CVEs from 2024
Total
6,620
critical
critical 168
high
high 1,065
medium
medium 2,078
low
low 49
% Critical
2.5%
% with KEV
2.5%
% with exploit
3.4%
Top products
- surveillance_station 12
- checkmk 10
- profilegrid 8
- office 8
- office_long_term_servicing_channel 6
- propertyhive 5
- glibc 5
- element_pack 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-47700 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: check stripe size compatibility on remount as well We disable stripe size in __ext4_fill_super if it is not a multiple of t… | |||
| CVE-2024-58005 | medium | 5.5 | 5.5 | 1y ago | Important: kernel security update | |||
| CVE-2024-46819 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: the warning dereferencing obj for nbio_v7_4 if ras_manager obj null, don't print NBIO err data | |||
| CVE-2024-12747 | medium | — | 5.5 | 1y ago | Moderate: rsync security update | |||
| CVE-2024-50102 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: x86: fix user address masking non-canonical speculation issue It turns out that AMD has a "Meltdown Lite(tm)" issue with non-cano… | |||
| CVE-2024-46747 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup report_fixup for the Cougar 500k Gaming Keyboard was not verifyin… | |||
| CVE-2024-56783 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_socket: remove WARN_ON_ONCE on maximum cgroup level cgroup maximum depth is INT_MAX by default, there is a cgroup … | |||
| CVE-2024-12088 | medium | — | 5.5 | 1y ago | Moderate: rsync security update | |||
| CVE-2024-42304 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: make sure the first directory block is not a hole The syzbot constructs a directory that has no dirblock but is non-inline,… | |||
| CVE-2024-56601 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inet_create() sock_init_data() attaches the allocated sk object to the provided … | |||
| CVE-2024-49934 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: fs/inode: Prevent dump_mapping() accessing invalid dentry.d_name.name It's observed that a crash occurs during hot-remove a memor… | |||
| CVE-2024-44989 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: bonding: fix xfrm real_dev null pointer dereference We shouldn't set real_dev to NULL because packets can be in transit and xfrm … | |||
| CVE-2024-57798 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() While receiving an MST up request message from one … | |||
| CVE-2024-47835 | medium | — | 5.5 | 1y ago | Moderate: gstreamer1-plugins-base security update | |||
| CVE-2024-12087 | medium | — | 5.5 | 1y ago | Moderate: rsync security update | |||
| CVE-2024-43884 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Add error handling to pair_device() hci_conn_params_add() never checks for a NULL value and could lead to a NULL… | |||
| CVE-2024-50055 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: driver core: bus: Fix double free in driver API bus_register() For bus_register(), any error which happens after kset_register() … | |||
| CVE-2024-57940 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: exfat: fix the infinite loop in exfat_readdir() If the file system is corrupted so that a cluster is linked to itself in the clus… | |||
| CVE-2024-50237 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower Avoid potentially crashing in the driver because of unini… | |||
| CVE-2024-41010 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix too early release of tcx_entry Pedro Pinto and later independently also Hyunwoo Kim and Wongi Lee reported an issue that… | |||
| CVE-2024-58009 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc A NULL sock pointer is passed into l2cap_sock_alloc() when it is c… | |||
| CVE-2024-27398 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout When the sco connection is established and then, the sco socket is … | |||
| CVE-2024-56602 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() sock_init_data() attaches the allocated sk object to t… | |||
| CVE-2024-43828 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: fix infinite loop when replaying fast_commit When doing fast_commit replay an infinite loop may occur due to an uninitializ… | |||
| CVE-2024-49983 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: drop ppath from ext4_ext_replay_update_ex() to avoid double-free When calling ext4_force_split_extent_at() in ext4_ext_repl… | |||
| CVE-2024-53070 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: fix fault at system suspend if device was already runtime suspended If the device was already runtime suspended then d… | |||
| CVE-2024-56644 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net/ipv6: release expired exception dst cached in socket Dst objects get leaked in ip6_negative_advice() when this function is ex… | |||
| CVE-2024-49960 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: fix timer use-after-free on failed mount Syzbot has found an ODEBUG bug in ext4_fill_super The del_timer_sync function can… | |||
| CVE-2024-47543 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been discovered in qtdemux_parse_container function within qtdemux.c. In the parent function… | |||
| CVE-2024-47601 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gst_matroska_demux_parse_blockgroup_or_simpleblock fun… | |||
| CVE-2024-56663 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: fix NL80211_ATTR_MLO_LINK_ID off-by-one Since the netlink attribute range validation provides inclusive checking, … | |||
| CVE-2024-50018 | medium | — | 5.5 | 1y ago | RHSA-2025:6966: kernel security update (Moderate) | |||
| CVE-2024-54680 | medium | — | 5.5 | 1y ago | RHSA-2025:6966: kernel security update (Moderate) | |||
| CVE-2024-47597 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been detected in the function qtdemux_parse_samples within qtdemux.c. This issue arises when the function … | |||
| CVE-2024-47598 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been discovered in the qtdemux_merge_sample_table function within qtdemux.c. The problem is … | |||
| CVE-2024-47599 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gst_jpeg_dec_negotiate function in gstjpegdec.c. This … | |||
| CVE-2024-47603 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gst_matroska_demux_update_tracks function within matro… | |||
| CVE-2024-47775 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been found in the parse_ds64 function within gstwavparse.c. The parse_ds64 function does not… | |||
| CVE-2024-45010 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: only mark 'subflow' endp as available Adding the following warning ... WARN_ON_ONCE(msk->pm.local_addr_used == 0) … | |||
| CVE-2024-49999 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: afs: Fix the setting of the server responding flag In afs_wait_for_operation(), we set transcribe the call responded flag to the … | |||
| CVE-2024-47777 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been identified in the gst_wavparse_smpl_chunk function within gstwavparse.c. This function … | |||
| CVE-2024-47778 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been discovered in gst_wavparse_adtl_chunk within gstwavparse.c. This vulnerability arises d… | |||
| CVE-2024-47834 | medium | — | 5.5 | 1y ago | GStreamer is a library for constructing graphs of media-handling components. An Use-After-Free read vulnerability has been discovered affecting the processing of CodecPrivate elements in Matroska str… | |||
| CVE-2024-46783 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: tcp_bpf: fix return value of tcp_bpf_sendmsg() When we cork messages in psock->cork, the last message triggers the flushing will … | |||
| CVE-2024-56623 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix use after free on unload System crash is observed with stack trace warning of use after free. There are 2 sign… | |||
| CVE-2024-49937 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Set correct chandef when starting CAC When starting CAC in a mode other than AP mode, it return a "WARNING: CPU: … | |||
| CVE-2024-47141 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: pinmux: Use sequential access to access desc->pinmux data When two client of the same gpio call pinctrl_select_state() for the sa… | |||
| CVE-2024-49935 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ACPI: PAD: fix crash in exit_round_robin() The kernel occasionally crashes in cpumask_clear_cpu(), which is called within exit_ro… | |||
| CVE-2024-38541 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: of: module: add buffer overflow check in of_modalias() In of_modalias(), if the buffer happens to be too small even for the 1st s… | |||
| CVE-2024-47719 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: iommufd: Protect against overflow of ALIGN() during iova allocation Userspace can supply an iova and uptr such that the target io… | |||
| CVE-2024-56760 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: PCI/MSI: Handle lack of irqdomain gracefully Alexandre observed a warning emitted from pci_msi_setup_msi_irqs() on a RISCV platfo… | |||
| CVE-2024-50304 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() The per-netns IP tunnel hash table is protected by the RTNL… | |||
| CVE-2024-53920 | medium | — | 5.5 | 1y ago | RHSA-2025:11030: emacs security update (Moderate) | |||
| CVE-2024-3567 | medium | — | 5.5 | 1y ago | A flaw was found in QEMU. An assertion failure was present in the update_sctp_checksum() function in hw/net/net_tx_pkt.c when trying to calculate the checksum of a short-sized fragmented packet. This… | |||
| CVE-2024-44990 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: bonding: fix null pointer deref in bond_ipsec_offload_ok We must check if there is an active slave before dereferencing the point… | |||
| CVE-2024-46826 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ELF: fix kernel.randomize_va_space double read ELF loader uses "randomize_va_space" twice. It is sysctl and can change at any mom… | |||
| CVE-2024-8929 | medium | — | 5.5 | 1y ago | Moderate: php:8.1 security update | |||
| CVE-2024-11234 | medium | — | 5.5 | 1y ago | Moderate: php:8.1 security update | |||
| CVE-2024-11233 | medium | — | 5.5 | 1y ago | Moderate: php:8.1 security update | |||
| CVE-2024-45341 | medium | — | 5.5 | 1y ago | RHSA-2025:3772: go-toolset:rhel8 security update (Moderate) | |||
| CVE-2024-8176 | medium | — | 5.5 | 1y ago | RHSA-2025:4048: xmlrpc-c security update (Moderate) | |||
| CVE-2024-43855 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: md: fix deadlock between mddev_suspend and flush bio Deadlock occurs when mddev is being suspended while some flush bio is in pro… | |||
| CVE-2024-45336 | medium | — | 5.5 | 1y ago | RHSA-2025:3772: go-toolset:rhel8 security update (Moderate) | |||
| CVE-2024-7347 | medium | — | 5.5 | 1y ago | Moderate: nginx:1.24 security update | |||
| CVE-2024-10306 | medium | — | 5.5 | 1y ago | Moderate: mod_proxy_cluster security update | |||
| CVE-2024-58085 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: tomoyo: don't emit warning in tomoyo_write_control() syzbot is reporting too large allocation warning at tomoyo_write_control(), … | |||
| CVE-2024-58071 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: team: prevent adding a device which is already a team device lower Prevent adding a device which is already a team device lower, … | |||
| CVE-2024-58063 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: fix memory leaks and invalid access at probe error path Deinitialize at reverse order when probe fails. When init… | |||
| CVE-2024-58058 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ubifs: skip dumping tnc tree when zroot is null Clearing slab cache will free all znode in memory and make c->zroot.znode = NULL,… | |||
| CVE-2024-58051 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ipmi: ipmb: Add check devm_kasprintf() returned value devm_kasprintf() can return a NULL pointer on failure but this returned val… | |||
| CVE-2024-58020 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Add NULL check in mt_input_configured devm_kasprintf() can return a NULL pointer on failure,but this returned va… | |||
| CVE-2024-58017 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX Shifting 1 << 31 on a 32-bit int causes signed integer overflow… | |||
| CVE-2024-58016 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: safesetid: check size of policy writes syzbot attempts to write a buffer with a large size to a sysfs entry with writes handled b… | |||
| CVE-2024-57996 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: don't allow 1 packet limit The current implementation does not work correctly with a limit of 1. iproute2 act… | |||
| CVE-2024-57977 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: memcg: fix soft lockup in the OOM process A soft lockup issue was found in the product with about 56,000 tasks were in the OOM cg… | |||
| CVE-2024-21096 | medium | — | 5.5 | 1y ago | RHSA-2025:0739: mariadb:10.5 security update (Moderate) | |||
| CVE-2024-41184 | medium | — | 5.5 | 1y ago | RHSA-2025:0743: keepalived security update (Moderate) | |||
| CVE-2024-52533 | medium | — | 5.5 | 1y ago | RHSA-2025:11327: glib2 security update (Moderate) | |||
| CVE-2024-57948 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: mac802154: check local interfaces before deleting sdata list syzkaller reported a corrupted list in ieee802154_if_remove. [1] Re… | |||
| CVE-2024-10539 | medium | 5.5 | 5.5 | 1y ago | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Uyumsoft Informatin Systems Uyumsoft ERP allows XSS Using Invalid Characters, Reflected XS… | |||
| CVE-2024-57947 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo: fix initial map fill The initial buffer has to be inited to all-ones, but it must restrict it to the si… | |||
| CVE-2024-50275 | medium | — | 5.5 | 1y ago | Moderate: kernel security update | |||
| CVE-2024-50154 | medium | — | 5.5 | 1y ago | Moderate: kernel security update | |||
| CVE-2024-53088 | medium | — | 5.5 | 1y ago | Moderate: kernel security update | |||
| CVE-2024-57924 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: fs: relax assertions on failure to encode file handles Encoding file handles is usually performed by a filesystem >encode_fh() me… | |||
| CVE-2024-3661 | medium | — | 5.5 | 1y ago | Moderate: Security and bug fixes for NetworkManager | |||
| CVE-2024-57902 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: af_packet: fix vlan_get_tci() vs MSG_PEEK Blamed commit forgot MSG_PEEK case, allowing a crash [1] as found by syzbot. Rework vl… | |||
| CVE-2024-57901 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: af_packet: fix vlan_get_protocol_dgram() vs MSG_PEEK Blamed commit forgot MSG_PEEK case, allowing a crash [1] as found by syzbot.… | |||
| CVE-2024-11029 | medium | — | 5.5 | 1y ago | Moderate: ipa security update | |||
| CVE-2024-47809 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: dlm: fix possible lkb_resource null dereference This patch fixes a possible null pointer dereference when this function is called… | |||
| CVE-2024-56727 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_flows.c Adding error pointer check after calling otx2_mbox_get_rsp(). | |||
| CVE-2024-56719 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix TSO DMA API usage causing oops Commit 66600fac7a98 ("net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-page… | |||
| CVE-2024-56657 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Avoid WARN() for symlink errors Using WARN() for showing the error of symlink creations don't give more informatio… | |||
| CVE-2024-53221 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: f2fs: fix null-ptr-deref in f2fs_submit_page_bio() There's issue as follows when concurrently installing the f2fs.ko module and m… | |||
| CVE-2024-50192 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-50255 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-45020 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-50223 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-50148 | medium | 5.5 | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-50142 | medium | 5.5 | 5.5 | 2y ago | Moderate: kernel security update |