CVEs from 2024
Total
6,597
critical
critical 174
high
high 1,069
medium
medium 2,083
low
low 49
% Critical
2.6%
% with KEV
2.5%
% with exploit
3.4%
Top products
- mbed_tls 15
- operations_analytics_log_analysis 14
- surveillance_station 12
- checkmk 10
- office 8
- profilegrid 8
- office_long_term_servicing_channel 6
- propertyhive 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-50067 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: uprobe: avoid out-of-bounds memory access of fetching args Uprobe needs to fetch args into a percpu buffer, and then copy to ring… | |||
| CVE-2024-45776 | medium | — | 5.5 | 1y ago | Moderate: grub2 security update | |||
| CVE-2024-50200 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: maple_tree: correct tree corruption on spanning store Patch series "maple_tree: correct tree corruption on spanning store", v3. … | |||
| CVE-2024-57885 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: mm/kmemleak: fix sleeping function called from invalid context at print message Address a bug in the kernel that triggers a "slee… | |||
| CVE-2024-56590 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: Fix not checking skb length on hci_acldata_packet This fixes not checking if skb really contains an ACL head… | |||
| CVE-2024-12088 | medium | — | 5.5 | 1y ago | Moderate: rsync security update | |||
| CVE-2024-49967 | medium | — | 5.5 | 1y ago | RHSA-2025:6966: kernel security update (Moderate) | |||
| CVE-2024-49934 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: fs/inode: Prevent dump_mapping() accessing invalid dentry.d_name.name It's observed that a crash occurs during hot-remove a memor… | |||
| CVE-2024-44952 | medium | — | 5.5 | 1y ago | RHSA-2025:6966: kernel security update (Moderate) | |||
| CVE-2024-12087 | medium | — | 5.5 | 1y ago | Moderate: rsync security update | |||
| CVE-2024-27008 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: drm: nv04: Fix out of bounds access When Output Resource (dcb->or) value is assigned in fabricate_dcb_output(), there may be out … | |||
| CVE-2024-46787 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: userfaultfd: fix checks for huge PMDs Patch series "userfaultfd: fix races around pmd_trans_huge() check", v2. The pmd_trans_hug… | |||
| CVE-2024-50082 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race We're seeing crashes from rq_qos_wake_function that look like … | |||
| CVE-2024-45000 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: fs/netfs/fscache_cookie: add missing "n_accesses" check This fixes a NULL pointer dereference bug due to a data race which looks … | |||
| CVE-2024-46754 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Remove tst_run from lwt_seg6local_prog_ops. The syzbot reported that the lwt_seg6 related BPF ops can be invoked via bpf_tes… | |||
| CVE-2024-47700 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: check stripe size compatibility on remount as well We disable stripe size in __ext4_fill_super if it is not a multiple of t… | |||
| CVE-2024-44958 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: sched/smt: Fix unbalance sched_smt_present dec/inc I got the following warn report while doing stress test: jump label: negative… | |||
| CVE-2024-57884 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim() The task sometimes continues looping in … | |||
| CVE-2024-56600 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net: inet6: do not leave a dangling sk pointer in inet6_create() sock_init_data() attaches the allocated sk pointer to the provid… | |||
| CVE-2024-43871 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: devres: Fix memory leakage caused by driver API devm_free_percpu() It will cause memory leakage when use driver API devm_free_per… | |||
| CVE-2024-56602 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() sock_init_data() attaches the allocated sk object to t… | |||
| CVE-2024-56605 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() bt_sock_alloc() allocates the sk object and at… | |||
| CVE-2024-43823 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: PCI: keystone: Fix NULL pointer dereference in case of DT error in ks_pcie_setup_rc_app_regs() If IORESOURCE_MEM is not provided … | |||
| CVE-2024-56779 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur The action force umount(umount -f) will attempt to kill all rpc_ta… | |||
| CVE-2024-56611 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix migrate_to_node() assuming there is at least one VMA in a MM We currently assume that there is at least one VMA… | |||
| CVE-2024-53105 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: mm: page_alloc: move mlocked flag clearance into free_pages_prepare() Syzbot reported a bad page state problem caused by a page b… | |||
| CVE-2024-56616 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: drm/dp_mst: Fix MST sideband message body length check Fix the MST sideband message body length check, which must be at least 1 b… | |||
| CVE-2024-50046 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies() On the node of an NFS client, some files saved in the mountpoi… | |||
| CVE-2024-53208 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix slab-use-after-free Read in set_powered_sync This fixes the following crash: ==============================… | |||
| CVE-2024-53190 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: Drastically reduce the attempts to read efuse in case of failures Syzkaller reported a hung task with uevent_show(… | |||
| CVE-2024-49938 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit Syzbot points out that skb_trim() has a sanity check on… | |||
| CVE-2024-35963 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sock: Fix not validating setsockopt user input Check user input length before copying data. | |||
| CVE-2024-8418 | medium | — | 5.5 | 1y ago | A flaw was found in Aardvark-dns, which is vulnerable to a Denial of Service attack due to the serial processing of TCP DNS queries. An attacker can exploit this flaw by keeping a TCP connection open… | |||
| CVE-2024-49954 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: static_call: Replace pointless WARN_ON() in static_call_module_notify() static_call_module_notify() triggers a WARN_ON(), when me… | |||
| CVE-2024-36012 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: msft: fix slab-use-after-free in msft_do_close() Tying the msft->data lifetime to hdev by freeing it in hci_release_de… | |||
| CVE-2024-53142 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: initramfs: avoid filename buffer overrun The initramfs filename field is defined in Documentation/driver-api/early-userspace/buff… | |||
| CVE-2024-53085 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: tpm: Lock TPM chip in tpm_pm_suspend() first Setting TPM_CHIP_FLAG_SUSPENDED in the end of tpm_pm_suspend() can be racy according… | |||
| CVE-2024-56623 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix use after free on unload System crash is observed with stack trace warning of use after free. There are 2 sign… | |||
| CVE-2024-53096 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: mm: resolve faulty mmap_region() error path behaviour The mmap_region() function is somewhat terrifying, with spaghetti-like cont… | |||
| CVE-2024-50107 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: platform/x86/intel/pmc: Fix pmc_core_iounmap to call iounmap for valid addresses Commit 50c6dbdfd16e ("x86/ioremap: Improve iounm… | |||
| CVE-2024-45022 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: fix page mapping if vm_area_alloc_pages() with high order fallback to order 0 The __vmap_pages_range_noflush() assume… | |||
| CVE-2024-46839 | medium | — | 5.5 | 1y ago | RHSA-2025:6966: kernel security update (Moderate) | |||
| CVE-2024-49935 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ACPI: PAD: fix crash in exit_round_robin() The kernel occasionally crashes in cpumask_clear_cpu(), which is called within exit_ro… | |||
| CVE-2024-53237 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix use-after-free in device_for_each_child() Syzbot has reported the following KASAN splat: BUG: KASAN: slab-use-aft… | |||
| CVE-2024-57894 | medium | — | 5.5 | 1y ago | RHSA-2025:6966: kernel security update (Moderate) | |||
| CVE-2024-47600 | medium | — | 5.5 | 1y ago | Moderate: gstreamer1-plugins-base security update | |||
| CVE-2024-50106 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: nfsd: fix race between laundromat and free_stateid There is a race between laundromat handling of revoked delegations and a clien… | |||
| CVE-2024-47719 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: iommufd: Protect against overflow of ALIGN() during iova allocation Userspace can supply an iova and uptr such that the target io… | |||
| CVE-2024-43846 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: lib: objagg: Fix general protection fault The library supports aggregation of objects into other objects only if the parent objec… | |||
| CVE-2024-49995 | medium | — | 5.5 | 1y ago | RHSA-2025:6966: kernel security update (Moderate) | |||
| CVE-2024-56551 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix usage slab after free [ +0.000021] BUG: KASAN: slab-use-after-free in drm_sched_entity_flush+0x6cb/0x7a0 [gpu_sc… | |||
| CVE-2024-45783 | medium | — | 5.5 | 1y ago | Moderate: grub2 security update | |||
| CVE-2024-46758 | medium | — | 5.5 | 1y ago | RHSA-2025:6966: kernel security update (Moderate) | |||
| CVE-2024-49993 | medium | — | 5.5 | 1y ago | RHSA-2025:6966: kernel security update (Moderate) | |||
| CVE-2024-57903 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net: restrict SO_REUSEPORT to inet sockets After blamed commit, crypto sockets could accidentally be destroyed from RCU call back… | |||
| CVE-2024-41010 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix too early release of tcx_entry Pedro Pinto and later independently also Hyunwoo Kim and Wongi Lee reported an issue that… | |||
| CVE-2024-56663 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: fix NL80211_ATTR_MLO_LINK_ID off-by-one Since the netlink attribute range validation provides inclusive checking, … | |||
| CVE-2024-56667 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix NULL pointer dereference in capture_engine When the intel_context structure contains NULL, it raises a NULL pointer… | |||
| CVE-2024-56688 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: sunrpc: clear XPRT_SOCK_UPD_TIMEOUT when reset transport Since transport->sock has been set to NULL during reset transport, XPRT_… | |||
| CVE-2024-56729 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: smb: Initialize cfid->tcon before performing network ops Avoid leaking a tcon ref when a lease break races with opening the cache… | |||
| CVE-2024-56757 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: mediatek: add intf release flow when usb disconnect MediaTek claim an special usb intr interface for ISO data t… | |||
| CVE-2024-56760 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: PCI/MSI: Handle lack of irqdomain gracefully Alexandre observed a warning emitted from pci_msi_setup_msi_irqs() on a RISCV platfo… | |||
| CVE-2024-56783 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_socket: remove WARN_ON_ONCE on maximum cgroup level cgroup maximum depth is INT_MAX by default, there is a cgroup … | |||
| CVE-2024-57809 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: PCI: imx6: Fix suspend/resume support on i.MX6QDL The suspend/resume functionality is currently broken on the i.MX6QDL platform, … | |||
| CVE-2024-57879 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: iso: Always release hdev at the end of iso_listen_bis Since hci_get_route holds the device before returning, the hdev … | |||
| CVE-2024-57888 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: workqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from !WQ_MEM_RECLAIM worker After commit 746ae46c1113 ("drm/sched: Mar… | |||
| CVE-2024-57898 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: clear link ID from bitmap during link delete after clean up Currently, during link deletion, the link ID is first… | |||
| CVE-2024-57931 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: selinux: ignore unknown extended permissions When evaluating extended permissions, ignore unknown permissions instead of calling … | |||
| CVE-2024-58064 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: tests: Fix potential NULL dereference in test_cfg80211_parse_colocated_ap() kunit_kzalloc() may return NULL, dere… | |||
| CVE-2024-58099 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: vmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame Andrew and Nikolay reported connectivity issues with Cilium's service lo… | |||
| CVE-2024-46951 | medium | — | 5.5 | 1y ago | RHSA-2025:4362: ghostscript security update (Moderate) | |||
| CVE-2024-46954 | medium | — | 5.5 | 1y ago | RHSA-2025:4362: ghostscript security update (Moderate) | |||
| CVE-2024-49878 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: resource: fix region_intersects() vs add_memory_driver_managed() On a system with CXL memory, the resource tree (/proc/iomem) rel… | |||
| CVE-2024-50014 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: fix access to uninitialised lock in fc replay path The following kernel trace can be triggered with fstest generic/629 when… | |||
| CVE-2024-42265 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: protect the fetch of ->fd[fd] in do_dup2() from mispredictions both callers have verified that fd is not greater than ->max_fds; … | |||
| CVE-2024-47668 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() If we need to increase the tree depth, allocate a new node, and… | |||
| CVE-2024-4453 | medium | — | 5.5 | 1y ago | RHSA-2024:9056: gstreamer1-plugins-base security update (Moderate) | |||
| CVE-2024-35195 | medium | — | 5.5 | 1y ago | RHSA-2025:0012: python-requests security update (Moderate) | |||
| CVE-2024-47715 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7915: fix oops on non-dbdc mt7986 mt7915_band_config() sets band_idx = 1 on the main phy for mt7986 with MT7975_ONE… | |||
| CVE-2024-36880 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: add missing firmware sanity checks Add the missing sanity checks when parsing the firmware files before downloadi… | |||
| CVE-2024-47602 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gst_matroska_demux_add_wvpk_header function within mat… | |||
| CVE-2024-47748 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: vhost_vdpa: assign irq bypass producer token correctly We used to call irq_bypass_unregister_producer() in vhost_vdpa_setup_vq_ir… | |||
| CVE-2024-49856 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: x86/sgx: Fix deadlock in SGX NUMA node search When the current node doesn't have an EPC section configured by firmware and all ot… | |||
| CVE-2024-49860 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ACPI: sysfs: validate return type of _STR method Only buffer objects are valid return values of _STR. If something else is retur… | |||
| CVE-2024-49861 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix helper writes to read-only maps Lonial found an issue that despite user- and BPF-side frozen BPF map (like in case of .r… | |||
| CVE-2024-49870 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix dentry leak in cachefiles_open_file() A dentry leak may be caused when a lookup cookie and a cull are concurrent:… | |||
| CVE-2024-49886 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: platform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug Attaching SST PCI device to VM causes "BUG: KASAN: slab-out-of-bo… | |||
| CVE-2024-49904 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add list empty check to avoid null pointer issue Add list empty check to avoid null pointer issues in some corner cas… | |||
| CVE-2024-49927 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: x86/ioapic: Handle allocation failures gracefully Breno observed panics when using failslab under certain conditions during runti… | |||
| CVE-2024-49939 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: avoid to add interface to list twice when SER If SER L2 occurs during the WoWLAN resume flow, the add interface flow… | |||
| CVE-2024-49948 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net: add more sanity checks to qdisc_pkt_len_init() One path takes care of SKB_GSO_DODGY, assuming skb->len is bigger than hdr_le… | |||
| CVE-2024-49950 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix uaf in l2cap_connect [Syzbot reported] BUG: KASAN: slab-use-after-free in l2cap_connect.constprop.0+0x10d8/… | |||
| CVE-2024-53161 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: EDAC/bluefield: Fix potential integer overflow The 64-bit argument for the "get DIMM info" SMC call consists of mem_ctrl_idx left… | |||
| CVE-2024-53173 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: NFSv4.0: Fix a use-after-free problem in the asynchronous open() Yang Erkun reports that when two threads are opening files at th… | |||
| CVE-2024-53174 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: SUNRPC: make sure cache entry active before cache_show The function `c_show` was called with protection from RCU. This only ensur… | |||
| CVE-2024-53194 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: PCI: Fix use-after-free of slot->bus on hot remove Dennis reports a boot crash on recent Lenovo laptops with a USB4 dock. Since … | |||
| CVE-2024-53232 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: iommu/s390: Implement blocking domain This fixes a crash when surprise hot-unplugging a PCI device. This crash happens because du… | |||
| CVE-2024-56591 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_conn: Use disable_delayed_work_sync This makes use of disable_delayed_work_sync instead cancel_delayed_work_sync a… | |||
| CVE-2024-56601 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inet_create() sock_init_data() attaches the allocated sk object to the provided … | |||
| CVE-2024-56604 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() bt_sock_alloc() attaches allocated sk object to the p… |