CVEs from 2024
Total
6,992
critical
critical 121
high
high 1,017
medium
medium 2,009
low
low 42
% Critical
1.7%
% with KEV
2.3%
% with exploit
2.8%
Top products
- surveillance_station 12
- checkmk 10
- profilegrid 8
- office 8
- office_long_term_servicing_channel 6
- glibc 5
- virtual_traffic_manager 5
- element_pack 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-36286 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu() syzbot reported that nf_reinject() could be called … | |||
| CVE-2024-38589 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netrom: fix possible dead-lock in nr_rt_ioctl() syzbot loves netrom, and found a possible deadlock in nr_rt_ioctl [1] Make sure … | |||
| CVE-2024-38567 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: add a proper sanity check for endpoints Syzkaller reports [1] hitting a warning which is caused by presence of a … | |||
| CVE-2024-38565 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: ar5523: enable proper endpoint verification Syzkaller reports [1] hitting a warning about an endpoint in use not having an … | |||
| CVE-2024-38547 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: media: atomisp: ssh_css: Fix a null-pointer dereference in load_video_binaries The allocation failure of mycs->yuv_scaler_binary … | |||
| CVE-2024-26664 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: hwmon: (coretemp) Fix out-of-bounds memory access Fix a bug that pdata->cpu_map[] is set before out-of-bounds check. The problem … | |||
| CVE-2024-37891 | medium | — | 5.5 | 2y ago | Moderate: fence-agents security update | |||
| CVE-2024-34064 | medium | — | 5.5 | 2y ago | Moderate: python-jinja2 security update | |||
| CVE-2024-28176 | medium | — | 5.5 | 2y ago | Moderate: jose security update | |||
| CVE-2024-2947 | medium | — | 5.5 | 2y ago | A flaw was found in Cockpit. Deleting a sosreport with a crafted name via the Cockpit web interface can lead to a command injection vulnerability, resulting in privilege escalation. This issue affect… | |||
| CVE-2024-2905 | medium | — | 5.5 | 2y ago | Moderate: rpm-ostree security update | |||
| CVE-2024-24788 | medium | — | 5.5 | 2y ago | Moderate: skopeo security update | |||
| CVE-2024-27282 | medium | — | 5.5 | 2y ago | Moderate: ruby:3.3 security, bug fix, and enhancement update | |||
| CVE-2024-26693 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix a crash when we run out of stations A DoS tool that injects loads of authentication frames made our AP cr… | |||
| CVE-2024-26694 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix double-free bug The storage for the TLV PC register data wasn't done like all the other storage in the drv->fw… | |||
| CVE-2024-27056 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: ensure offloading TID queue exists The resume code path assumes that the TX queue for the offloading TID has … | |||
| CVE-2024-26610 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix a memory corruption iwl_fw_ini_trigger_tlv::data is a pointer to a __le32, which means that if we copy to iwl_… | |||
| CVE-2024-26779 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix race condition on enabling fast-xmit fast-xmit must only be enabled after the sta has been uploaded to the dr… | |||
| CVE-2024-26993 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: fs: sysfs: Fix reference leak in sysfs_break_active_protection() The sysfs_break_active_protection() routine has an obvious refer… | |||
| CVE-2024-26735 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix possible use-after-free and null-ptr-deref The pernet operations structure for the subsystem must be registered bef… | |||
| CVE-2024-26919 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: usb: ulpi: Fix debugfs directory leak The ULPI per-device debugfs root is named after the ulpi device's parent, but ulpi_unregist… | |||
| CVE-2024-36959 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map() If we fail to allocate propname buffer, we need to drop the referen… | |||
| CVE-2024-26642 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: disallow anonymous set with timeout flag Anonymous sets are never used with timeout from userspace, reject … | |||
| CVE-2024-35890 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: gro: fix ownership transfer If packets are GROed with fraglist they might be segmented later on and continue their journey in the… | |||
| CVE-2024-26673 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations - Disallow families other than NFPROTO_{IPV4,IPV… | |||
| CVE-2024-26804 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: ip_tunnel: prevent perpetual headroom growth syzkaller triggered following kasan splat: BUG: KASAN: use-after-free in __skb_… | |||
| CVE-2024-26643 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout While the rhashtable set gc runs asynchronously,… | |||
| CVE-2024-1062 | medium | — | 5.5 | 2y ago | Moderate: 389-ds:1.4 security update | |||
| CVE-2024-36008 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ipv4: check for NULL idev in ip_route_use_hint() syzbot was able to trigger a NULL deref in fib_validate_source() in an old tree … | |||
| CVE-2024-36007 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix warning during rehash As previously explained, the rehash delayed work migrates filters from one re… | |||
| CVE-2024-36004 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: i40e: Do not use WQ_MEM_RECLAIM flag for workqueue Issue reported by customer during SRIOV testing, call trace: When both i40e an… | |||
| CVE-2024-35997 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up The flag I2C_HID_READ_PENDING is used to serialize I2C operatio… | |||
| CVE-2024-35996 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: cpu: Re-enable CPU mitigations by default for !X86 architectures Rename x86's to CPU_MITIGATIONS, define it in generic code, and … | |||
| CVE-2024-35990 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: dma: xilinx_dpdma: Fix locking There are several places where either chan->lock or chan->vchan.lock was not held. Add appropriate… | |||
| CVE-2024-35988 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: riscv: Fix TASK_SIZE on 64-bit NOMMU On NOMMU, userspace memory can come from anywhere in physical RAM. The current definition of… | |||
| CVE-2024-35984 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: i2c: smbus: fix NULL function pointer dereference Baruch reported an OOPS when using the designware controller as target only. Ta… | |||
| CVE-2024-35982 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid infinite loop trying to resize local TT If the MTU of one of an attached interface becomes too small to transmi… | |||
| CVE-2024-35940 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: pstore/zone: Add a null pointer check to the psz_kmsg_read kasprintf() returns a pointer to dynamically allocated memory which ca… | |||
| CVE-2024-35936 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() The unhandled case in btrfs_relocate_sys_chunks() loop is a … | |||
| CVE-2024-35922 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: fbmon: prevent division by zero in fb_videomode_from_videomode() The expression htotal * vtotal can have a zero value on overflow… | |||
| CVE-2024-35915 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet syzbot reported the following uninit-value access issue [1][2]: nci_… | |||
| CVE-2024-35902 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/rds: fix possible cp null dereference cp might be null, calling cp->cp_conn would produce null dereference [Simon Horman add… | |||
| CVE-2024-35893 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/sched: act_skbmod: prevent kernel-infoleak syzbot found that tcf_skbmod_dump() was copying four bytes from kernel stack to us… | |||
| CVE-2024-35884 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: udp: do not accept non-tunnel GSO skbs landing in a tunnel When rx-udp-gro-forwarding is enabled UDP packets might be GROed when … | |||
| CVE-2024-35828 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() In the for statement of lbs_allocate_cmd_buffer(), if the allocati… | |||
| CVE-2024-35815 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion The first kiocb_set_cancel_fn() argument may point at a struct k… | |||
| CVE-2024-35813 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mmc: core: Avoid negative index with array access Commit 4d0c8d0aef63 ("mmc: core: Use mrq.sbc in close-ended ffu") assigns prev_… | |||
| CVE-2024-35811 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach This is the candidate patch of CVE-2023-47233 : https://nvd.nist.… | |||
| CVE-2024-35176 | medium | — | 5.5 | 2y ago | Moderate: ruby security update | |||
| CVE-2024-28182 | medium | — | 5.5 | 2y ago | Moderate: nghttp2 security update | |||
| CVE-2024-25742 | medium | — | 5.5 | 2y ago | Moderate: kernel security, bug fix, and enhancement update | |||
| CVE-2024-25743 | medium | — | 5.5 | 2y ago | Moderate: kernel security, bug fix, and enhancement update | |||
| CVE-2024-33948 | medium | 5.5 | 5.5 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pixel Industry TweetScroll Widget allows Stored XSS.This issue affects TweetScroll Widget: from n… | |||
| CVE-2024-25062 | medium | — | 5.5 | 2y ago | Moderate: libxml2 security update | |||
| CVE-2024-27078 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: media: v4l2-tpg: fix some memleaks in tpg_alloc In tpg_alloc, resources should be deallocated in each and every error-handling pa… | |||
| CVE-2024-27077 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity The entity->name (i.e. name) is allocated in v4l2_m2m_register_ent… | |||
| CVE-2024-27076 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak Free the memory allocated in v4l2_ctrl_handler_init on release. | |||
| CVE-2024-27072 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: media: usbtv: Remove useless locks in usbtv_video_free() Remove locks calls in usbtv_video_free() because are useless and may led… | |||
| CVE-2024-27059 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command The isd200 sub-driver in usb-storage uses the HEADS and SECTORS… | |||
| CVE-2024-27047 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: phy: fix phy_get_internal_delay accessing an empty array The phy_get_internal_delay function could try to access to an empty… | |||
| CVE-2024-1313 | medium | — | 5.5 | 2y ago | Moderate: grafana security update | |||
| CVE-2024-26671 | medium | — | 5.5 | 2y ago | Moderate: kernel security, bug fix, and enhancement update | |||
| CVE-2024-31081 | medium | — | 5.5 | 2y ago | Moderate: xorg-x11-server security update | |||
| CVE-2024-24785 | medium | — | 5.5 | 2y ago | Moderate: toolbox security update | |||
| CVE-2024-22365 | medium | 5.5 | 5.5 | 2y ago | Moderate: pam security update | |||
| CVE-2024-28757 | medium | — | 5.5 | 2y ago | libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate). | |||
| CVE-2024-24783 | medium | — | 5.5 | 2y ago | Moderate: skopeo security update | |||
| CVE-2024-31080 | medium | — | 5.5 | 2y ago | Moderate: xorg-x11-server security update | |||
| CVE-2024-31083 | medium | — | 5.5 | 2y ago | Moderate: xorg-x11-server security update | |||
| CVE-2024-1441 | medium | — | 5.5 | 2y ago | Moderate: libvirt security and bug fix update | |||
| CVE-2024-2307 | medium | — | 5.5 | 2y ago | Moderate: Image builder components bug fix, enhancement and security update | |||
| CVE-2024-24258 | medium | — | 5.5 | 2y ago | Moderate: freeglut security update | |||
| CVE-2024-24259 | medium | — | 5.5 | 2y ago | Moderate: freeglut security update | |||
| CVE-2024-25580 | medium | — | 5.5 | 2y ago | Moderate: qt5-qtbase security update | |||
| CVE-2024-28102 | medium | — | 5.5 | 2y ago | Moderate: python-jwcrypto security update | |||
| CVE-2024-0690 | medium | — | 5.5 | 2y ago | Moderate: ansible-core bug fix, enhancement, and security update | |||
| CVE-2024-2494 | medium | — | 5.5 | 2y ago | Moderate: libvirt security and bug fix update | |||
| CVE-2024-2496 | medium | — | 5.5 | 2y ago | Moderate: libvirt security update | |||
| CVE-2024-0409 | medium | — | 5.5 | 2y ago | Moderate: xorg-x11-server-Xwayland security update | |||
| CVE-2024-1481 | medium | — | 5.5 | 2y ago | Moderate: ipa security update | |||
| CVE-2024-22195 | medium | — | 5.5 | 2y ago | Moderate: fence-agents security and bug fix update | |||
| CVE-2024-0408 | medium | — | 5.5 | 2y ago | Moderate: xorg-x11-server-Xwayland security update | |||
| CVE-2024-26609 | medium | — | 5.5 | 2y ago | Moderate: kernel security, bug fix, and enhancement update | |||
| CVE-2024-26602 | medium | — | 5.5 | 2y ago | Moderate: kernel security, bug fix, and enhancement update | |||
| CVE-2024-0841 | medium | — | 5.5 | 2y ago | Moderate: kernel security, bug fix, and enhancement update | |||
| CVE-2024-0727 | medium | 5.5 | 5.5 | 2y ago | Low: openssl and openssl-fips-provider security update | |||
| CVE-2024-1048 | medium | — | 5.5 | 2y ago | Moderate: grub2 security update | |||
| CVE-2024-2357 | medium | — | 5.5 | 2y ago | The Libreswan Project was notified of an issue causing libreswan to restart under some IKEv2 retransmit scenarios when a connection is configured to use PreSharedKeys (authby=secret) and the connecti… | |||
| CVE-2024-21012 | medium | — | 5.5 | 2y ago | Moderate: java-17-openjdk security update | |||
| CVE-2024-31229 | medium | 5.5 | 5.5 | 2y ago | Server-Side Request Forgery (SSRF) vulnerability in Really Simple Plugins Really Simple SSL.This issue affects Really Simple SSL: from n/a through 7.2.3. | |||
| CVE-2024-21011 | medium | — | 5.5 | 2y ago | Moderate: java-17-openjdk security update | |||
| CVE-2024-21068 | medium | — | 5.5 | 2y ago | Moderate: java-17-openjdk security update | |||
| CVE-2024-28834 | medium | — | 5.5 | 2y ago | Moderate: gnutls security update | |||
| CVE-2024-28835 | medium | — | 5.5 | 2y ago | Moderate: gnutls security update | |||
| CVE-2024-27316 | medium | — | 5.5 | 2y ago | Moderate: mod_http2 security update | |||
| CVE-2024-21085 | medium | — | 5.5 | 2y ago | Moderate: java-11-openjdk security update | |||
| CVE-2024-26891 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Don't issue ATS Invalidation request when device is disconnected For those endpoint devices connect to system via hot… | |||
| CVE-2024-26877 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: crypto: xilinx - call finalize with bh disabled When calling crypto_finalize_request, BH should be disabled to avoid triggering t… | |||
| CVE-2024-26851 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_h323: Add protection for bmp length out of range UBSAN load reports an exception of BRK#5515 SHIFT_ISSUE:… | |||
| CVE-2024-26820 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed If hv_netvsc driver is unloaded and reloaded, the NET_DEVICE… |