CVEs from 2024
Total
6,597
critical
critical 174
high
high 1,069
medium
medium 2,083
low
low 49
% Critical
2.6%
% with KEV
2.5%
% with exploit
3.4%
Top products
- mbed_tls 15
- operations_analytics_log_analysis 14
- surveillance_station 12
- checkmk 10
- office 8
- profilegrid 8
- office_long_term_servicing_channel 6
- propertyhive 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-49569 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: unquiesce admin_q before destroy it Kernel will hang on destroy admin_q while we create ctrl failed, such as following… | |||
| CVE-2024-50107 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: platform/x86/intel/pmc: Fix pmc_core_iounmap to call iounmap for valid addresses Commit 50c6dbdfd16e ("x86/ioremap: Improve iounm… | |||
| CVE-2024-45775 | medium | — | 5.5 | 1y ago | Moderate: grub2 security update | |||
| CVE-2024-48873 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: check return value of ieee80211_probereq_get() for RNR The return value of ieee80211_probereq_get() might be NULL, s… | |||
| CVE-2024-56600 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net: inet6: do not leave a dangling sk pointer in inet6_create() sock_init_data() attaches the allocated sk pointer to the provid… | |||
| CVE-2024-56602 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() sock_init_data() attaches the allocated sk object to t… | |||
| CVE-2024-56605 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() bt_sock_alloc() allocates the sk object and at… | |||
| CVE-2024-56611 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix migrate_to_node() assuming there is at least one VMA in a MM We currently assume that there is at least one VMA… | |||
| CVE-2024-56616 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: drm/dp_mst: Fix MST sideband message body length check Fix the MST sideband message body length check, which must be at least 1 b… | |||
| CVE-2024-41010 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix too early release of tcx_entry Pedro Pinto and later independently also Hyunwoo Kim and Wongi Lee reported an issue that… | |||
| CVE-2024-47739 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: padata: use integer wrap around to prevent deadlock on seq_nr overflow When submitting more than 2^32 padata objects to padata_do… | |||
| CVE-2024-47738 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't use rate mask for offchannel TX either Like the commit ab9177d83c04 ("wifi: mac80211: don't use rate mask f… | |||
| CVE-2024-47737 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: nfsd: call cache_put if xdr_reserve_space returns NULL If not enough buffer space available, but idmap_lookup has triggered looku… | |||
| CVE-2024-53095 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free of network namespace. Recently, we got a customer report that CIFS triggers oops while reconnecti… | |||
| CVE-2024-47706 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible UAF for bfqq->bic with merge chain 1) initial state, three tasks: Process 1 Process 2 Process 3… | |||
| CVE-2024-47703 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: bpf, lsm: Add check for BPF LSM return value A bpf prog returning a positive number attached to file_alloc_security hook makes ke… | |||
| CVE-2024-44934 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net: bridge: mcast: wait for previous gc cycles when removing port syzbot hit a use-after-free[1] which is caused because the bri… | |||
| CVE-2024-44931 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: gpio: prevent potential speculation leaks in gpio_device_get_desc() Userspace may trigger a speculative read of an address outsid… | |||
| CVE-2024-56664 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix race between element replace and close() Element replace (with a socket different from the one stored) may race… | |||
| CVE-2024-43914 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: md/raid5: avoid BUG_ON() while continue reshape after reassembling Currently, mdadm support --revert-reshape to abort the reshape… | |||
| CVE-2024-44932 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: idpf: fix UAFs when destroying the queues The second tagged commit started sometimes (very rarely, but possible) throwing WARNs f… | |||
| CVE-2024-46839 | medium | — | 5.5 | 1y ago | RHSA-2025:6966: kernel security update (Moderate) | |||
| CVE-2024-43884 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Add error handling to pair_device() hci_conn_params_add() never checks for a NULL value and could lead to a NULL… | |||
| CVE-2024-53237 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix use-after-free in device_for_each_child() Syzbot has reported the following KASAN splat: BUG: KASAN: slab-use-aft… | |||
| CVE-2024-35195 | medium | — | 5.5 | 1y ago | RHSA-2025:0012: python-requests security update (Moderate) | |||
| CVE-2024-46952 | medium | — | 5.5 | 1y ago | RHSA-2025:4362: ghostscript security update (Moderate) | |||
| CVE-2024-46953 | medium | — | 5.5 | 1y ago | RHSA-2025:4362: ghostscript security update (Moderate) | |||
| CVE-2024-46956 | medium | — | 5.5 | 1y ago | RHSA-2025:4362: ghostscript security update (Moderate) | |||
| CVE-2024-42294 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: block: fix deadlock between sd_remove & sd_release Our test report the following hung task: [ 2538.459400] INFO: task "kworker/0… | |||
| CVE-2024-50047 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption (large read) crashes with a slab-use-after-free way down in th… | |||
| CVE-2024-43873 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: vhost/vsock: always initialize seqpacket_allow There are two issues around seqpacket_allow: 1. seqpacket_allow is not initialized… | |||
| CVE-2024-53105 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: mm: page_alloc: move mlocked flag clearance into free_pages_prepare() Syzbot reported a bad page state problem caused by a page b… | |||
| CVE-2024-43889 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: padata: Fix possible divide-by-0 panic in padata_mt_helper() We are hit with a not easily reproducible divide-by-0 panic in padat… | |||
| CVE-2024-50082 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race We're seeing crashes from rq_qos_wake_function that look like … | |||
| CVE-2024-43853 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Prevent UAF in proc_cpuset_show() An UAF can happen when /proc/cpuset is read as reported in [1]. This can be rep… | |||
| CVE-2024-49993 | medium | — | 5.5 | 1y ago | RHSA-2025:6966: kernel security update (Moderate) | |||
| CVE-2024-47541 | medium | — | 5.5 | 1y ago | Moderate: gstreamer1-plugins-base security update | |||
| CVE-2024-49875 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: nfsd: map the EBADMSG to nfserr_io to avoid warning Ext4 will throw -EBADMSG through ext4_readdir when a checksum error occurs, r… | |||
| CVE-2024-46807 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/amdgpu: Check tbo resource pointer Validate tbo resource pointer, skip if NULL | |||
| CVE-2024-46806 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix the warning division or modulo by zero Checks the partition mode and returns an error for an invalid mode. | |||
| CVE-2024-46756 | medium | — | 5.5 | 1y ago | RHSA-2025:6966: kernel security update (Moderate) | |||
| CVE-2024-49886 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: platform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug Attaching SST PCI device to VM causes "BUG: KASAN: slab-out-of-bo… | |||
| CVE-2024-49904 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add list empty check to avoid null pointer issue Add list empty check to avoid null pointer issues in some corner cas… | |||
| CVE-2024-50008 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext() Replace one-element array with a flexib… | |||
| CVE-2024-50013 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: exfat: fix memory leak in exfat_load_bitmap() If the first directory entry in the root directory is not a bitmap directory entry,… | |||
| CVE-2024-50024 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net: Fix an unsafe loop on the list The kernel may crash when deleting a genetlink family if there are still listeners for that f… | |||
| CVE-2024-50038 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: avoid NFPROTO_UNSPEC where needed syzbot managed to call xt_cluster match via ebtables: WARNING: CPU: 0 PID… | |||
| CVE-2024-50199 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: mm/swapfile: skip HugeTLB pages for unuse_vma I got a bad pud error and lost a 1GB HugeTLB when calling swapoff. The problem can… | |||
| CVE-2024-50216 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: xfs: fix finding a last resort AG in xfs_filestream_pick_ag When the main loop in xfs_filestream_pick_ag fails to find a suitable… | |||
| CVE-2024-53044 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_api: fix xa_insert() error path in tcf_block_get_ext() This command: $ tc qdisc replace dev eth0 ingress_block 1 … | |||
| CVE-2024-45774 | medium | — | 5.5 | 1y ago | Moderate: grub2 security update | |||
| CVE-2024-53232 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: iommu/s390: Implement blocking domain This fixes a crash when surprise hot-unplugging a PCI device. This crash happens because du… | |||
| CVE-2024-56644 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net/ipv6: release expired exception dst cached in socket Dst objects get leaked in ip6_negative_advice() when this function is ex… | |||
| CVE-2024-57890 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Prevent integer overflow issue In the expression "cmd.wqe_size * cmd.wr_count", both variables are u32 values that c… | |||
| CVE-2024-47597 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been detected in the function qtdemux_parse_samples within qtdemux.c. This issue arises when the function … | |||
| CVE-2024-47598 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been discovered in the qtdemux_merge_sample_table function within qtdemux.c. The problem is … | |||
| CVE-2024-47599 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gst_jpeg_dec_negotiate function in gstjpegdec.c. This … | |||
| CVE-2024-47603 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gst_matroska_demux_update_tracks function within matro… | |||
| CVE-2024-35978 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix memory leak in hci_req_sync_complete() In 'hci_req_sync_complete()', always free the previous sync request state b… | |||
| CVE-2024-36013 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix slab-use-after-free in l2cap_connect() Extend a critical section to prevent chan from early freeing. Also m… | |||
| CVE-2024-36011 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: HCI: Fix potential null-ptr-deref Fix potential null-ptr-deref in hci_le_big_sync_established_evt(). | |||
| CVE-2024-49954 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: static_call: Replace pointless WARN_ON() in static_call_module_notify() static_call_module_notify() triggers a WARN_ON(), when me… | |||
| CVE-2024-56826 | medium | — | 5.5 | 1y ago | Moderate: openjpeg2 security update | |||
| CVE-2024-52949 | medium | — | 5.5 | 1y ago | Moderate: iptraf-ng security update | |||
| CVE-2024-44975 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: fix panic caused by partcmd_update We find a bug as below: BUG: unable to handle page fault for address: 00000003 … | |||
| CVE-2024-43898 | medium | — | 5.5 | 1y ago | RHSA-2025:6966: kernel security update (Moderate) | |||
| CVE-2024-50219 | medium | — | 5.5 | 1y ago | RHSA-2025:6966: kernel security update (Moderate) | |||
| CVE-2024-49938 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit Syzbot points out that skb_trim() has a sanity check on… | |||
| CVE-2024-8418 | medium | — | 5.5 | 1y ago | A flaw was found in Aardvark-dns, which is vulnerable to a Denial of Service attack due to the serial processing of TCP DNS queries. An attacker can exploit this flaw by keeping a TCP connection open… | |||
| CVE-2024-50046 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies() On the node of an NFS client, some files saved in the mountpoi… | |||
| CVE-2024-56642 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free of kernel socket in cleanup_bearer(). syzkaller reported a use-after-free of UDP kernel socket in cleanu… | |||
| CVE-2024-53681 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: nvmet: Don't overflow subsysnqn nvmet_root_discovery_nqn_store treats the subsysnqn string like a fixed size buffer, even though … | |||
| CVE-2024-53222 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: zram: fix NULL pointer in comp_algorithm_show() LTP reported a NULL pointer dereference as followed: CPU: 7 UID: 0 PID: 5995 Co… | |||
| CVE-2024-53203 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential array underflow in ucsi_ccg_sync_control() The "command" variable can be controlled by the user via deb… | |||
| CVE-2024-53093 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: nvme-multipath: defer partition scanning We need to suppress the partition scan from occuring within the controller's scan_work c… | |||
| CVE-2024-50256 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() I got a syzbot report without a repro [1] crashing in nf_send_… | |||
| CVE-2024-10224 | medium | — | 5.5 | 1y ago | Moderate: perl-Module-ScanDeps security update | |||
| CVE-2024-53176 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: smb: During unmount, ensure all cached dir instances drop their dentry The unmount process (cifs_kill_sb() calling close_all_cach… | |||
| CVE-2024-56654 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Fix using rcu_read_(un)lock while iterating The usage of rcu_read_(un)lock while inside list_for_each_entry… | |||
| CVE-2024-53164 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch->q.qlen around qdisc_tree_reduce_backlog() need to happen _before_ a c… | |||
| CVE-2024-53156 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() I found the following bug in my fuzzer: UBSAN: array-i… | |||
| CVE-2024-53152 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: PCI: tegra194: Move controller cleanups to pex_ep_event_pex_rst_deassert() Currently, the endpoint cleanup function dw_pcie_ep_cl… | |||
| CVE-2024-53146 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent a potential integer overflow If the tag length is >= U32_MAX - 3 then the "length + 4" addition can result in an in… | |||
| CVE-2024-53136 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: mm: revert "mm: shmem: fix data-race in shmem_getattr()" Revert d949d1d14fa2 ("mm: shmem: fix data-race in shmem_getattr()") as s… | |||
| CVE-2024-53120 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: CT: Fix null-ptr-deref in add rule err flow In error flow of mlx5_tc_ct_entry_add_rule(), in case ct_rule_add() callba… | |||
| CVE-2024-53118 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: vsock: Fix sk_error_queue memory leak Kernel queues MSG_ZEROCOPY completion notifications on the error queue. Where they remain, … | |||
| CVE-2024-43846 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: lib: objagg: Fix general protection fault The library supports aggregation of objects into other objects only if the parent objec… | |||
| CVE-2024-49995 | medium | — | 5.5 | 1y ago | RHSA-2025:6966: kernel security update (Moderate) | |||
| CVE-2024-53117 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: virtio/vsock: Improve MSG_ZEROCOPY error handling Add a missing kfree_skb() to prevent memory leaks. | |||
| CVE-2024-50271 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: signal: restore the override_rlimit logic Prior to commit d64696905554 ("Reimplement RLIMIT_SIGPENDING on top of ucounts") UCOUNT… | |||
| CVE-2024-50237 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower Avoid potentially crashing in the driver because of unini… | |||
| CVE-2024-50236 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: Fix memory leak in management tx In the current logic, memory is allocated for storing the MSDU context during mana… | |||
| CVE-2024-50215 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: nvmet-auth: assign dh_key to NULL after kfree_sensitive ctrl->dh_key might be used across multiple calls to nvmet_setup_dhgroup()… | |||
| CVE-2024-50228 | medium | — | 5.5 | 1y ago | RHSA-2025:6966: kernel security update (Moderate) | |||
| CVE-2024-50201 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Fix encoder->possible_clones Include the encoder itself in its possible_clones bitmask. In the past nothing validated… | |||
| CVE-2024-50191 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: don't set SB_RDONLY after filesystem errors When the filesystem is mounted with errors=remount-ro, we were setting SB_RDONL… | |||
| CVE-2024-50189 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: HID: amd_sfh: Switch to device-managed dmam_alloc_coherent() Using the device-managed version allows to simplify clean-up in prob… | |||
| CVE-2024-50197 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: pinctrl: intel: platform: fix error path in device_for_each_child_node() The device_for_each_child_node() loop requires calls to … | |||
| CVE-2024-50186 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net: explicitly clear the sk pointer, when pf->create fails We have recently noticed the exact same KASAN splat as in commit 6cd4… | |||
| CVE-2024-50182 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: secretmem: disable memfd_secret() if arch cannot set direct map Return -ENOSYS from memfd_secret() syscall if !can_set_direct_map… |