CVEs from 2024
Total
6,592
critical
critical 174
high
high 1,069
medium
medium 2,083
low
low 49
% Critical
2.6%
% with KEV
2.5%
% with exploit
3.4%
Top products
- mbed_tls 15
- operations_analytics_log_analysis 14
- surveillance_station 12
- checkmk 10
- office 8
- profilegrid 8
- office_long_term_servicing_channel 6
- propertyhive 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-45777 | medium | — | 5.5 | 7mo ago | Moderate: grub2 security update | |||
| CVE-2024-58083 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57987 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57988 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57989 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57990 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-58068 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-58075 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-49570 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-46689 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-47679 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-47727 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-53052 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-49864 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-50294 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-50060 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-56675 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-56690 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-56709 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-56739 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57981 | medium | 5.5 | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-56786 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57986 | medium | 5.5 | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-13176 | medium | — | 5.5 | 9mo ago | Moderate: mysql:8.4 security update | |||
| CVE-2024-36357 | medium | — | 5.5 | 9mo ago | Moderate: kernel security update | |||
| CVE-2024-47252 | medium | — | 5.5 | 9mo ago | Insufficient escaping of user-supplied data in mod_ssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. … | |||
| CVE-2024-36350 | medium | — | 5.5 | 10mo ago | Moderate: kernel security update | |||
| CVE-2024-47081 | medium | — | 5.5 | 10mo ago | RHSA-2025:14999: resource-agents security update (Moderate) | |||
| CVE-2024-57980 | medium | — | 5.5 | 10mo ago | Moderate: kernel security update | |||
| CVE-2024-52615 | medium | — | 5.5 | 11mo ago | Moderate: avahi security update | |||
| CVE-2024-13175 | medium | 5.5 | 5.5 | 11mo ago | Authorization Bypass Through User-Controlled Key vulnerability in Vidco Software VOC TESTER allows Forceful Browsing. This issue affects VOC TESTER: before 12.41.0. | |||
| CVE-2024-50379 | medium | — | 5.5 | 11mo ago | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file systems when the default servlet is enabled for write (… | |||
| CVE-2024-23337 | medium | — | 5.5 | 11mo ago | jq is a command-line JSON processor. In versions up to and including 1.7.1, an integer overflow arises when assigning value using an index of 2147483647, the signed integer limit. This causes a denia… | |||
| CVE-2024-54661 | medium | — | 5.5 | 11mo ago | readline.sh in socat before1.8.0.2 relies on the /tmp/$USER/stderr2 file. | |||
| CVE-2024-53064 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: idpf: fix idpf_vc_core_init error path In an event where the platform running the device control plane is rebooted, reset is dete… | |||
| CVE-2024-45332 | medium | — | 5.5 | 1y ago | RHSA-2025:10991: microcode_ctl security update (Moderate) | |||
| CVE-2024-43420 | medium | — | 5.5 | 1y ago | RHSA-2025:10991: microcode_ctl security update (Moderate) | |||
| CVE-2024-43910 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: add missing check_func_arg_reg_off() to prevent out-of-bounds memory accesses Currently, it's possible to pass in a modified… | |||
| CVE-2024-49569 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: unquiesce admin_q before destroy it Kernel will hang on destroy admin_q while we create ctrl failed, such as following… | |||
| CVE-2024-56611 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix migrate_to_node() assuming there is at least one VMA in a MM We currently assume that there is at least one VMA… | |||
| CVE-2024-42315 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: exfat: fix potential deadlock on __exfat_get_dentry_set When accessing a file with more entries than ES_MAX_ENTRY_NUM, the bh-arr… | |||
| CVE-2024-50008 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext() Replace one-element array with a flexib… | |||
| CVE-2024-56760 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: PCI/MSI: Handle lack of irqdomain gracefully Alexandre observed a warning emitted from pci_msi_setup_msi_irqs() on a RISCV platfo… | |||
| CVE-2024-35891 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Fix potential null pointer dereference In lan8814_get_sig_rx() and lan8814_get_sig_tx() ptp_parse_header() may … | |||
| CVE-2024-47738 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't use rate mask for offchannel TX either Like the commit ab9177d83c04 ("wifi: mac80211: don't use rate mask f… | |||
| CVE-2024-56667 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix NULL pointer dereference in capture_engine When the intel_context structure contains NULL, it raises a NULL pointer… | |||
| CVE-2024-45000 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: fs/netfs/fscache_cookie: add missing "n_accesses" check This fixes a NULL pointer dereference bug due to a data race which looks … | |||
| CVE-2024-56663 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: fix NL80211_ATTR_MLO_LINK_ID off-by-one Since the netlink attribute range validation provides inclusive checking, … | |||
| CVE-2024-56600 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net: inet6: do not leave a dangling sk pointer in inet6_create() sock_init_data() attaches the allocated sk pointer to the provid… | |||
| CVE-2024-48873 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: check return value of ieee80211_probereq_get() for RNR The return value of ieee80211_probereq_get() might be NULL, s… | |||
| CVE-2024-46673 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: aacraid: Fix double-free on probe failure aac_probe_one() calls hardware-specific init functions through the aac_driver_ide… | |||
| CVE-2024-46864 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: x86/hyperv: fix kexec crash due to VP assist page corruption commit 9636be85cc5b ("x86/hyperv: Fix hyperv_pcpu_input_arg handling… | |||
| CVE-2024-43846 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: lib: objagg: Fix general protection fault The library supports aggregation of objects into other objects only if the parent objec… | |||
| CVE-2024-49960 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: fix timer use-after-free on failed mount Syzbot has found an ODEBUG bug in ext4_fill_super The del_timer_sync function can… | |||
| CVE-2024-52616 | medium | — | 5.5 | 1y ago | Moderate: avahi security update | |||
| CVE-2024-46787 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: userfaultfd: fix checks for huge PMDs Patch series "userfaultfd: fix races around pmd_trans_huge() check", v2. The pmd_trans_hug… | |||
| CVE-2024-50128 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net: wwan: fix global oob in wwan_rtnl_policy The variable wwan_rtnl_link_ops assign a *bigger* maxtype which leads to a global o… | |||
| CVE-2024-56783 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_socket: remove WARN_ON_ONCE on maximum cgroup level cgroup maximum depth is INT_MAX by default, there is a cgroup … | |||
| CVE-2024-47706 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible UAF for bfqq->bic with merge chain 1) initial state, three tasks: Process 1 Process 2 Process 3… | |||
| CVE-2024-56653 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btmtk: avoid UAF in btmtk_process_coredump hci_devcd_append may lead to the release of the skb, so it cannot be access… | |||
| CVE-2024-50047 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption (large read) crashes with a slab-use-after-free way down in th… | |||
| CVE-2024-47715 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7915: fix oops on non-dbdc mt7986 mt7915_band_config() sets band_idx = 1 on the main phy for mt7986 with MT7975_ONE… | |||
| CVE-2024-47739 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: padata: use integer wrap around to prevent deadlock on seq_nr overflow When submitting more than 2^32 padata objects to padata_do… | |||
| CVE-2024-58099 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: vmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame Andrew and Nikolay reported connectivity issues with Cilium's service lo… | |||
| CVE-2024-36011 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: HCI: Fix potential null-ptr-deref Fix potential null-ptr-deref in hci_le_big_sync_established_evt(). | |||
| CVE-2024-42265 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: protect the fetch of ->fd[fd] in do_dup2() from mispredictions both callers have verified that fd is not greater than ->max_fds; … | |||
| CVE-2024-56647 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net: Fix icmp host relookup triggering ip_rt_bug arp link failure may trigger ip_rt_bug while xfrm enabled, call trace is: WARNI… | |||
| CVE-2024-49851 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: tpm: Clean up TPM space after command failure tpm_dev_transmit prepares the TPM space before attempting command transmission. How… | |||
| CVE-2024-46758 | medium | — | 5.5 | 1y ago | RHSA-2025:6966: kernel security update (Moderate) | |||
| CVE-2024-56623 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix use after free on unload System crash is observed with stack trace warning of use after free. There are 2 sign… | |||
| CVE-2024-47599 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gst_jpeg_dec_negotiate function in gstjpegdec.c. This … | |||
| CVE-2024-50219 | medium | — | 5.5 | 1y ago | RHSA-2025:6966: kernel security update (Moderate) | |||
| CVE-2024-57879 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: iso: Always release hdev at the end of iso_listen_bis Since hci_get_route holds the device before returning, the hdev … | |||
| CVE-2024-47597 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been detected in the function qtdemux_parse_samples within qtdemux.c. This issue arises when the function … | |||
| CVE-2024-50009 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: cpufreq: amd-pstate: add check for cpufreq_cpu_get's return value cpufreq_cpu_get may return NULL. To avoid NULL-dereference chec… | |||
| CVE-2024-47748 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: vhost_vdpa: assign irq bypass producer token correctly We used to call irq_bypass_unregister_producer() in vhost_vdpa_setup_vq_ir… | |||
| CVE-2024-49861 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix helper writes to read-only maps Lonial found an issue that despite user- and BPF-side frozen BPF map (like in case of .r… | |||
| CVE-2024-49860 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ACPI: sysfs: validate return type of _STR method Only buffer objects are valid return values of _STR. If something else is retur… | |||
| CVE-2024-49927 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: x86/ioapic: Handle allocation failures gracefully Breno observed panics when using failslab under certain conditions during runti… | |||
| CVE-2024-49870 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix dentry leak in cachefiles_open_file() A dentry leak may be caused when a lookup cookie and a cull are concurrent:… | |||
| CVE-2024-49950 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix uaf in l2cap_connect [Syzbot reported] BUG: KASAN: slab-use-after-free in l2cap_connect.constprop.0+0x10d8/… | |||
| CVE-2024-49878 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: resource: fix region_intersects() vs add_memory_driver_managed() On a system with CXL memory, the resource tree (/proc/iomem) rel… | |||
| CVE-2024-50024 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net: Fix an unsafe loop on the list The kernel may crash when deleting a genetlink family if there are still listeners for that f… | |||
| CVE-2024-50013 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: exfat: fix memory leak in exfat_load_bitmap() If the first directory entry in the root directory is not a bitmap directory entry,… | |||
| CVE-2024-56616 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: drm/dp_mst: Fix MST sideband message body length check Fix the MST sideband message body length check, which must be at least 1 b… | |||
| CVE-2024-50038 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: avoid NFPROTO_UNSPEC where needed syzbot managed to call xt_cluster match via ebtables: WARNING: CPU: 0 PID… | |||
| CVE-2024-57931 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: selinux: ignore unknown extended permissions When evaluating extended permissions, ignore unknown permissions instead of calling … | |||
| CVE-2024-45774 | medium | — | 5.5 | 1y ago | Moderate: grub2 security update | |||
| CVE-2024-57885 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: mm/kmemleak: fix sleeping function called from invalid context at print message Address a bug in the kernel that triggers a "slee… | |||
| CVE-2024-50081 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: blk-mq: setup queue ->tag_set before initializing hctx Commit 7b815817aa58 ("blk-mq: add helper for checking if one CPU is mapped… | |||
| CVE-2024-57940 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: exfat: fix the infinite loop in exfat_readdir() If the file system is corrupted so that a cluster is linked to itself in the clus… | |||
| CVE-2024-50152 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix possible double free in smb2_set_ea() Clang static checker(scan-build) warning: fs/smb/client/smb2ops.c:1304:2: … | |||
| CVE-2024-50162 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: devmap: provide rxq after redirect rxq contains a pointer to the device from where the redirect happened. Currently, the BPF… | |||
| CVE-2024-50200 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: maple_tree: correct tree corruption on spanning store Patch series "maple_tree: correct tree corruption on spanning store", v3. … | |||
| CVE-2024-50117 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd: Guard against bad data for ATIF ACPI method If a BIOS provides bad data in response to an ATIF method call this causes a… | |||
| CVE-2024-53224 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Move events notifier registration to be after device registration Move pkey change work initialization and cleanup fro… | |||
| CVE-2024-53194 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: PCI: Fix use-after-free of slot->bus on hot remove Dennis reports a boot crash on recent Lenovo laptops with a USB4 dock. Since … | |||
| CVE-2024-53173 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: NFSv4.0: Fix a use-after-free problem in the asynchronous open() Yang Erkun reports that when two threads are opening files at th… | |||
| CVE-2024-35978 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix memory leak in hci_req_sync_complete() In 'hci_req_sync_complete()', always free the previous sync request state b… | |||
| CVE-2024-53093 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: nvme-multipath: defer partition scanning We need to suppress the partition scan from occuring within the controller's scan_work c… |