CVEs from 2024
Total
6,626
critical
critical 166
high
high 1,074
medium
medium 2,065
low
low 49
% Critical
2.5%
% with KEV
2.5%
% with exploit
3.4%
Top products
- surveillance_station 12
- checkmk 10
- profilegrid 8
- office 8
- office_long_term_servicing_channel 6
- propertyhive 5
- glibc 5
- element_pack 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-45026 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: s390/dasd: fix error recovery leading to data corruption on ESE devices Extent Space Efficient (ESE) or thin provisioned volumes … | |||
| CVE-2024-27022 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: fork: defer linking file vma until vma is fully initialized Thorvald reported a WARNING [1]. And the root cause is below race: … | |||
| CVE-2024-26929 | high | — | 8.0 | 2y ago | RHSA-2024:5101: kernel security update (Important) | |||
| CVE-2024-26769 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: nvmet-fc: avoid deadlock on delete association path When deleting an association the shutdown path is deadlocking because we try … | |||
| CVE-2024-38601 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix a race between readers and resize checks The reader code in rb_get_reader_page() swaps a new reader page into th… | |||
| CVE-2024-26595 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in error path When calling mlxsw_sp_acl_tcam_region_destroy() from an erro… | |||
| CVE-2024-41035 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor Syzbot has identified a bug in usbcore (see the… | |||
| CVE-2024-41071 | high | — | 8.0 | 2y ago | RHSA-2024:7429: kpatch-patch-4_18_0-553 and kpatch-patch-4_18_0-553_16_1 security update (Important) | |||
| CVE-2024-26665 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tunnels: fix out of bounds access when building IPv6 PMTU error If the ICMPv6 error is built from a non-linear skb we get the fol… | |||
| CVE-2024-36016 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix possible out-of-bounds in gsm0_receive() Assuming the following: - side A configures the n_gsm in basic option mo… | |||
| CVE-2024-26930 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix double free of the ha->vp_map pointer Coverity scan reported potential risk of double free of the pointer ha->… | |||
| CVE-2024-26931 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix command flush on cable pull System crash due to command failed to flush back to SCSI layer. BUG: unable to h… | |||
| CVE-2024-41023 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: sched/deadline: Fix task_struct reference leak During the execution of the following stress test with linux-rt: stress-ng --cycl… | |||
| CVE-2024-38573 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: cppc_cpufreq: Fix possible null pointer dereference cppc_cpufreq_get_rate() and hisi_cppc_cpufreq_get_rate() can be called from d… | |||
| CVE-2024-42246 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net, sunrpc: Remap EPERM in case of connection failure in xs_tcp_setup_socket When using a BPF program on kernel_connect(), the c… | |||
| CVE-2024-42225 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: replace skb_put with skb_put_zero Avoid potentially reusing uninitialized data | |||
| CVE-2024-26739 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/sched: act_mirred: don't override retval if we already lost the skb If we're redirecting the skb, and haven't called tcf_mirr… | |||
| CVE-2024-38570 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix potential glock use-after-free on unmount When a DLM lockspace is released and there ares still locks in that lockspace… | |||
| CVE-2024-41097 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: usb: atm: cxacru: fix endpoint checking in cxacru_bind() Syzbot is still reporting quite an old issue [1] that occurs due to inco… | |||
| CVE-2024-38562 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: Avoid address calculations via out of bounds array indexing Before request->channels[] can be used, request->n_cha… | |||
| CVE-2024-26991 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: x86: Don't overflow lpage_info when checking attributes Fix KVM_SET_MEMORY_ATTRIBUTES to not overflow lpage_info ar… | |||
| CVE-2024-26947 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ARM: 9359/1: flush: check if the folio is reserved for no-mapping addresses Since commit a4d5613c4dc6 ("arm: extend pfn_valid to … | |||
| CVE-2024-34155 | high | — | 8.0 | 2y ago | RHSA-2024:8038: container-tools:rhel8 security update (Important) | |||
| CVE-2024-34158 | high | — | 8.0 | 2y ago | RHSA-2024:8038: container-tools:rhel8 security update (Important) | |||
| CVE-2024-45770 | high | — | 8.0 | 2y ago | RHSA-2024:6837: pcp security update (Important) | |||
| CVE-2024-45769 | high | — | 8.0 | 2y ago | RHSA-2024:6837: pcp security update (Important) | |||
| CVE-2024-7652 | high | — | 8.0 | 2y ago | An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash. This vulnerability affe… | |||
| CVE-2024-8381 | high | — | 8.0 | 2y ago | A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the `with` environment. This vulnerability affects Firefox < 130, Firefox ESR < … | |||
| CVE-2024-8394 | high | — | 8.0 | 2y ago | RHSA-2024:6684: thunderbird security update (Important) | |||
| CVE-2024-8384 | high | — | 8.0 | 2y ago | The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were detected at the right point between two passes. This could have led to memory corruption. This vulner… | |||
| CVE-2024-8386 | high | — | 8.0 | 2y ago | If a site had been granted the permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack. This vulnerability affects Firefox < 130… | |||
| CVE-2024-8387 | high | — | 8.0 | 2y ago | Memory safety bugs present in Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could… | |||
| CVE-2024-8385 | high | — | 8.0 | 2y ago | A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability. This vulnerability affects Firefox < 130, Firefox ESR < 128.2… | |||
| CVE-2024-8383 | high | — | 8.0 | 2y ago | Firefox normally asks for confirmation before asking the operating system to find an application to handle a scheme that the browser does not support. It did not ask before doing so for the Usenet-re… | |||
| CVE-2024-8382 | high | — | 8.0 | 2y ago | Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to… | |||
| CVE-2024-41040 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix UAF when resolving a clash KASAN reports the following UAF: BUG: KASAN: slab-use-after-free in tcf_ct_flow_table… | |||
| CVE-2024-41073 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: nvme: avoid double free special payload If a discard request needs to be retried, and that retry may fail before a new special pa… | |||
| CVE-2024-41055 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mm: prevent derefencing NULL ptr in pfn_section_valid() Commit 5ec8e8ea8b77 ("mm/sparsemem: fix race in accessing memory_section-… | |||
| CVE-2024-42131 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mm: avoid overflows in dirty throttling logic The dirty throttling logic is interspersed with assumptions that dirty limits in PA… | |||
| CVE-2024-36979 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: fix vlan use-after-free syzbot reported a suspicious rcu usage[1] in bridge's mst code. While fixing it I notic… | |||
| CVE-2024-36000 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix missing hugetlb_lock for resv uncharge There is a recent report on UFFDIO_COPY over hugetlb: https://lore.kernel… | |||
| CVE-2024-40927 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: xhci: Handle TD clearing for multiple streams case When multiple streams are in use, multiple TDs might be in flight when an endp… | |||
| CVE-2024-36883 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: fix out-of-bounds access in ops_init net_alloc_generic is called by net_alloc, which is called without any locking. It reads… | |||
| CVE-2024-41044 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ppp: reject claimed-as-LCP but actually malformed packets Since 'ppp_async_encode()' assumes valid LCP packets (with code from 1 … | |||
| CVE-2024-26720 | high | — | 8.0 | 2y ago | RHSA-2024:7001: kernel-rt security update (Important) | |||
| CVE-2024-42472 | high | — | 8.0 | 2y ago | RHSA-2024:6422: bubblewrap and flatpak security update (Important) | |||
| CVE-2024-6104 | high | — | 8.0 | 2y ago | RHSA-2024:5258: container-tools:rhel8 security update (Important) | |||
| CVE-2024-37298 | high | — | 8.0 | 2y ago | RHSA-2024:5258: container-tools:rhel8 security update (Important) | |||
| CVE-2024-41041 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port(). syzkaller triggered the warning [0] in udp_v4_early_demux(). In udp_v[46]_… | |||
| CVE-2024-41076 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix memory leak in nfs4_set_security_label We leak nfs_fattr and nfs4_label every time we set a security xattr. | |||
| CVE-2024-36003 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ice: fix LAG and VF lock dependency in ice_reset_vf() 9f74a3dfcf83 ("ice: Fix VF Reset paths when interface in a failed over aggr… | |||
| CVE-2024-7348 | high | — | 8.0 | 2y ago | RHSA-2024:6018: postgresql:13 security update (Important) | |||
| CVE-2024-42110 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: ntb_netdev: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() The following is emitted when using idxd (DSA)… | |||
| CVE-2024-26908 | high | — | 8.0 | 2y ago | RHSA-2024:5101: kernel security update (Important) | |||
| CVE-2024-41091 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tun: add missing verification for short frame The cited commit missed to check against the validity of the frame length in the tu… | |||
| CVE-2024-41090 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tap: add missing verification for short frame The cited commit missed to check against the validity of the frame length in the ta… | |||
| CVE-2024-40911 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Lock wiphy in cfg80211_get_station Wiphy should be locked before calling rdev_get_station() (see lockdep assert i… | |||
| CVE-2024-36025 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() The app_reply->elem[] array is allocated earlier in this function and it… | |||
| CVE-2024-39476 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING Xiao reported that lvm2 test lvconvert-raid-ta… | |||
| CVE-2024-27016 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: validate pppoe header Ensure there is sufficient room to access the protocol field of the PPPoe header. Val… | |||
| CVE-2024-38544 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt In rxe_comp_queue_pkt() an incoming response packet skb is enqueued to the resp_pkt… | |||
| CVE-2024-40957 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: seg6: fix parameter passing when calling NF_HOOK() in End.DX4 and End.DX6 behaviors input_action_end_dx4() and input_action_end_d… | |||
| CVE-2024-27019 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() nft_unregister_obj() can concurrent with __nft_obj_type_get… | |||
| CVE-2024-27415 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: confirm multicast packets before passing them up the stack conntrack nf_confirm logic cannot handle cloned skb… | |||
| CVE-2024-26668 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_limit: reject configurations that cause integer overflow Reject bogus configs where internal token counter wraps a… | |||
| CVE-2024-26581 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip end interval element from gc rbtree lazy gc on insert might collect an end interval element that … | |||
| CVE-2024-40914 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mm/huge_memory: don't unpoison huge_zero_folio When I did memory failure tests recently, below panic occurs: kernel BUG at incl… | |||
| CVE-2024-40939 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: Fix tainted pointer delete is case of region creation fail In case of region creation fail in ipc_devlink_create… | |||
| CVE-2024-40929 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: check n_ssids before accessing the ssids In some versions of cfg80211, the ssids poinet might be a valid one … | |||
| CVE-2024-38538 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: bridge: xmit: make sure we have at least eth header len bytes syzbot triggered an uninit value[1] error in bridge device's x… | |||
| CVE-2024-4317 | high | — | 8.0 | 2y ago | RHSA-2024:6001: postgresql:15 security update (Important) | |||
| CVE-2024-42152 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a possible leak when destroy a ctrl during qp establishment In nvmet_sq_destroy we capture sq->ctrl early and if it is… | |||
| CVE-2024-38286 | high | — | 8.0 | 2y ago | Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M20, from 10.1.0-M1 through 10.1.24, from 9.0.13 … | |||
| CVE-2024-34750 | high | — | 8.0 | 2y ago | Improper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did not handle some cases of excessive HTTP hea… | |||
| CVE-2024-6221 | high | — | 8.0 | 2y ago | A vulnerability in corydolphin/flask-cors up to version 4.0.1 allows the `Access-Control-Allow-Private-Network` CORS header to be set to true by default, without any configuration option. This behavi… | |||
| CVE-2024-35852 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash work The rehash delayed work is rescheduled with a delay if the n… | |||
| CVE-2024-35848 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: eeprom: at24: fix memory corruption race condition If the eeprom is not accessible, an nvmem device will be registered, the read … | |||
| CVE-2024-26828 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: cifs: fix underflow in parse_server_interfaces() In this loop, we step through the buffer and after each item we check if the siz… | |||
| CVE-2024-6345 | high | — | 8.0 | 2y ago | Important: python-setuptools security update | |||
| CVE-2024-27049 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925e: fix use-after-free in free_irq() From commit a304e1b82808 ("[PATCH] Debug shared irqs"), there is a test to … | |||
| CVE-2024-26853 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: igc: avoid returning frame twice in XDP_REDIRECT When a frame can not be transmitted in XDP_REDIRECT (e.g. due to a full queue), … | |||
| CVE-2024-26808 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain Remove netdevice from inet/ingress basechain in … | |||
| CVE-2024-7518 | high | — | 8.0 | 2y ago | Select options could obscure the fullscreen notification dialog. This could be used by a malicious site to perform a spoofing attack. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, an… | |||
| CVE-2024-7519 | high | — | 8.0 | 2y ago | Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be leveraged by an attacker to perform a sandbox escape. This vulnerability affects Firefox … | |||
| CVE-2024-21823 | high | — | 8.0 | 2y ago | Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors may allow an authorized user to potentially enable escalati… | |||
| CVE-2024-40954 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It is possible to trigger a use-after-free by: * attaching … | |||
| CVE-2024-1737 | high | — | 8.0 | 2y ago | RHSA-2024:5524: bind security update (Important) | |||
| CVE-2024-35911 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ice: fix memory corruption bug with suspend and rebuild The ice driver would previously panic after suspend. This is caused from … | |||
| CVE-2024-36903 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix potential uninit-value access in __ip6_make_skb() As it was done in commit fc1092f51567 ("ipv4: Fix uninit-value access… | |||
| CVE-2024-26600 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP If the external phy working together with phy-omap-usb2 does not imp… | |||
| CVE-2024-37353 | high | — | 8.0 | 2y ago | Important: kernel security update | |||
| CVE-2024-26868 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: nfs: fix panic when nfs4_ff_layout_prepare_ds() fails We've been seeing the following panic in production BUG: kernel NULL point… | |||
| CVE-2024-7524 | high | — | 8.0 | 2y ago | Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker a… | |||
| CVE-2024-7522 | high | — | 8.0 | 2y ago | Editor code failed to check an attribute value. This could have led to an out-of-bounds read. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1,… | |||
| CVE-2024-7521 | high | — | 8.0 | 2y ago | Incomplete WebAssembly exception handing could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird … | |||
| CVE-2024-36921 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: guard against invalid STA ID on removal Guard against invalid station IDs in iwl_mvm_mld_rm_sta_id as that wo… | |||
| CVE-2024-36941 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: don't free NULL coalescing rule If the parsing fails, we can dereference a NULL pointer here. | |||
| CVE-2024-38391 | high | — | 8.0 | 2y ago | Important: kernel security update | |||
| CVE-2024-7520 | high | — | 8.0 | 2y ago | A type confusion bug in WebAssembly could be leveraged by an attacker to potentially achieve code execution. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1. | |||
| CVE-2024-39487 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() In function bond_option_arp_ip_targets_set(), if newval->stri… |