSet/Wireless Software and Intel(R) Killer(TM) Wi-Fi before version 23.40 may allow a privileged user to potentially enable information disclos… | |||
| CVE-2024-27913 | unknown | — | — | — | ospf_te_parse_te in ospfd/ospf_te.c in FRRouting (FRR) through 9.1 allows remote attackers to cause a denial of service (ospfd daemon crash) via a malformed OSPF LSA packet, because of an attempted a… | |||
| CVE-2024-28049 | unknown | — | — | — | Improper input validation in firmware for some Intel(R) PROSet/Wireless Software and Intel(R) Killer(TM) Wi-Fi wireless products before version 23.40 may allow an unauthenticated user to enable denia… | |||
| CVE-2024-31950 | unknown | — | — | — | In FRRouting (FRR) through 9.1, there can be a buffer overflow and daemon crash in ospf_te_parse_ri for OSPF LSA packets during an attempt to read Segment Routing subTLVs (their size is not validated… | |||
| CVE-2024-34088 | unknown | — | — | — | In FRRouting (FRR) through 9.1, it is possible for the get_edge() function in ospf_te.c in the OSPF daemon to return a NULL pointer. In cases where calling functions do not handle the returned NULL v… | |||
| CVE-2024-39884 | unknown | — | — | — | A regression in the core of Apache HTTP Server 2.4.60 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances wher… | |||
| CVE-2024-40725 | unknown | — | — | — | A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some… | |||
| CVE-2024-40898 | unknown | — | — | — | SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests. Users are recommended to… | |||
| CVE-2024-42516 | unknown | — | — | — | HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of applications hosted or proxied by the server can split the HTTP re… | |||
| CVE-2024-43204 | unknown | — | — | — | SSRF in Apache HTTP Server with mod_proxy loaded allows an attacker to send outbound proxy requests to a URL controlled by the attacker. Requires an unlikely configuration where mod_headers is confi… | |||
| CVE-2024-26683 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: detect stuck ECSA element in probe resp We recently added some validation that we don't try to connect to an AP t… | |||
| CVE-2024-26685 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential bug in end_buffer_async_write According to a syzbot report, end_buffer_async_write(), which handles the com… | |||
| CVE-2024-26687 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: xen/events: close evtchn after mapping cleanup shutdown_pirq and startup_pirq are not taking the irq_mapping_update_lock because … | |||
| CVE-2024-26689 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ceph: prevent use-after-free in encode_cap_msg() In fs/ceph/caps.c, in encode_cap_msg(), "use after free" error was caught by KAS… | |||
| CVE-2024-26690 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: stmmac: protect updates of 64-bit statistics counters As explained by a comment in <linux/u64_stats_sync.h>, write side of s… | |||
| CVE-2024-26696 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix hang in nilfs_lookup_dirty_data_buffers() Syzbot reported a hang issue in migrate_pages_batch() called by mbind() and… | |||
| CVE-2024-26697 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix data corruption in dsync block recovery for small block sizes The helper function nilfs_recovery_copy_block() of nilf… | |||
| CVE-2024-26715 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Fix NULL pointer dereference in dwc3_gadget_suspend In current scenario if Plug-out and Plug-In performed cont… | |||
| CVE-2024-26710 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Limit KASAN thread size increase to 32KB KASAN is seen to increase stack usage, to the point that it was reported … | |||
| CVE-2024-26711 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad4130: zero-initialize clock init data The clk_init_data struct does not have all its members initialized, causing iss… | |||
| CVE-2024-26718 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: dm-crypt, dm-verity: disable tasklets Tasklets have an inherent problem with memory corruption. The function tasklet_action_commo… | |||
| CVE-2024-26721 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/i915/dsc: Fix the macro that calculates DSCC_/DSCA_ PPS reg address Commit bd077259d0a9 ("drm/i915/vdsc: Add function to read… | |||
| CVE-2024-26731 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix NULL pointer dereference in sk_psock_verdict_data_ready() syzbot reported the following NULL pointer dereferenc… | |||
| CVE-2024-26722 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ASoC: rt5645: Fix deadlock in rt5645_jack_detect_work() There is a path in rt5645_jack_detect_work(), where rt5645->jd_mutex is l… | |||
| CVE-2024-26723 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: lan966x: Fix crash when adding interface under a lag There is a crash when adding one of the lan966x interfaces under a lag inter… | |||
| CVE-2024-26729 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix potential null pointer dereference in dc_dmub_srv Fixes potential null pointer dereference warnings in the d… | |||
| CVE-2024-26842 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix shift issue in ufshcd_clear_cmd() When task_tag >= 32 (in MCQ mode) and sizeof(unsigned int) == 4, 1U << tas… | |||
| CVE-2024-26850 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mm/debug_vm_pgtable: fix BUG_ON with pud advanced test Architectures like powerpc add debug checks to ensure we find only devmap … | |||
| CVE-2024-26856 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: sparx5: Fix use after free inside sparx5_del_mact_entry Based on the static analyzis of the code it looks like when an entry… | |||
| CVE-2024-26860 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: dm-integrity: fix a memory leak when rechecking the data Memory for the "checksums" pointer will leak if the data is rechecked af… |