CVEs from 2024
Total
6,597
critical
critical 174
high
high 1,069
medium
medium 2,083
low
low 49
% Critical
2.6%
% with KEV
2.5%
% with exploit
3.4%
Top products
- mbed_tls 15
- operations_analytics_log_analysis 14
- surveillance_station 12
- checkmk 10
- office 8
- profilegrid 8
- office_long_term_servicing_channel 6
- propertyhive 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-35910 | medium | 5.8 | 5.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tcp: properly terminate timers for kernel sockets We had various syzbot reports about tcp timers firing after the corresponding n… | |||
| CVE-2024-32587 | medium | 5.8 | 5.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EnvialoSimple EnvíaloSimple allows Reflected XSS.This issue affects EnvíaloSimple: from n/a throu… | |||
| CVE-2024-32547 | medium | 5.8 | 5.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Max Bond Code Insert Manager (Q2W3 Inc Manager) allows Reflected XSS.This issue affects Code Inse… | |||
| CVE-2024-31122 | medium | 5.8 | 5.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Prism IT Systems User Rights Access Manager allows Reflected XSS.This issue affects User Rights A… | |||
| CVE-2024-36894 | medium | 5.6 | 5.6 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete FFS based applications can utilize the aio_cancel() cal… | |||
| CVE-2024-33655 | medium | — | 5.5 | 18d ago | Moderate: unbound security update | |||
| CVE-2024-51394 | medium | 5.5 | 5.5 | 24d ago | Buffer Overflow vulnerability in Ardupiot Copter Latest commit 92693e023793133e49a035daf37c14433e484778 allows a local attacker to cause a denial of service via the AP_MSP::loop, AP_MSP, AP_MSP.cpp c… | |||
| CVE-2024-26766 | medium | — | 5.5 | 4mo ago | In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix sdma.h tx->num_descs off-by-one error Unfortunately the commit `fd8958efe877` introduced another error causing the `… | |||
| CVE-2024-52332 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57993 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-53680 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57998 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-58075 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-56645 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-54456 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-53052 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57990 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-58088 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-58083 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57995 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-58012 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57987 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-56662 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-50060 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-47727 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57989 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-50195 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-49570 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-45777 | medium | — | 5.5 | 7mo ago | Moderate: grub2 security update | |||
| CVE-2024-58068 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-56786 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57981 | medium | 5.5 | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-50294 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57988 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-47679 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-53241 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-46689 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57986 | medium | 5.5 | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-49864 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-56603 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-58057 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-56675 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-53119 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-56690 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-58062 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-56709 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-53135 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-53229 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-56739 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-53216 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-58015 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-58077 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-53090 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-53170 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-13176 | medium | — | 5.5 | 9mo ago | Moderate: mysql:8.4 security update | |||
| CVE-2024-36357 | medium | — | 5.5 | 9mo ago | Moderate: kernel security update | |||
| CVE-2024-47252 | medium | — | 5.5 | 9mo ago | Insufficient escaping of user-supplied data in mod_ssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. … | |||
| CVE-2024-36350 | medium | — | 5.5 | 10mo ago | Moderate: kernel security update | |||
| CVE-2024-47081 | medium | — | 5.5 | 10mo ago | RHSA-2025:14999: resource-agents security update (Moderate) | |||
| CVE-2024-57980 | medium | — | 5.5 | 10mo ago | Moderate: kernel security update | |||
| CVE-2024-52615 | medium | — | 5.5 | 11mo ago | Moderate: avahi security update | |||
| CVE-2024-13175 | medium | 5.5 | 5.5 | 11mo ago | Authorization Bypass Through User-Controlled Key vulnerability in Vidco Software VOC TESTER allows Forceful Browsing. This issue affects VOC TESTER: before 12.41.0. | |||
| CVE-2024-50379 | medium | — | 5.5 | 11mo ago | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file systems when the default servlet is enabled for write (… | |||
| CVE-2024-23337 | medium | — | 5.5 | 11mo ago | jq is a command-line JSON processor. In versions up to and including 1.7.1, an integer overflow arises when assigning value using an index of 2147483647, the signed integer limit. This causes a denia… | |||
| CVE-2024-54661 | medium | — | 5.5 | 11mo ago | readline.sh in socat before1.8.0.2 relies on the /tmp/$USER/stderr2 file. | |||
| CVE-2024-53064 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: idpf: fix idpf_vc_core_init error path In an event where the platform running the device control plane is rebooted, reset is dete… | |||
| CVE-2024-45332 | medium | — | 5.5 | 1y ago | RHSA-2025:10991: microcode_ctl security update (Moderate) | |||
| CVE-2024-43420 | medium | — | 5.5 | 1y ago | RHSA-2025:10991: microcode_ctl security update (Moderate) | |||
| CVE-2024-27008 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: drm: nv04: Fix out of bounds access When Output Resource (dcb->or) value is assigned in fabricate_dcb_output(), there may be out … | |||
| CVE-2024-49993 | medium | — | 5.5 | 1y ago | RHSA-2025:6966: kernel security update (Moderate) | |||
| CVE-2024-57903 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net: restrict SO_REUSEPORT to inet sockets After blamed commit, crypto sockets could accidentally be destroyed from RCU call back… | |||
| CVE-2024-56783 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_socket: remove WARN_ON_ONCE on maximum cgroup level cgroup maximum depth is INT_MAX by default, there is a cgroup … | |||
| CVE-2024-53072 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/pmc: Detect when STB is not available Loading the amd_pmc module as: amd_pmc enable_stb=1 ...can result in… | |||
| CVE-2024-56760 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: PCI/MSI: Handle lack of irqdomain gracefully Alexandre observed a warning emitted from pci_msi_setup_msi_irqs() on a RISCV platfo… | |||
| CVE-2024-56729 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: smb: Initialize cfid->tcon before performing network ops Avoid leaking a tcon ref when a lease break races with opening the cache… | |||
| CVE-2024-8418 | medium | — | 5.5 | 1y ago | A flaw was found in Aardvark-dns, which is vulnerable to a Denial of Service attack due to the serial processing of TCP DNS queries. An attacker can exploit this flaw by keeping a TCP connection open… | |||
| CVE-2024-56590 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: Fix not checking skb length on hci_acldata_packet This fixes not checking if skb really contains an ACL head… | |||
| CVE-2024-57898 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: clear link ID from bitmap during link delete after clean up Currently, during link deletion, the link ID is first… | |||
| CVE-2024-53082 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: virtio_net: Add hash_key_length check Add hash_key_length check in virtnet_probe() to avoid possible out of bound errors when set… | |||
| CVE-2024-56644 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net/ipv6: release expired exception dst cached in socket Dst objects get leaked in ip6_negative_advice() when this function is ex… | |||
| CVE-2024-57894 | medium | — | 5.5 | 1y ago | RHSA-2025:6966: kernel security update (Moderate) | |||
| CVE-2024-45774 | medium | — | 5.5 | 1y ago | Moderate: grub2 security update | |||
| CVE-2024-49967 | medium | — | 5.5 | 1y ago | RHSA-2025:6966: kernel security update (Moderate) | |||
| CVE-2024-42265 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: protect the fetch of ->fd[fd] in do_dup2() from mispredictions both callers have verified that fd is not greater than ->max_fds; … | |||
| CVE-2024-44952 | medium | — | 5.5 | 1y ago | RHSA-2025:6966: kernel security update (Moderate) | |||
| CVE-2024-56602 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() sock_init_data() attaches the allocated sk object to t… | |||
| CVE-2024-53142 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: initramfs: avoid filename buffer overrun The initramfs filename field is defined in Documentation/driver-api/early-userspace/buff… | |||
| CVE-2024-47710 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: sock_map: Add a cond_resched() in sock_hash_free() Several syzbot soft lockup reports all have in common sock_hash_free() If a m… | |||
| CVE-2024-53096 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: mm: resolve faulty mmap_region() error path behaviour The mmap_region() function is somewhat terrifying, with spaghetti-like cont… | |||
| CVE-2024-53224 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Move events notifier registration to be after device registration Move pkey change work initialization and cleanup fro… | |||
| CVE-2024-56757 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: mediatek: add intf release flow when usb disconnect MediaTek claim an special usb intr interface for ISO data t… | |||
| CVE-2024-47834 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. An Use-After-Free read vulnerability has been discovered affecting the processing of CodecPrivate elements in Matroska str… | |||
| CVE-2024-47778 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been discovered in gst_wavparse_adtl_chunk within gstwavparse.c. This vulnerability arises d… | |||
| CVE-2024-47777 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been identified in the gst_wavparse_smpl_chunk function within gstwavparse.c. This function … | |||
| CVE-2024-47597 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been detected in the function qtdemux_parse_samples within qtdemux.c. This issue arises when the function … | |||
| CVE-2024-57809 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: PCI: imx6: Fix suspend/resume support on i.MX6QDL The suspend/resume functionality is currently broken on the i.MX6QDL platform, … | |||
| CVE-2024-47546 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in extract_cc_from_data function within qtdemux.c. In the FOURCC_c708 case, the sub… | |||
| CVE-2024-47545 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in qtdemux_parse_trak function within qtdemux.c. During the strf parsing case, the … | |||
| CVE-2024-47601 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gst_matroska_demux_parse_blockgroup_or_simpleblock fun… | |||
| CVE-2024-47544 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. The function qtdemux_parse_sbgp in qtdemux.c is affected by a null dereference vulnerability. This vulnerability is fixed … |