CVEs from 2024
Total
6,632
critical
critical 166
high
high 1,073
medium
medium 2,066
low
low 49
% Critical
2.5%
% with KEV
2.5%
% with exploit
3.4%
Top products
- surveillance_station 12
- checkmk 10
- profilegrid 8
- office 8
- office_long_term_servicing_channel 6
- propertyhive 5
- glibc 5
- element_pack 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-31344 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Phpbits Creative Studio Easy Login Styler – White Label Admin Login Page for WordPress allows Sto… | |||
| CVE-2024-31102 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scimone Ignazio Prenotazioni allows Stored XSS.This issue affects Prenotazioni: from n/a through … | |||
| CVE-2024-31089 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Techblissonline.Com (Rajesh) Platinum SEO allows Stored XSS.This issue affects Platinum SEO: from… | |||
| CVE-2024-30554 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wouter Dijkstra DD Rating allows Stored XSS.This issue affects DD Rating: from n/a through 1.7.1. | |||
| CVE-2024-30553 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Joby Joseph WP Twitter Mega Fan Box Widget allows Stored XSS.This issue affects WP Twitter Mega F… | |||
| CVE-2024-30548 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Noah Kagan underConstruction allows Stored XSS.This issue affects underConstruction: from n/a thr… | |||
| CVE-2024-30440 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themify Themify Event Post allows Stored XSS.This issue affects Themify Event Post: from n/a thro… | |||
| CVE-2024-30434 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP-CRM System allows Stored XSS.This issue affects WP-CRM System: from n/a through 3.2.9. | |||
| CVE-2024-30452 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PluginOps Landing Page Builder allows Stored XSS.This issue affects Landing Page Builder: from n/… | |||
| CVE-2024-30448 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Supsystic Slider by Supsystic allows Stored XSS.This issue affects Slider by Supsystic: from n/a … | |||
| CVE-2024-30444 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in zionbuilder.Io WordPress Page Builder – Zion Builder allows Stored XSS.This issue affects WordPre… | |||
| CVE-2024-29768 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brainstorm Force Astra allows Stored XSS.This issue affects Astra: from n/a through 4.6.4. | |||
| CVE-2024-30181 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Plainware Locatoraid Store Locator allows Stored XSS.This issue affects Locatoraid Store Locator:… | |||
| CVE-2024-29818 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Poll Maker & Voting Plugin Team (InfoTheme) WP Poll Maker allows Stored XSS.This issue affects WP… | |||
| CVE-2024-29816 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in htdat Woo Viet allows Stored XSS.This issue affects Woo Viet: from n/a through 1.5.2. | |||
| CVE-2024-29815 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aminur Islam WP Change Email Sender allows Stored XSS.This issue affects WP Change Email Sender: … | |||
| CVE-2024-29813 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CartFlows Inc. Funnel Builder by CartFlows allows Stored XSS.This issue affects Funnel Builder by… | |||
| CVE-2024-29819 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Syam Mohan WPFront Notification Bar allows Stored XSS.This issue affects WPFront Notification Bar… | |||
| CVE-2024-29929 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WC Lovers WCFM – Frontend Manager for WooCommerce allows Stored XSS.This issue affects WCFM – Fro… | |||
| CVE-2024-29922 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Quantum Cloud Slider Hero allows Stored XSS.This issue affects Slider Hero: from n/a through 8.6.… | |||
| CVE-2024-2579 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Data443 Tracking Code Manager.This issue affects Tracking Code Manager: from n/a through 2.0.16. | |||
| CVE-2024-29105 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Timersys WP Popups allows Stored XSS.This issue affects WP Popups: from n/a through 2.1.5.5. | |||
| CVE-2024-29124 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AAM Advanced Access Manager allows Stored XSS.This issue affects Advanced Access Manager: from n/… | |||
| CVE-2024-29140 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Matt Manning MJM Clinic allows Stored XSS.This issue affects MJM Clinic: from n/a through 1.1.22. | |||
| CVE-2024-35910 | medium | 5.8 | 5.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tcp: properly terminate timers for kernel sockets We had various syzbot reports about tcp timers firing after the corresponding n… | |||
| CVE-2024-32587 | medium | 5.8 | 5.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EnvialoSimple EnvíaloSimple allows Reflected XSS.This issue affects EnvíaloSimple: from n/a throu… | |||
| CVE-2024-32547 | medium | 5.8 | 5.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Max Bond Code Insert Manager (Q2W3 Inc Manager) allows Reflected XSS.This issue affects Code Inse… | |||
| CVE-2024-31122 | medium | 5.8 | 5.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Prism IT Systems User Rights Access Manager allows Reflected XSS.This issue affects User Rights A… | |||
| CVE-2024-36894 | medium | 5.6 | 5.6 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete FFS based applications can utilize the aio_cancel() cal… | |||
| CVE-2024-33655 | medium | — | 5.5 | 16d ago | Moderate: unbound security update | |||
| CVE-2024-51394 | medium | 5.5 | 5.5 | 22d ago | Buffer Overflow vulnerability in Ardupiot Copter Latest commit 92693e023793133e49a035daf37c14433e484778 allows a local attacker to cause a denial of service via the AP_MSP::loop, AP_MSP, AP_MSP.cpp c… | |||
| CVE-2024-26766 | medium | — | 5.5 | 4mo ago | In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix sdma.h tx->num_descs off-by-one error Unfortunately the commit `fd8958efe877` introduced another error causing the `… | |||
| CVE-2024-58083 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() Explicitly verify the target vCPU is fully online _prior_ to clamp… | |||
| CVE-2024-53170 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: block: fix uaf for flush rq while iterating tags blk_mq_clear_flush_rq_mapping() is not called during scsi probe, by checking blk… | |||
| CVE-2024-58088 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix deadlock when freeing cgroup storage The following commit bc235cdb423a ("bpf: Prevent deadlock from recursive bpf_task_s… | |||
| CVE-2024-56709 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: io_uring: check if iowq is killed before queuing task work can be executed after the task has gone through io_uring termination, … | |||
| CVE-2024-53241 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercall page for doing the iret hyperc… | |||
| CVE-2024-58068 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: OPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized If a driver calls dev_pm_opp_find_bw_ceil/floor() the retrie… | |||
| CVE-2024-53135 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN Hide KVM's pt_mode module param behind CONFIG_BROKE… | |||
| CVE-2024-56690 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Call crypto layer directly when padata_do_parallel() return -EBUSY Since commit 8f4f68e788c3 ("crypto: pcrypt - … | |||
| CVE-2024-58062 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: avoid NULL pointer dereference When iterating over the links of a vif, we need to make sure that the pointer … | |||
| CVE-2024-58057 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: idpf: convert workqueues to unbound When a workqueue is created with `WQ_UNBOUND`, its work items are served by special worker-po… | |||
| CVE-2024-53680 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() Under certain kernel configurations when building with Cl… | |||
| CVE-2024-58015 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix for out-of bound access error Selfgen stats are placed in a buffer using print_array_to_buf_index() function. A… | |||
| CVE-2024-53052 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: io_uring/rw: fix missing NOWAIT check for O_DIRECT start write When io_uring starts a write, it'll call kiocb_start_write() to bu… | |||
| CVE-2024-49570 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: drm/xe/tracing: Fix a potential TP_printk UAF The commit afd2627f727b ("tracing: Check "%s" dereference via the field and not the… | |||
| CVE-2024-58012 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params Each cpu DAI should associate with a widget. However, the top… | |||
| CVE-2024-56675 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors Uprobes always use bpf_prog_run_array_uprobe() under tasks-trace-RCU… | |||
| CVE-2024-57995 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix read pointer after free in ath12k_mac_assign_vif_to_vdev() In ath12k_mac_assign_vif_to_vdev(), if arvif is crea… | |||
| CVE-2024-53090 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: afs: Fix lock recursion afs_wake_up_async_call() can incur lock recursion. The problem is that it is called from AF_RXRPC whilst… | |||
| CVE-2024-47727 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Fix "in-kernel MMIO" check TDX only supports kernel-initiated MMIO operations. The handle_mmio() function checks if the … | |||
| CVE-2024-47679 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: vfs: fix race between evice_inodes() and find_inode()&iput() Hi, all Recently I noticed a bug[1] in btrfs, after digged it into … | |||
| CVE-2024-57993 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: HID: hid-thrustmaster: Fix warning in thrustmaster_probe by adding endpoint check syzbot has found a type mismatch between a USB … | |||
| CVE-2024-57990 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: fix off by one in mt7925_load_clc() This comparison should be >= instead of > to prevent an out of bounds rea… | |||
| CVE-2024-57989 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: fix NULL deref check in mt7925_change_vif_links In mt7925_change_vif_links() devm_kzalloc() may return NULL b… | |||
| CVE-2024-57988 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btbcm: Fix NULL deref in btbcm_get_board_name() devm_kstrdup() can return a NULL pointer on failure,but this returned … | |||
| CVE-2024-54456 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: NFS: Fix potential buffer overflowin nfs_sysfs_link_rpc_client() name is char[64] where the size of clnt->cl_program->name remain… | |||
| CVE-2024-57987 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btrtl: check for NULL in btrtl_setup_realtek() If insert an USB dongle which chip is not maintained in ic_id_table, it… | |||
| CVE-2024-49864 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix a race between socket set up and I/O thread creation In rxrpc_open_socket(), it sets up the socket and then sets up th… | |||
| CVE-2024-56645 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939_session_new(): fix skb reference counting Since j1939_session_skb_queue() does an extra skb_get() for each new … | |||
| CVE-2024-52332 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: igb: Fix potential invalid memory access in igb_init_module() The pci_register_driver() can fail and when this happened, the dca_… | |||
| CVE-2024-46689 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: soc: qcom: cmd-db: Map shared memory as WC, not WB Linux does not write into cmd-db region. This region of memory is write protec… | |||
| CVE-2024-57986 | medium | 5.5 | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: HID: core: Fix assumption that Resolution Multipliers must be in Logical Collections A report in 2019 by the syzbot fuzzer was fo… | |||
| CVE-2024-58077 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-pcm: don't use soc_pcm_ret() on .prepare callback commit 1f5664351410 ("ASoC: lower "no backend DAIs enabled for ... Po… | |||
| CVE-2024-56739 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: rtc: check if __rtc_read_time was successful in rtc_timer_do_work() If the __rtc_read_time call fails,, the struct rtc_time tm; m… | |||
| CVE-2024-53119 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: virtio/vsock: Fix accept_queue memory leak As the final stages of socket destruction may be delayed, it is possible that virtio_t… | |||
| CVE-2024-57981 | medium | 5.5 | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix NULL pointer dereference on certain command aborts If a command is queued to the final usable TRB of a ring segmen… | |||
| CVE-2024-57998 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: OPP: add index check to assert to avoid buffer overflow in _read_freq() Pass the freq index to the assert function to make sure w… | |||
| CVE-2024-56603 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: net: af_can: do not leave a dangling sk pointer in can_create() On error can_create() frees the allocated sk object, but sock_ini… | |||
| CVE-2024-50294 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix missing locking causing hanging calls If a call gets aborted (e.g. because kafs saw a signal) between it being queued … | |||
| CVE-2024-56662 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl Fix an issue detected by syzbot with KASAN: BUG: KASAN: vmalloc-out-of-b… | |||
| CVE-2024-56786 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-58075 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: crypto: tegra - do not transfer req when tegra init fails The tegra_cmac_init or tegra_sha_init function may return an error when… | |||
| CVE-2024-50195 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: posix-clock: Fix missing timespec64 check in pc_clock_settime() As Andrew pointed out, it will make sense that the PTP core check… | |||
| CVE-2024-45777 | medium | — | 5.5 | 7mo ago | Moderate: grub2 security update | |||
| CVE-2024-50060 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: io_uring: check if we need to reschedule during overflow flush In terms of normal application usage, this list will always be emp… | |||
| CVE-2024-53216 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: nfsd: release svc_expkey/svc_export with rcu_work The last reference for `cache_head` can be reduced to zero in `c_show` and `e_s… | |||
| CVE-2024-53229 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix the qp flush warnings in req When the qp is in error state, the status of WQEs in the queue should be set to error.… | |||
| CVE-2024-13176 | medium | — | 5.5 | 9mo ago | Moderate: mysql:8.4 security update | |||
| CVE-2024-36357 | medium | — | 5.5 | 9mo ago | A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged bounda… | |||
| CVE-2024-47252 | medium | — | 5.5 | 9mo ago | Insufficient escaping of user-supplied data in mod_ssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. … | |||
| CVE-2024-36350 | medium | — | 5.5 | 10mo ago | A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. | |||
| CVE-2024-47081 | medium | — | 5.5 | 10mo ago | RHSA-2025:14999: resource-agents security update (Moderate) | |||
| CVE-2024-57980 | medium | — | 5.5 | 10mo ago | In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix double free in error path If the uvc_status_init() function fails to allocate the int_urb, it will free the … | |||
| CVE-2024-52615 | medium | — | 5.5 | 11mo ago | Moderate: avahi security update | |||
| CVE-2024-13175 | medium | 5.5 | 5.5 | 11mo ago | Authorization Bypass Through User-Controlled Key vulnerability in Vidco Software VOC TESTER allows Forceful Browsing. This issue affects VOC TESTER: before 12.41.0. | |||
| CVE-2024-50379 | medium | — | 5.5 | 11mo ago | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file systems when the default servlet is enabled for write (… | |||
| CVE-2024-23337 | medium | — | 5.5 | 11mo ago | jq is a command-line JSON processor. In versions up to and including 1.7.1, an integer overflow arises when assigning value using an index of 2147483647, the signed integer limit. This causes a denia… | |||
| CVE-2024-54661 | medium | — | 5.5 | 11mo ago | readline.sh in socat before1.8.0.2 relies on the /tmp/$USER/stderr2 file. | |||
| CVE-2024-53064 | medium | — | 5.5 | 11mo ago | In the Linux kernel, the following vulnerability has been resolved: idpf: fix idpf_vc_core_init error path In an event where the platform running the device control plane is rebooted, reset is dete… | |||
| CVE-2024-43420 | medium | — | 5.5 | 1y ago | RHSA-2025:10991: microcode_ctl security update (Moderate) | |||
| CVE-2024-45332 | medium | — | 5.5 | 1y ago | RHSA-2025:10991: microcode_ctl security update (Moderate) | |||
| CVE-2024-28956 | medium | — | 5.5 | 1y ago | Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information dis… | |||
| CVE-2024-47710 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: sock_map: Add a cond_resched() in sock_hash_free() Several syzbot soft lockup reports all have in common sock_hash_free() If a m… | |||
| CVE-2024-47748 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: vhost_vdpa: assign irq bypass producer token correctly We used to call irq_bypass_unregister_producer() in vhost_vdpa_setup_vq_ir… | |||
| CVE-2024-36880 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: add missing firmware sanity checks Add the missing sanity checks when parsing the firmware files before downloadi… | |||
| CVE-2024-49856 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: x86/sgx: Fix deadlock in SGX NUMA node search When the current node doesn't have an EPC section configured by firmware and all ot… | |||
| CVE-2024-50191 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: don't set SB_RDONLY after filesystem errors When the filesystem is mounted with errors=remount-ro, we were setting SB_RDONL… | |||
| CVE-2024-53160 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: rcu/kvfree: Fix data-race in __mod_timer / kvfree_call_rcu KCSAN reports a data race when access the krcp->monitor_work.timer.exp… | |||
| CVE-2024-47776 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in gst_wavparse_cue_chunk within gstwavparse.c. The vulnerability happens due to a discrep… |