CVEs from 2024
Total
6,627
critical
critical 166
high
high 1,075
medium
medium 2,067
low
low 49
% Critical
2.5%
% with KEV
2.5%
% with exploit
3.4%
Top products
- surveillance_station 12
- checkmk 10
- profilegrid 8
- office 8
- office_long_term_servicing_channel 6
- propertyhive 5
- glibc 5
- element_pack 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-7519 | high | — | 8.0 | 2y ago | Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be leveraged by an attacker to perform a sandbox escape. This vulnerability affects Firefox … | |||
| CVE-2024-36903 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix potential uninit-value access in __ip6_make_skb() As it was done in commit fc1092f51567 ("ipv4: Fix uninit-value access… | |||
| CVE-2024-35852 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash work The rehash delayed work is rescheduled with a delay if the n… | |||
| CVE-2024-35848 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: eeprom: at24: fix memory corruption race condition If the eeprom is not accessible, an nvmem device will be registered, the read … | |||
| CVE-2024-7521 | high | — | 8.0 | 2y ago | Incomplete WebAssembly exception handing could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird … | |||
| CVE-2024-7524 | high | — | 8.0 | 2y ago | Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker a… | |||
| CVE-2024-27417 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ipv6: fix potential "struct net" leak in inet6_rtm_getaddr() It seems that if userspace provides a correct IFA_TARGET_NETNSID val… | |||
| CVE-2024-26868 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: nfs: fix panic when nfs4_ff_layout_prepare_ds() fails We've been seeing the following panic in production BUG: kernel NULL point… | |||
| CVE-2024-38575 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: pcie: handle randbuf allocation failure The kzalloc() in brcmf_pcie_download_fw_nvram() will return null if the p… | |||
| CVE-2024-21823 | high | — | 8.0 | 2y ago | Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors may allow an authorized user to potentially enable escalati… | |||
| CVE-2024-7525 | high | — | 8.0 | 2y ago | It was possible for a web extension with minimal permissions to create a `StreamFilter` which could be used to read and modify the response body of requests on any site. This vulnerability affects Fi… | |||
| CVE-2024-4076 | high | — | 8.0 | 2y ago | RHSA-2024:5390: bind9.16 security update (Important) | |||
| CVE-2024-7520 | high | — | 8.0 | 2y ago | A type confusion bug in WebAssembly could be leveraged by an attacker to potentially achieve code execution. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1. | |||
| CVE-2024-7522 | high | — | 8.0 | 2y ago | Editor code failed to check an attribute value. This could have led to an out-of-bounds read. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1,… | |||
| CVE-2024-36954 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tipc: fix a possible memleak in tipc_buf_append __skb_linearize() doesn't free the skb when it fails, so move '*buf = NULL' after… | |||
| CVE-2024-27388 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix some memleaks in gssx_dec_option_array The creds and oa->data need to be freed in the error-handling paths after thei… | |||
| CVE-2024-40974 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Enforce hcall result buffer validity and size plpar_hcall(), plpar_hcall9(), and related functions expect caller… | |||
| CVE-2024-38476 | high | — | 8.0 | 2y ago | Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious o… | |||
| CVE-2024-35790 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group The DisplayPort driver's sysfs no… | |||
| CVE-2024-26802 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: stmmac: Clear variable when destroying workqueue Currently when suspending driver and stopping workqueue it is checked whether wo… | |||
| CVE-2024-36950 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: firewire: ohci: mask bus reset interrupts between ISR and bottom half In the FireWire OHCI interrupt handler, if a bus reset inte… | |||
| CVE-2024-26698 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove In commit ac5047671758 ("hv_netvsc: Disable NAPI before clos… | |||
| CVE-2024-35952 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/ast: Fix soft lockup There is a while-loop in ast_dp_set_on_off() that could lead to infinite-loop. This is because the regis… | |||
| CVE-2024-36924 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() lpfc_worker_wake_up() calls the lpfc_work_done() routine, which … | |||
| CVE-2024-26773 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() Determine if the group block bitmap is corrupted b… | |||
| CVE-2024-36952 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Move NPIV's transport unregistration to after resource clean up There are cases after NPIV deletion where the fabric … | |||
| CVE-2024-23638 | high | — | 8.0 | 2y ago | RHSA-2024:9644: squid:4 security update (Important) | |||
| CVE-2024-38474 | high | — | 8.0 | 2y ago | Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in directories permitted by the configuration but not directly reachable by any … | |||
| CVE-2024-39573 | high | — | 8.0 | 2y ago | Potential SSRF in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to cause unsafe RewriteRules to unexpectedly setup URL's to be handled by mod_proxy. Users are recommended to… | |||
| CVE-2024-38477 | high | — | 8.0 | 2y ago | null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request. Users are recommended to upgrade to version 2.4.60, whic… | |||
| CVE-2024-38473 | high | — | 8.0 | 2y ago | Encoding problem in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, potentially bypassing authentication via crafted req… | |||
| CVE-2024-39936 | high | — | 8.0 | 2y ago | An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code to make security-relevant decisions about an est… | |||
| CVE-2024-5564 | high | — | 8.0 | 2y ago | RHSA-2024:4620: libndp security update (Important) | |||
| CVE-2024-21147 | high | — | 8.0 | 2y ago | RHSA-2024:4573: java-21-openjdk security update (Important) | |||
| CVE-2024-21144 | high | — | 8.0 | 2y ago | RHSA-2024:4567: java-11-openjdk security update (Important) | |||
| CVE-2024-26858 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Use a memory barrier to enforce PTP WQ xmit submission tracking occurs after populating the metadata_map Just simply r… | |||
| CVE-2024-38593 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: micrel: Fix receiving the timestamp in the frame for lan8841 The blamed commit started to use the ptp workqueue to get the s… | |||
| CVE-2024-26783 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index With numa balancing on, when a numa system is running where … | |||
| CVE-2024-21145 | high | — | 8.0 | 2y ago | RHSA-2024:4573: java-21-openjdk security update (Important) | |||
| CVE-2024-21131 | high | — | 8.0 | 2y ago | RHSA-2024:4573: java-21-openjdk security update (Important) | |||
| CVE-2024-27435 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: nvme: fix reconnection fail due to reserved tag allocation We found a issue on production environment while using NVMe over RDMA,… | |||
| CVE-2024-21138 | high | — | 8.0 | 2y ago | RHSA-2024:4573: java-21-openjdk security update (Important) | |||
| CVE-2024-38663 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: fix list corruption from resetting io stat Since commit 3b8cc6298724 ("blk-cgroup: Optimize blkcg_rstat_flush()"), ea… | |||
| CVE-2024-21140 | high | — | 8.0 | 2y ago | RHSA-2024:4573: java-21-openjdk security update (Important) | |||
| CVE-2024-36886 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tipc: fix UAF in error path Sam Page (sam4k) working with Trend Micro Zero Day Initiative reported a UAF in the tipc_buf_append()… | |||
| CVE-2024-36957 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: avoid off-by-one read from userspace We try to access count + 1 byte from userspace with memdup_user(buffer, count … | |||
| CVE-2024-38543 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure The kcalloc() in dmirror_device_evict_chunk() will return null if… | |||
| CVE-2024-37560 | high | 8.0 | 8.0 | 2y ago | Improper Privilege Management vulnerability in IqbalRony WP User Switch allows Privilege Escalation.This issue affects WP User Switch: from n/a through 1.1.0. | |||
| CVE-2024-6601 | high | — | 8.0 | 2y ago | A race condition could lead to a cross-origin container obtaining permissions of the top-level origin. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunde… | |||
| CVE-2024-6604 | high | — | 8.0 | 2y ago | Memory safety bugs present in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these cou… | |||
| CVE-2024-6603 | high | — | 8.0 | 2y ago | In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 1… | |||
| CVE-2024-35264 | high | — | 8.0 | 2y ago | RHSA-2024:4451: dotnet8.0 security update (Important) | |||
| CVE-2024-30105 | high | — | 8.0 | 2y ago | RHSA-2024:4451: dotnet8.0 security update (Important) | |||
| CVE-2024-38095 | high | — | 8.0 | 2y ago | RHSA-2024:4451: dotnet8.0 security update (Important) | |||
| CVE-2024-26801 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Avoid potential use-after-free in hci_error_reset While handling the HCI_EV_HARDWARE_ERROR event, if the underlying BT… | |||
| CVE-2024-4467 | high | — | 8.0 | 2y ago | A flaw was found in the QEMU disk image utility (qemu-img) 'info' command. A specially crafted image file containing a `json:{}` value describing block devices in QMP could cause the qemu-img process… | |||
| CVE-2024-32020 | high | — | 8.0 | 2y ago | RHSA-2024:4084: git security update (Important) | |||
| CVE-2024-32002 | high | — | 8.0 | 2y ago | RHSA-2024:4084: git security update (Important) | |||
| CVE-2024-32004 | high | — | 8.0 | 2y ago | RHSA-2024:4084: git security update (Important) | |||
| CVE-2024-32021 | high | — | 8.0 | 2y ago | RHSA-2024:4084: git security update (Important) | |||
| CVE-2024-32465 | high | — | 8.0 | 2y ago | RHSA-2024:4084: git security update (Important) | |||
| CVE-2024-33871 | high | — | 8.0 | 2y ago | RHSA-2024:4000: ghostscript security update (Important) | |||
| CVE-2024-37890 | high | — | 8.0 | 2y ago | ws affected by a DoS when handling a request with many HTTP headers | |||
| CVE-2024-5688 | high | — | 8.0 | 2y ago | If a garbage collection was triggered at the right time, a use-after-free could have occurred during object transplant. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird… | |||
| CVE-2024-5690 | high | — | 8.0 | 2y ago | By monitoring the time certain operations take, an attacker could have guessed which external protocol handlers were functional on a user's system. This vulnerability affects Firefox < 127, Firefox E… | |||
| CVE-2024-5693 | high | — | 8.0 | 2y ago | Offscreen Canvas did not properly track cross-origin tainting, which could be used to access image data from another site in violation of same-origin policy. This vulnerability affects Firefox < 127,… | |||
| CVE-2024-5696 | high | — | 8.0 | 2y ago | By manipulating the text in an `<input>` tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 127, Firefox ESR < 11… | |||
| CVE-2024-32462 | high | — | 8.0 | 2y ago | RHSA-2024:3961: flatpak security update (Important) | |||
| CVE-2024-5700 | high | — | 8.0 | 2y ago | Memory safety bugs present in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these cou… | |||
| CVE-2024-5702 | high | — | 8.0 | 2y ago | RHSA-2024:4036: thunderbird security update (Important) | |||
| CVE-2024-5691 | high | — | 8.0 | 2y ago | By tricking the browser with a `X-Frame-Options` header, a sandboxed iframe could have presented a button that, if clicked by a user, would bypass restrictions to open a new window. This vulnerabilit… | |||
| CVE-2024-3657 | high | — | 8.0 | 2y ago | RHSA-2024:4235: 389-ds security update (Important) | |||
| CVE-2024-2199 | high | — | 8.0 | 2y ago | RHSA-2024:4235: 389-ds security update (Important) | |||
| CVE-2024-3183 | high | — | 8.0 | 2y ago | RHSA-2024:3755: idm:DL1 security update (Important) | |||
| CVE-2024-2698 | high | — | 8.0 | 2y ago | RHSA-2024:3755: idm:DL1 security update (Important) | |||
| CVE-2024-3049 | high | — | 8.0 | 2y ago | RHSA-2024:3659: booth security update (Important) | |||
| CVE-2024-26735 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix possible use-after-free and null-ptr-deref The pernet operations structure for the subsystem must be registered bef… | |||
| CVE-2024-32487 | high | — | 8.0 | 2y ago | RHSA-2024:4256: less security update (Important) | |||
| CVE-2024-24549 | high | — | 8.0 | 2y ago | Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request, if the request exceeded any of the configured limits for head… | |||
| CVE-2024-23672 | high | — | 8.0 | 2y ago | Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue … | |||
| CVE-2024-35890 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: gro: fix ownership transfer If packets are GROed with fraglist they might be segmented later on and continue their journey in the… | |||
| CVE-2024-26804 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: ip_tunnel: prevent perpetual headroom growth syzkaller triggered following kasan splat: BUG: KASAN: use-after-free in __skb_… | |||
| CVE-2024-23213 | high | — | 8.0 | 2y ago | The issue was addressed with improved memory handling. This issue is fixed in Safari 17.3, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3, watchOS 10.3. Processi… | |||
| CVE-2024-23206 | high | — | 8.0 | 2y ago | An access issue was addressed with improved access restrictions. This issue is fixed in Safari 17.3, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3, watchOS 10.3… | |||
| CVE-2024-28109 | high | — | 8.0 | 2y ago | veraPDF has potential XSLT injection vulnerability when using policy files | |||
| CVE-2024-29800 | high | 8.0 | 8.0 | 2y ago | timber/timber vulnerable to Deserialization of Untrusted Data | |||
| CVE-2024-30045 | high | — | 8.0 | 2y ago | RHSA-2024:3345: .NET 8.0 security update (Important) | |||
| CVE-2024-30046 | high | — | 8.0 | 2y ago | RHSA-2024:3345: .NET 8.0 security update (Important) | |||
| CVE-2024-27982 | high | — | 8.0 | 2y ago | RHSA-2024:2780: nodejs:18 security update (Important) | |||
| CVE-2024-27983 | high | — | 8.0 | 2y ago | RHSA-2024:2780: nodejs:18 security update (Important) | |||
| CVE-2024-22025 | high | — | 8.0 | 2y ago | RHSA-2024:2780: nodejs:18 security update (Important) | |||
| CVE-2024-31270 | high | 8.0 | 8.0 | 2y ago | Missing Authorization vulnerability in Repute InfoSystems ARForms Form Builder.This issue affects ARForms Form Builder: from n/a through 1.6.1. | |||
| CVE-2024-0565 | high | — | 8.0 | 2y ago | An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on… | |||
| CVE-2024-3019 | high | — | 8.0 | 2y ago | RHSA-2024:3264: pcp security update (Important) | |||
| CVE-2024-1085 | high | — | 8.0 | 2y ago | A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_setelem_catchall_deactivate() function checks whet… | |||
| CVE-2024-1313 | high | — | 8.0 | 2y ago | RHSA-2024:3265: grafana security update (Important) | |||
| CVE-2024-23271 | high | — | 8.0 | 2y ago | A logic issue was addressed with improved checks. This issue is fixed in Safari 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3, watchOS 10.3. A malicious website may cause unexpected cr… | |||
| CVE-2024-26586 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix stack corruption When tc filters are first added to a net device, the corresponding local port gets… | |||
| CVE-2024-26585 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous commit, the submitting thread (recvmsg/sendmsg) m… | |||
| CVE-2024-26583 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread (one which called recvmsg/sendmsg) may exit as soon as … |