CVEs from 2024
Total
6,606
critical
critical 174
high
high 1,069
medium
medium 2,083
low
low 49
% Critical
2.6%
% with KEV
2.5%
% with exploit
3.4%
Top products
- mbed_tls 15
- operations_analytics_log_analysis 14
- surveillance_station 12
- checkmk 10
- office 8
- profilegrid 8
- office_long_term_servicing_channel 6
- propertyhive 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-35910 | medium | 5.8 | 5.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tcp: properly terminate timers for kernel sockets We had various syzbot reports about tcp timers firing after the corresponding n… | |||
| CVE-2024-32587 | medium | 5.8 | 5.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EnvialoSimple EnvíaloSimple allows Reflected XSS.This issue affects EnvíaloSimple: from n/a throu… | |||
| CVE-2024-32547 | medium | 5.8 | 5.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Max Bond Code Insert Manager (Q2W3 Inc Manager) allows Reflected XSS.This issue affects Code Inse… | |||
| CVE-2024-31122 | medium | 5.8 | 5.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Prism IT Systems User Rights Access Manager allows Reflected XSS.This issue affects User Rights A… | |||
| CVE-2024-36894 | medium | 5.6 | 5.6 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete FFS based applications can utilize the aio_cancel() cal… | |||
| CVE-2024-33655 | medium | — | 5.5 | 18d ago | Moderate: unbound security update | |||
| CVE-2024-51394 | medium | 5.5 | 5.5 | 24d ago | Buffer Overflow vulnerability in Ardupiot Copter Latest commit 92693e023793133e49a035daf37c14433e484778 allows a local attacker to cause a denial of service via the AP_MSP::loop, AP_MSP, AP_MSP.cpp c… | |||
| CVE-2024-26766 | medium | — | 5.5 | 4mo ago | In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix sdma.h tx->num_descs off-by-one error Unfortunately the commit `fd8958efe877` introduced another error causing the `… | |||
| CVE-2024-45777 | medium | — | 5.5 | 7mo ago | Moderate: grub2 security update | |||
| CVE-2024-52332 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-53119 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-58077 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-50060 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-53170 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-53135 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-58068 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-58083 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57989 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-47679 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57987 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-50294 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57998 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-56675 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-53229 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-58075 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-58015 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-56645 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-58012 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-56690 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-56662 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-49864 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-58057 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-58062 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-58088 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57990 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-56786 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57993 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-50195 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57995 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-53216 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-47727 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-53052 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-53241 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-53090 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-54456 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-46689 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-56603 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-56709 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57986 | medium | 5.5 | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-49570 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-56739 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-53680 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57988 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57981 | medium | 5.5 | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-13176 | medium | — | 5.5 | 9mo ago | Moderate: mysql:8.4 security update | |||
| CVE-2024-36357 | medium | — | 5.5 | 9mo ago | Moderate: kernel security update | |||
| CVE-2024-47252 | medium | — | 5.5 | 9mo ago | Insufficient escaping of user-supplied data in mod_ssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. … | |||
| CVE-2024-36350 | medium | — | 5.5 | 10mo ago | Moderate: kernel security update | |||
| CVE-2024-47081 | medium | — | 5.5 | 10mo ago | RHSA-2025:14999: resource-agents security update (Moderate) | |||
| CVE-2024-57980 | medium | — | 5.5 | 10mo ago | Moderate: kernel security update | |||
| CVE-2024-52615 | medium | — | 5.5 | 11mo ago | Moderate: avahi security update | |||
| CVE-2024-13175 | medium | 5.5 | 5.5 | 11mo ago | Authorization Bypass Through User-Controlled Key vulnerability in Vidco Software VOC TESTER allows Forceful Browsing. This issue affects VOC TESTER: before 12.41.0. | |||
| CVE-2024-50379 | medium | — | 5.5 | 11mo ago | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file systems when the default servlet is enabled for write (… | |||
| CVE-2024-23337 | medium | — | 5.5 | 11mo ago | jq is a command-line JSON processor. In versions up to and including 1.7.1, an integer overflow arises when assigning value using an index of 2147483647, the signed integer limit. This causes a denia… | |||
| CVE-2024-54661 | medium | — | 5.5 | 11mo ago | readline.sh in socat before1.8.0.2 relies on the /tmp/$USER/stderr2 file. | |||
| CVE-2024-53064 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: idpf: fix idpf_vc_core_init error path In an event where the platform running the device control plane is rebooted, reset is dete… | |||
| CVE-2024-43420 | medium | — | 5.5 | 1y ago | RHSA-2025:10991: microcode_ctl security update (Moderate) | |||
| CVE-2024-45332 | medium | — | 5.5 | 1y ago | RHSA-2025:10991: microcode_ctl security update (Moderate) | |||
| CVE-2024-56614 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: xsk: fix OOB map writes when deleting elements Jordy says: " In the xsk_map_delete_elem function an unsigned integer (map->max_e… | |||
| CVE-2024-56827 | medium | — | 5.5 | 1y ago | Moderate: openjpeg2 security update | |||
| CVE-2024-56826 | medium | — | 5.5 | 1y ago | Moderate: openjpeg2 security update | |||
| CVE-2024-43898 | medium | — | 5.5 | 1y ago | RHSA-2025:6966: kernel security update (Moderate) | |||
| CVE-2024-0444 | medium | — | 5.5 | 1y ago | Moderate: gstreamer1, gstreamer1-plugins-bad-free, gstreamer1-plugins-ugly-free, and gstreamer1-rtsp-server security update | |||
| CVE-2024-49954 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: static_call: Replace pointless WARN_ON() in static_call_module_notify() static_call_module_notify() triggers a WARN_ON(), when me… | |||
| CVE-2024-56642 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free of kernel socket in cleanup_bearer(). syzkaller reported a use-after-free of UDP kernel socket in cleanu… | |||
| CVE-2024-58009 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc A NULL sock pointer is passed into l2cap_sock_alloc() when it is c… | |||
| CVE-2024-46750 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: PCI: Add missing bridge lock to pci_bus_lock() One of the true positives that the cfg_access_lock lockdep effort identified is th… | |||
| CVE-2024-57890 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Prevent integer overflow issue In the expression "cmd.wqe_size * cmd.wr_count", both variables are u32 values that c… | |||
| CVE-2024-47700 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: check stripe size compatibility on remount as well We disable stripe size in __ext4_fill_super if it is not a multiple of t… | |||
| CVE-2024-57852 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: smc: Handle missing SCM device Commit ca61d6836e6f ("firmware: qcom: scm: fix a NULL-pointer dereference") m… | |||
| CVE-2024-53095 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free of network namespace. Recently, we got a customer report that CIFS triggers oops while reconnecti… | |||
| CVE-2024-57843 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: virtio-net: fix overflow inside virtnet_rq_alloc When the frag just got a page, then may lead to regression on VM. Specially if t… | |||
| CVE-2024-53237 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix use-after-free in device_for_each_child() Syzbot has reported the following KASAN splat: BUG: KASAN: slab-use-aft… | |||
| CVE-2024-50082 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race We're seeing crashes from rq_qos_wake_function that look like … | |||
| CVE-2024-47835 | medium | — | 5.5 | 1y ago | Moderate: gstreamer1-plugins-base security update | |||
| CVE-2024-44952 | medium | — | 5.5 | 1y ago | RHSA-2025:6966: kernel security update (Moderate) | |||
| CVE-2024-56644 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net/ipv6: release expired exception dst cached in socket Dst objects get leaked in ip6_negative_advice() when this function is ex… | |||
| CVE-2024-56693 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: brd: defer automatic disk creation until module initialization succeeds My colleague Wupeng found the following problems during f… | |||
| CVE-2024-42321 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net: flow_dissector: use DEBUG_NET_WARN_ON_ONCE The following splat is easy to reproduce upstream as well as in -stable kernels. … | |||
| CVE-2024-49995 | medium | — | 5.5 | 1y ago | RHSA-2025:6966: kernel security update (Moderate) | |||
| CVE-2024-58064 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: tests: Fix potential NULL dereference in test_cfg80211_parse_colocated_ap() kunit_kzalloc() may return NULL, dere… | |||
| CVE-2024-50228 | medium | — | 5.5 | 1y ago | RHSA-2025:6966: kernel security update (Moderate) | |||
| CVE-2024-12087 | medium | — | 5.5 | 1y ago | Moderate: rsync security update | |||
| CVE-2024-54680 | medium | — | 5.5 | 1y ago | RHSA-2025:6966: kernel security update (Moderate) | |||
| CVE-2024-56604 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() bt_sock_alloc() attaches allocated sk object to the p… | |||
| CVE-2024-45776 | medium | — | 5.5 | 1y ago | Moderate: grub2 security update | |||
| CVE-2024-50200 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: maple_tree: correct tree corruption on spanning store Patch series "maple_tree: correct tree corruption on spanning store", v3. … | |||
| CVE-2024-49875 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: nfsd: map the EBADMSG to nfserr_io to avoid warning Ext4 will throw -EBADMSG through ext4_readdir when a checksum error occurs, r… | |||
| CVE-2024-56601 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inet_create() sock_init_data() attaches the allocated sk object to the provided … | |||
| CVE-2024-57903 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net: restrict SO_REUSEPORT to inet sockets After blamed commit, crypto sockets could accidentally be destroyed from RCU call back… |