CVEs from 2024
Total
6,583
critical
critical 174
high
high 1,069
medium
medium 2,083
low
low 49
% Critical
2.6%
% with KEV
2.5%
% with exploit
3.4%
Top products
- mbed_tls 15
- operations_analytics_log_analysis 14
- surveillance_station 12
- checkmk 10
- office 8
- profilegrid 8
- office_long_term_servicing_channel 6
- propertyhive 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-50077 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix multiple init when debugfs is disabled If bt_debugfs is not created successfully, which happens if either CON… | |||
| CVE-2024-43914 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: md/raid5: avoid BUG_ON() while continue reshape after reassembling Currently, mdadm support --revert-reshape to abort the reshape… | |||
| CVE-2024-56826 | medium | — | 5.5 | 1y ago | Moderate: openjpeg2 security update | |||
| CVE-2024-50182 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: secretmem: disable memfd_secret() if arch cannot set direct map Return -ENOSYS from memfd_secret() syscall if !can_set_direct_map… | |||
| CVE-2024-50186 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net: explicitly clear the sk pointer, when pf->create fails We have recently noticed the exact same KASAN splat as in commit 6cd4… | |||
| CVE-2024-50215 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: nvmet-auth: assign dh_key to NULL after kfree_sensitive ctrl->dh_key might be used across multiple calls to nvmet_setup_dhgroup()… | |||
| CVE-2024-49993 | medium | — | 5.5 | 1y ago | RHSA-2025:6966: kernel security update (Moderate) | |||
| CVE-2024-45783 | medium | — | 5.5 | 1y ago | Moderate: grub2 security update | |||
| CVE-2024-50278 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: dm cache: fix potential out-of-bounds access on the first resume Out-of-bounds access occurs if the fast device is expanded unexp… | |||
| CVE-2024-53042 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow() There are code paths from which the function is called… | |||
| CVE-2024-49569 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: unquiesce admin_q before destroy it Kernel will hang on destroy admin_q while we create ctrl failed, such as following… | |||
| CVE-2024-56644 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net/ipv6: release expired exception dst cached in socket Dst objects get leaked in ip6_negative_advice() when this function is ex… | |||
| CVE-2024-53070 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: fix fault at system suspend if device was already runtime suspended If the device was already runtime suspended then d… | |||
| CVE-2024-53072 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/pmc: Detect when STB is not available Loading the amd_pmc module as: amd_pmc enable_stb=1 ...can result in… | |||
| CVE-2024-45781 | medium | — | 5.5 | 1y ago | Moderate: grub2 security update | |||
| CVE-2024-47542 | medium | — | 5.5 | 1y ago | Moderate: gstreamer1-plugins-base security update | |||
| CVE-2024-43873 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: vhost/vsock: always initialize seqpacket_allow There are two issues around seqpacket_allow: 1. seqpacket_allow is not initialized… | |||
| CVE-2024-48873 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: check return value of ieee80211_probereq_get() for RNR The return value of ieee80211_probereq_get() might be NULL, s… | |||
| CVE-2024-53224 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Move events notifier registration to be after device registration Move pkey change work initialization and cleanup fro… | |||
| CVE-2024-43910 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: add missing check_func_arg_reg_off() to prevent out-of-bounds memory accesses Currently, it's possible to pass in a modified… | |||
| CVE-2024-54680 | medium | — | 5.5 | 1y ago | RHSA-2025:6966: kernel security update (Moderate) | |||
| CVE-2024-53117 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: virtio/vsock: Improve MSG_ZEROCOPY error handling Add a missing kfree_skb() to prevent memory leaks. | |||
| CVE-2024-53118 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: vsock: Fix sk_error_queue memory leak Kernel queues MSG_ZEROCOPY completion notifications on the error queue. Where they remain, … | |||
| CVE-2024-47738 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't use rate mask for offchannel TX either Like the commit ab9177d83c04 ("wifi: mac80211: don't use rate mask f… | |||
| CVE-2024-47737 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: nfsd: call cache_put if xdr_reserve_space returns NULL If not enough buffer space available, but idmap_lookup has triggered looku… | |||
| CVE-2024-53156 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() I found the following bug in my fuzzer: UBSAN: array-i… | |||
| CVE-2024-53164 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch->q.qlen around qdisc_tree_reduce_backlog() need to happen _before_ a c… | |||
| CVE-2024-42291 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ice: Add a per-VF limit on number of FDIR filters While the iavf driver adds a s/w limit (128) on the number of FDIR filters that… | |||
| CVE-2024-42278 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ASoC: TAS2781: Fix tasdev_load_calibrated_data() This function has a reversed if statement so it's either a no-op or it leads to … | |||
| CVE-2024-42312 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: sysctl: always initialize i_uid/i_gid Always initialize i_uid/i_gid inside the sysfs core so set_ownership() can safely skip sett… | |||
| CVE-2024-57884 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim() The task sometimes continues looping in … | |||
| CVE-2024-42253 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: gpio: pca953x: fix pca953x_irq_bus_sync_unlock race Ensure that `i2c_lock' is held when setting interrupt latch and mask in pca95… | |||
| CVE-2024-47687 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: vdpa/mlx5: Fix invalid mr resource destroy Certain error paths from mlx5_vdpa_dev_add() can end up releasing mr resources which n… | |||
| CVE-2024-8418 | medium | — | 5.5 | 1y ago | A flaw was found in Aardvark-dns, which is vulnerable to a Denial of Service attack due to the serial processing of TCP DNS queries. An attacker can exploit this flaw by keeping a TCP connection open… | |||
| CVE-2024-42133 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Ignore too large handle values in BIG hci_le_big_sync_established_evt is necessary to filter out cases where the handl… | |||
| CVE-2024-56642 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free of kernel socket in cleanup_bearer(). syzkaller reported a use-after-free of UDP kernel socket in cleanu… | |||
| CVE-2024-36013 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix slab-use-after-free in l2cap_connect() Extend a critical section to prevent chan from early freeing. Also m… | |||
| CVE-2024-40956 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list Use list_for_each_entry_safe() to allow iterating through t… | |||
| CVE-2024-36011 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: HCI: Fix potential null-ptr-deref Fix potential null-ptr-deref in hci_le_big_sync_established_evt(). | |||
| CVE-2024-49995 | medium | — | 5.5 | 1y ago | RHSA-2025:6966: kernel security update (Moderate) | |||
| CVE-2024-43898 | medium | — | 5.5 | 1y ago | RHSA-2025:6966: kernel security update (Moderate) | |||
| CVE-2024-47719 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: iommufd: Protect against overflow of ALIGN() during iova allocation Userspace can supply an iova and uptr such that the target io… | |||
| CVE-2024-42305 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: check dot and dotdot of dx_root before making dir indexed Syzbot reports a issue as follows: ==============================… | |||
| CVE-2024-35891 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Fix potential null pointer dereference In lan8814_get_sig_rx() and lan8814_get_sig_tx() ptp_parse_header() may … | |||
| CVE-2024-35978 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix memory leak in hci_req_sync_complete() In 'hci_req_sync_complete()', always free the previous sync request state b… | |||
| CVE-2024-35964 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix not validating setsockopt user input Check user input length before copying data. | |||
| CVE-2024-53222 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: zram: fix NULL pointer in comp_algorithm_show() LTP reported a NULL pointer dereference as followed: CPU: 7 UID: 0 PID: 5995 Co… | |||
| CVE-2024-50046 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies() On the node of an NFS client, some files saved in the mountpoi… | |||
| CVE-2024-56601 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inet_create() sock_init_data() attaches the allocated sk object to the provided … | |||
| CVE-2024-42294 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: block: fix deadlock between sd_remove & sd_release Our test report the following hung task: [ 2538.459400] INFO: task "kworker/0… | |||
| CVE-2024-49878 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: resource: fix region_intersects() vs add_memory_driver_managed() On a system with CXL memory, the resource tree (/proc/iomem) rel… | |||
| CVE-2024-36880 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: add missing firmware sanity checks Add the missing sanity checks when parsing the firmware files before downloadi… | |||
| CVE-2024-56604 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() bt_sock_alloc() attaches allocated sk object to the p… | |||
| CVE-2024-47835 | medium | — | 5.5 | 1y ago | Moderate: gstreamer1-plugins-base security update | |||
| CVE-2024-57843 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: virtio-net: fix overflow inside virtnet_rq_alloc When the frag just got a page, then may lead to regression on VM. Specially if t… | |||
| CVE-2024-57852 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: smc: Handle missing SCM device Commit ca61d6836e6f ("firmware: qcom: scm: fix a NULL-pointer dereference") m… | |||
| CVE-2024-57940 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: exfat: fix the infinite loop in exfat_readdir() If the file system is corrupted so that a cluster is linked to itself in the clus… | |||
| CVE-2024-12747 | medium | — | 5.5 | 1y ago | Moderate: rsync security update | |||
| CVE-2024-58005 | medium | 5.5 | 5.5 | 1y ago | Important: kernel security update | |||
| CVE-2024-41062 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: bluetooth/l2cap: sync sock recv cb and release The problem occurs between the system call to close the sock and hci_rx_work, wher… | |||
| CVE-2024-27398 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout When the sco connection is established and then, the sco socket is … | |||
| CVE-2024-52005 | medium | — | 5.5 | 1y ago | RHSA-2025:8414: git security update (Moderate) | |||
| CVE-2024-43823 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: PCI: keystone: Fix NULL pointer dereference in case of DT error in ks_pcie_setup_rc_app_regs() If IORESOURCE_MEM is not provided … | |||
| CVE-2024-50014 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: fix access to uninitialised lock in fc replay path The following kernel trace can be triggered with fstest generic/629 when… | |||
| CVE-2024-45775 | medium | — | 5.5 | 1y ago | Moderate: grub2 security update | |||
| CVE-2024-4453 | medium | — | 5.5 | 1y ago | RHSA-2024:9056: gstreamer1-plugins-base security update (Moderate) | |||
| CVE-2024-47668 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() If we need to increase the tree depth, allocate a new node, and… | |||
| CVE-2024-35934 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net/smc: reduce rtnl pressure in smc_pnet_create_pnetids_list() Many syzbot reports show extreme rtnl pressure, and many of them … | |||
| CVE-2024-35933 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel: Fix null ptr deref in btintel_read_version If hci_cmd_sync_complete() is triggered and skb is NULL, then hdev… | |||
| CVE-2024-53105 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: mm: page_alloc: move mlocked flag clearance into free_pages_prepare() Syzbot reported a bad page state problem caused by a page b… | |||
| CVE-2024-42265 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: protect the fetch of ->fd[fd] in do_dup2() from mispredictions both callers have verified that fd is not greater than ->max_fds; … | |||
| CVE-2024-47748 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: vhost_vdpa: assign irq bypass producer token correctly We used to call irq_bypass_unregister_producer() in vhost_vdpa_setup_vq_ir… | |||
| CVE-2024-49856 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: x86/sgx: Fix deadlock in SGX NUMA node search When the current node doesn't have an EPC section configured by firmware and all ot… | |||
| CVE-2024-49861 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix helper writes to read-only maps Lonial found an issue that despite user- and BPF-side frozen BPF map (like in case of .r… | |||
| CVE-2024-49870 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix dentry leak in cachefiles_open_file() A dentry leak may be caused when a lookup cookie and a cull are concurrent:… | |||
| CVE-2024-49927 | medium | — | 5.5 | 1y ago | Linux kernel (BlueField) vulnerabilities | |||
| CVE-2024-49939 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: avoid to add interface to list twice when SER If SER L2 occurs during the WoWLAN resume flow, the add interface flow… | |||
| CVE-2024-49950 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix uaf in l2cap_connect [Syzbot reported] BUG: KASAN: slab-use-after-free in l2cap_connect.constprop.0+0x10d8/… | |||
| CVE-2024-50058 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: serial: protect uart_port_dtr_rts() in uart_shutdown() too Commit af224ca2df29 (serial: core: Prevent unsafe uart port access, pa… | |||
| CVE-2024-50073 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: Fix use-after-free in gsm_cleanup_mux BUG: KASAN: slab-use-after-free in gsm_cleanup_mux+0x77b/0x7b0 drivers/tty/n_gs… | |||
| CVE-2024-50081 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: blk-mq: setup queue ->tag_set before initializing hctx Commit 7b815817aa58 ("blk-mq: add helper for checking if one CPU is mapped… | |||
| CVE-2024-36968 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init() l2cap_le_flowctl_init() can cause both div-by-zero and an integer ov… | |||
| CVE-2024-50199 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: mm/swapfile: skip HugeTLB pages for unuse_vma I got a bad pud error and lost a 1GB HugeTLB when calling swapoff. The problem can… | |||
| CVE-2024-50216 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: xfs: fix finding a last resort AG in xfs_filestream_pick_ag When the main loop in xfs_filestream_pick_ag fails to find a suitable… | |||
| CVE-2024-53044 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_api: fix xa_insert() error path in tcf_block_get_ext() This command: $ tc qdisc replace dev eth0 ingress_block 1 … | |||
| CVE-2024-53161 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: EDAC/bluefield: Fix potential integer overflow The 64-bit argument for the "get DIMM info" SMC call consists of mem_ctrl_idx left… | |||
| CVE-2024-53173 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: NFSv4.0: Fix a use-after-free problem in the asynchronous open() Yang Erkun reports that when two threads are opening files at th… | |||
| CVE-2024-53174 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: SUNRPC: make sure cache entry active before cache_show The function `c_show` was called with protection from RCU. This only ensur… | |||
| CVE-2024-53194 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: PCI: Fix use-after-free of slot->bus on hot remove Dennis reports a boot crash on recent Lenovo laptops with a USB4 dock. Since … | |||
| CVE-2024-53208 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix slab-use-after-free Read in set_powered_sync This fixes the following crash: ==============================… | |||
| CVE-2024-56591 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_conn: Use disable_delayed_work_sync This makes use of disable_delayed_work_sync instead cancel_delayed_work_sync a… | |||
| CVE-2024-57931 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: selinux: ignore unknown extended permissions When evaluating extended permissions, ignore unknown permissions instead of calling … | |||
| CVE-2024-57888 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: workqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from !WQ_MEM_RECLAIM worker After commit 746ae46c1113 ("drm/sched: Mar… | |||
| CVE-2024-50117 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd: Guard against bad data for ATIF ACPI method If a BIOS provides bad data in response to an ATIF method call this causes a… | |||
| CVE-2024-57879 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: iso: Always release hdev at the end of iso_listen_bis Since hci_get_route holds the device before returning, the hdev … | |||
| CVE-2024-50271 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: signal: restore the override_rlimit logic Prior to commit d64696905554 ("Reimplement RLIMIT_SIGPENDING on top of ucounts") UCOUNT… | |||
| CVE-2024-46951 | medium | — | 5.5 | 1y ago | RHSA-2025:4362: ghostscript security update (Moderate) | |||
| CVE-2024-49904 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add list empty check to avoid null pointer issue Add list empty check to avoid null pointer issues in some corner cas… | |||
| CVE-2024-46954 | medium | — | 5.5 | 1y ago | RHSA-2025:4362: ghostscript security update (Moderate) | |||
| CVE-2024-50272 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: filemap: Fix bounds checking in filemap_read() If the caller supplies an iocb->ki_pos value that is close to the filesystem upper… |