CVEs from 2024
Total
6,606
critical
critical 174
high
high 1,069
medium
medium 2,083
low
low 49
% Critical
2.6%
% with KEV
2.5%
% with exploit
3.4%
Top products
- mbed_tls 15
- operations_analytics_log_analysis 14
- surveillance_station 12
- checkmk 10
- office 8
- profilegrid 8
- office_long_term_servicing_channel 6
- propertyhive 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-35910 | medium | 5.8 | 5.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tcp: properly terminate timers for kernel sockets We had various syzbot reports about tcp timers firing after the corresponding n… | |||
| CVE-2024-32587 | medium | 5.8 | 5.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EnvialoSimple EnvíaloSimple allows Reflected XSS.This issue affects EnvíaloSimple: from n/a throu… | |||
| CVE-2024-32547 | medium | 5.8 | 5.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Max Bond Code Insert Manager (Q2W3 Inc Manager) allows Reflected XSS.This issue affects Code Inse… | |||
| CVE-2024-31122 | medium | 5.8 | 5.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Prism IT Systems User Rights Access Manager allows Reflected XSS.This issue affects User Rights A… | |||
| CVE-2024-36894 | medium | 5.6 | 5.6 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete FFS based applications can utilize the aio_cancel() cal… | |||
| CVE-2024-33655 | medium | — | 5.5 | 18d ago | Moderate: unbound security update | |||
| CVE-2024-51394 | medium | 5.5 | 5.5 | 23d ago | Buffer Overflow vulnerability in Ardupiot Copter Latest commit 92693e023793133e49a035daf37c14433e484778 allows a local attacker to cause a denial of service via the AP_MSP::loop, AP_MSP, AP_MSP.cpp c… | |||
| CVE-2024-26766 | medium | — | 5.5 | 4mo ago | In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix sdma.h tx->num_descs off-by-one error Unfortunately the commit `fd8958efe877` introduced another error causing the `… | |||
| CVE-2024-56603 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-53241 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-56690 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-53229 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-53216 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-54456 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-58088 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-53680 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-56662 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-45777 | medium | — | 5.5 | 7mo ago | Moderate: grub2 security update | |||
| CVE-2024-53135 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-56675 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-56645 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57986 | medium | 5.5 | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-50195 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57993 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57989 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57990 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-56739 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57998 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57995 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57981 | medium | 5.5 | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-56786 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57987 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-56709 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57988 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-58077 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-47727 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-53052 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-53119 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-49864 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-58015 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-58075 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-52332 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-46689 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-50060 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-50294 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-58068 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-58012 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-53090 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-58057 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-58083 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-58062 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-47679 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-53170 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-49570 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-13176 | medium | — | 5.5 | 9mo ago | Moderate: mysql:8.4 security update | |||
| CVE-2024-36357 | medium | — | 5.5 | 9mo ago | Moderate: kernel security update | |||
| CVE-2024-47252 | medium | — | 5.5 | 9mo ago | Insufficient escaping of user-supplied data in mod_ssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. … | |||
| CVE-2024-36350 | medium | — | 5.5 | 10mo ago | Moderate: kernel security update | |||
| CVE-2024-47081 | medium | — | 5.5 | 10mo ago | RHSA-2025:14999: resource-agents security update (Moderate) | |||
| CVE-2024-57980 | medium | — | 5.5 | 10mo ago | Moderate: kernel security update | |||
| CVE-2024-52615 | medium | — | 5.5 | 11mo ago | Moderate: avahi security update | |||
| CVE-2024-13175 | medium | 5.5 | 5.5 | 11mo ago | Authorization Bypass Through User-Controlled Key vulnerability in Vidco Software VOC TESTER allows Forceful Browsing. This issue affects VOC TESTER: before 12.41.0. | |||
| CVE-2024-50379 | medium | — | 5.5 | 11mo ago | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file systems when the default servlet is enabled for write (… | |||
| CVE-2024-23337 | medium | — | 5.5 | 11mo ago | jq is a command-line JSON processor. In versions up to and including 1.7.1, an integer overflow arises when assigning value using an index of 2147483647, the signed integer limit. This causes a denia… | |||
| CVE-2024-54661 | medium | — | 5.5 | 11mo ago | readline.sh in socat before1.8.0.2 relies on the /tmp/$USER/stderr2 file. | |||
| CVE-2024-53064 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: idpf: fix idpf_vc_core_init error path In an event where the platform running the device control plane is rebooted, reset is dete… | |||
| CVE-2024-45332 | medium | — | 5.5 | 1y ago | RHSA-2025:10991: microcode_ctl security update (Moderate) | |||
| CVE-2024-43420 | medium | — | 5.5 | 1y ago | RHSA-2025:10991: microcode_ctl security update (Moderate) | |||
| CVE-2024-58099 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: vmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame Andrew and Nikolay reported connectivity issues with Cilium's service lo… | |||
| CVE-2024-45783 | medium | — | 5.5 | 1y ago | Moderate: grub2 security update | |||
| CVE-2024-56760 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: PCI/MSI: Handle lack of irqdomain gracefully Alexandre observed a warning emitted from pci_msi_setup_msi_irqs() on a RISCV platfo… | |||
| CVE-2024-57852 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: smc: Handle missing SCM device Commit ca61d6836e6f ("firmware: qcom: scm: fix a NULL-pointer dereference") m… | |||
| CVE-2024-56663 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: fix NL80211_ATTR_MLO_LINK_ID off-by-one Since the netlink attribute range validation provides inclusive checking, … | |||
| CVE-2024-56601 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inet_create() sock_init_data() attaches the allocated sk object to the provided … | |||
| CVE-2024-56591 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_conn: Use disable_delayed_work_sync This makes use of disable_delayed_work_sync instead cancel_delayed_work_sync a… | |||
| CVE-2024-56551 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix usage slab after free [ +0.000021] BUG: KASAN: slab-use-after-free in drm_sched_entity_flush+0x6cb/0x7a0 [gpu_sc… | |||
| CVE-2024-47543 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been discovered in qtdemux_parse_container function within qtdemux.c. In the parent function… | |||
| CVE-2024-53136 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: mm: revert "mm: shmem: fix data-race in shmem_getattr()" Revert d949d1d14fa2 ("mm: shmem: fix data-race in shmem_getattr()") as s… | |||
| CVE-2024-53146 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent a potential integer overflow If the tag length is >= U32_MAX - 3 then the "length + 4" addition can result in an in… | |||
| CVE-2024-43914 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: md/raid5: avoid BUG_ON() while continue reshape after reassembling Currently, mdadm support --revert-reshape to abort the reshape… | |||
| CVE-2024-35964 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix not validating setsockopt user input Check user input length before copying data. | |||
| CVE-2024-47541 | medium | — | 5.5 | 1y ago | Moderate: gstreamer1-plugins-base security update | |||
| CVE-2024-58009 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc A NULL sock pointer is passed into l2cap_sock_alloc() when it is c… | |||
| CVE-2024-50200 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: maple_tree: correct tree corruption on spanning store Patch series "maple_tree: correct tree corruption on spanning store", v3. … | |||
| CVE-2024-47700 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: check stripe size compatibility on remount as well We disable stripe size in __ext4_fill_super if it is not a multiple of t… | |||
| CVE-2024-50024 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net: Fix an unsafe loop on the list The kernel may crash when deleting a genetlink family if there are still listeners for that f… | |||
| CVE-2024-50067 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: uprobe: avoid out-of-bounds memory access of fetching args Uprobe needs to fetch args into a percpu buffer, and then copy to ring… | |||
| CVE-2024-45776 | medium | — | 5.5 | 1y ago | Moderate: grub2 security update | |||
| CVE-2024-39500 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: sock_map: avoid race between sock_map_close and sk_psock_put sk_psock_get will return NULL if the refcount of psock has gone to 0… | |||
| CVE-2024-50008 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext() Replace one-element array with a flexib… | |||
| CVE-2024-47546 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in extract_cc_from_data function within qtdemux.c. In the FOURCC_c708 case, the sub… | |||
| CVE-2024-49904 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add list empty check to avoid null pointer issue Add list empty check to avoid null pointer issues in some corner cas… | |||
| CVE-2024-49886 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: platform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug Attaching SST PCI device to VM causes "BUG: KASAN: slab-out-of-bo… | |||
| CVE-2024-47719 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: iommufd: Protect against overflow of ALIGN() during iova allocation Userspace can supply an iova and uptr such that the target io… | |||
| CVE-2024-49974 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: NFSD: Limit the number of concurrent async COPY operations Nothing appears to limit the number of concurrent async COPY operation… | |||
| CVE-2024-56757 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: mediatek: add intf release flow when usb disconnect MediaTek claim an special usb intr interface for ISO data t… | |||
| CVE-2024-47596 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in the qtdemux_parse_svq3_stsd_data function within qtdemux.c. In the FOURCC_SMI_ case, se… | |||
| CVE-2024-43846 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: lib: objagg: Fix general protection fault The library supports aggregation of objects into other objects only if the parent objec… | |||
| CVE-2024-47601 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gst_matroska_demux_parse_blockgroup_or_simpleblock fun… | |||
| CVE-2024-46820 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vcn: remove irq disabling in vcn 5 suspend We do not directly enable/disable VCN IRQ in vcn 5.0.0. And we do not handl… |