VIR Vulnerability Intelligence Relay

CVEs from 2024

7,377 normalized CVEs published or assigned in this year.

Total
7,377
critical
critical 114
high
high 1,043
medium
medium 1,991
low
low 40
% Critical
1.5%
% with KEV
2.2%
% with exploit
2.2%

Top vendors

Top products

  • checkmk 10
  • office 8
  • profilegrid 8
  • office_long_term_servicing_channel 6
  • glibc 5
  • virtual_traffic_manager 5
  • element_pack 5
  • propertyhive 5

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2024-7264 high 8.0 1y ago Important: mysql security update redhatrockylinuxdebiansuse+1
CVE-2024-21212 high 8.0 1y ago Important: mysql security update redhatrockylinuxdebian
CVE-2024-11187 high 8.0 1y ago Important: bind security update redhatdebianrockylinuxsuse
CVE-2024-21198 high 8.0 1y ago Important: mysql security update redhatrockylinuxdebian
CVE-2024-21219 high 8.0 1y ago Important: mysql:8.0 security update redhatrockylinuxdebian
CVE-2024-21231 high 8.0 1y ago Important: mysql security update redhatrockylinuxdebian
CVE-2024-21237 high 8.0 1y ago Important: mysql:8.0 security update redhatrockylinuxdebian
CVE-2024-11053 high 8.0 1y ago Important: mysql security update redhatrockylinuxdebiansuse
CVE-2024-21238 high 8.0 1y ago Important: mysql security update redhatrockylinuxdebian
CVE-2024-21199 high 8.0 1y ago Important: mysql security update redhatrockylinuxdebian
CVE-2024-12797 high 8.0 1y ago Important: openssl security update redhatsuserockylinuxdebian+1
CVE-2024-11218 high 8.0 1y ago Important: buildah security update redhatrockylinuxdebiansuse+1
CVE-2024-52531 high 8.0 1y ago Important: libsoup security update redhatrockylinuxsusedebian
CVE-2024-46981 high 8.0 1y ago Important: redis:6 security update redhatrockylinuxsusedebian
CVE-2024-51741 high 8.0 1y ago Important: redis:7 security update redhatsuserockylinuxdebian
CVE-2024-53263 high 8.0 1y ago Important: git-lfs security update redhatrockylinuxdebiangolang
CVE-2024-12085 high 8.0 1y ago Important: rsync security update archredhatrockylinuxsuse+1
CVE-2024-57823 high 8.0 1y ago Important: raptor2 security update redhatrockylinuxsusedebian
CVE-2024-56326 high 8.0 1y ago Important: fence-agents security update redhatrockylinuxdebiansuse+1
CVE-2024-56201 high 8.0 1y ago Important: fence-agents security update redhatdebiansusepython
CVE-2024-11831 high 8.0 1y ago A flaw was found in npm-serialize-javascript. The vulnerability occurs because the serialize-javascript module does not properly sanitize certain inputs, such as regex or other JavaScript object type… redhatsusedebiannpm
CVE-2024-53580 high 8.0 1y ago Important: iperf3 security update redhatrockylinuxdebiansuse
CVE-2024-54505 high 8.0 1y ago Important: webkit2gtk3 security update redhatrockylinuxsusedebian
CVE-2024-54502 high 8.0 1y ago Important: webkit2gtk3 security update redhatrockylinuxsusedebian
CVE-2024-54479 high 8.0 1y ago Important: webkit2gtk3 security update redhatrockylinuxsusedebian
CVE-2024-54508 high 8.0 1y ago Important: webkit2gtk3 security update redhatrockylinuxsusedebian
CVE-2024-11614 high 8.0 1y ago Important: dpdk security update redhatrockylinuxdebiansuse
CVE-2024-53122 high 8.0 1y ago In the Linux kernel, the following vulnerability has been resolved: mptcp: cope racing subflow creation in mptcp_rcv_space_adjust Additional active subflows - i.e. created by the in kernel path man… redhatrockylinuxsusedebian
CVE-2024-50252 high 8.0 1y ago In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_ipip: Fix memory leak when changing remote IPv6 address The device stores IPv6 addresses that are used for encaps… redhatsusedebian
CVE-2024-50208 high 8.0 1y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages Avoid memory corruption while setting up Level-2 PBL pages for the non… redhatsusedebian
CVE-2024-46713 high 8.0 1y ago In the Linux kernel, the following vulnerability has been resolved: perf/aux: Fix AUX buffer serialization Ole reported that event->mmap_mutex is strictly insufficient to serialize the AUX buffer, … redhatsusedebian
CVE-2024-34156 high 8.0 2y ago Important: golang security update redhatrockylinuxdebiansuse+1
CVE-2024-8508 high 8.0 2y ago Important: unbound security update redhatrockylinuxsusedebian
CVE-2024-47539 high 8.0 2y ago Important: gstreamer1-plugins-good security update redhatrockylinuxdebiansuse
CVE-2024-47537 high 8.0 2y ago Important: gstreamer1-plugins-good security update redhatrockylinuxdebiansuse
CVE-2024-47615 high 8.0 2y ago Important: gstreamer1-plugins-base security update redhatrockylinuxdebiansuse
CVE-2024-47607 high 8.0 2y ago Important: gstreamer1-plugins-base security update redhatrockylinuxdebiansuse
CVE-2024-47540 high 8.0 2y ago Important: gstreamer1-plugins-good security update redhatrockylinuxdebiansuse
CVE-2024-47538 high 8.0 2y ago Important: gstreamer1-plugins-base security update redhatrockylinuxdebiansuse
CVE-2024-47613 high 8.0 2y ago Important: gstreamer1-plugins-good security update redhatrockylinuxdebiansuse
CVE-2024-47606 high 8.0 2y ago Important: gstreamer1-plugins-good security update redhatrockylinuxdebiansuse
CVE-2024-12254 high 8.0 2y ago Important: python3.12 security update redhatrockylinuxsusedebian
CVE-2024-9287 high 8.0 2y ago Important: python39:3.9 security update rockylinuxredhatsusedebian
CVE-2024-31228 high 8.0 2y ago Important: redis:6 security update redhatrockylinuxsusedebian
CVE-2024-31449 high 8.0 2y ago Important: redis:6 security update redhatrockylinuxsusedebian
CVE-2024-10978 high 8.0 2y ago Important: postgresql security update redhatrockylinuxsusedebian
CVE-2024-10979 high 8.0 2y ago Important: postgresql security update redhatrockylinuxsusedebian
CVE-2024-10976 high 8.0 2y ago Important: postgresql security update redhatrockylinuxsusedebian
CVE-2024-11699 high 8.0 2y ago Important: thunderbird security update redhatrockylinuxdebiansuse
CVE-2024-11696 high 8.0 2y ago Important: thunderbird security update redhatrockylinuxdebiansuse
CVE-2024-52804 high 8.0 2y ago Important: python-tornado security update redhatrockylinuxsusedebian+1
CVE-2024-11159 high 8.0 2y ago Important: thunderbird security update redhatrockylinuxsusedebian
CVE-2024-11697 high 8.0 2y ago Important: thunderbird security update redhatrockylinuxdebiansuse
CVE-2024-11695 high 8.0 2y ago Important: thunderbird security update redhatrockylinuxdebiansuse
CVE-2024-11692 high 8.0 2y ago Important: thunderbird security update redhatrockylinuxdebiansuse
CVE-2024-11694 high 8.0 2y ago Important: thunderbird security update redhatrockylinuxdebiansuse
CVE-2024-52337 high 8.0 2y ago Important: tuned security update redhatrockylinuxsusedebian
CVE-2024-52336 high 8.0 2y ago Important: tuned security update redhatsuserockylinuxdebian
CVE-2024-10963 high 8.0 2y ago Important: pam security update redhatrockylinuxsusedebian
CVE-2024-53899 high 8.0 2y ago Important: python36:3.6 security update rockylinuxsusedebianpython
CVE-2024-45802 high 8.0 2y ago Important: squid:4 security update redhatrockylinuxsusedebian
CVE-2024-9050 high 8.0 2y ago Important: NetworkManager-libreswan security update redhatrockylinux
CVE-2024-52532 high 8.0 2y ago Important: libsoup security update redhatrockylinuxsusedebian
CVE-2024-44296 high 8.0 2y ago Important: webkit2gtk3 security update rockylinuxsusedebian
CVE-2024-43498 high 8.0 2y ago Important: .NET 9.0 security update redhatnuget
CVE-2024-44244 high 8.0 2y ago Important: webkit2gtk3 security update redhatrockylinuxsusedebian
CVE-2024-43499 high 8.0 2y ago Important: .NET 9.0 security update redhatnuget
CVE-2024-52530 high 8.0 2y ago Important: libsoup security update redhatrockylinuxsusedebian
CVE-2024-36920 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Avoid memcpy field-spanning write WARNING When the "storcli2 show" command is executed for eHBA-9600, mpi3mr driver… redhatrockylinuxsusedebian+1
CVE-2024-35938 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: decrease MHI channel buffer length to 8KB Currently buf_len field of ath11k_mhi_config_qca6390 is assigned with 0, … redhatrockylinuxsusedebian+1
CVE-2024-26840 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix memory leak in cachefiles_add_cache() The following memory leak was reported after unbinding /dev/cachefiles: ==… redhatrockylinuxsusedebian+1
CVE-2024-35947 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: dyndbg: fix old BUG_ON in >control parser Fix a BUG_ON from 2009. Even if it looks "unreachable" (I didn't really look), lets ma… redhatrockylinuxsusedebian+1
CVE-2024-36010 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: igb: Fix string truncation warnings in igb_set_fw_version Commit 1978d3ead82c ("intel: fix string truncation warnings") fixes '-W… redhatrockylinuxsusedebian+1
CVE-2024-26660 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Implement bounds check for stream encoder creation in DCN301 'stream_enc_regs' array is an array of dcn10_stream… redhatrockylinuxsusedebian+1
CVE-2024-26772 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() Places the logic for checking if the group's block b… redhatrockylinuxsusedebian+1
CVE-2024-36960 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix invalid reads in fence signaled events Correctly set the length of the drm_event to the size of the structure tha… redhatrockylinuxsusedebian+1
CVE-2024-26759 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: mm/swap: fix race when skipping swapcache When skipping swapcache for SWP_SYNCHRONOUS_IO, if two or more threads swapin the same … redhatrockylinuxsusedebian+1
CVE-2024-36901 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6_output() According to syzbot, there is a chance that ip6_dst_idev() returns NULL in ip6_out… redhatrockylinuxsusedebian+1
CVE-2024-38627 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: stm class: Fix a double free in stm_register_device() The put_device(&stm->dev) call will trigger stm_device_release() which free… redhatrockylinuxsusedebian+1
CVE-2024-26837 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net: bridge: switchdev: Skip MDB replays of deferred events on offload Before this change, generation of the list of MDB events t… redhatrockylinuxsusedebian+1
CVE-2024-39471 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add error handle to avoid out-of-bounds if the sdma_v4_0_irq_id_to_seq return -EINVAL, the process should be stop to … redhatrockylinuxsusedebian+1
CVE-2024-41056 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files Use strnlen() instead of strlen() on the algorithm and coefficien… redhatrockylinuxsusedebian+1
CVE-2024-26704 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix double-free of blocks due to wrong extents moved_len In ext4_move_extents(), moved_len is only updated when all moves a… redhatrockylinuxsusedebian+1
CVE-2024-26843 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: efi: runtime: Fix potential overflow of soft-reserved region size md_size will have been narrowed if we have >= 4GB worth of page… redhatrockylinuxsusedebian+1
CVE-2024-35946 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix null pointer access when abort scan During cancel scan we might use vif that weren't scanning. Fix this by using… redhatrockylinuxsusedebian+1
CVE-2024-36933 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: nsh: Restore skb->{protocol,data,mac_header} for outer header in nsh_gso_segment(). syzbot triggered various splats (see [0] and … redhatrockylinuxsusedebian+1
CVE-2024-36896 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix access violation during port device removal Testing with KASAN and syzkaller revealed a bug in port.c:disable_stor… redhatrockylinuxsusedebian+1
CVE-2024-26717 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid-of: fix NULL-deref on failed power up A while back the I2C HID implementation was split in an ACPI and OF part, but … redhatrockylinuxsusedebian+1
CVE-2024-35959 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix mlx5e_priv_init() cleanup flow When mlx5e_priv_init() fails, the cleanup flow calls mlx5e_selq_cleanup which calls… redhatrockylinuxsusedebian+1
CVE-2024-41065 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Whitelist dtl slub object for copying to userspace Reading the dispatch trace log from /sys/kernel/debug/powerpc… redhatrockylinuxsusedebian+1
CVE-2024-27410 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: reject iftype change with mesh ID change It's currently possible to change the mesh ID when the interface isn't ye… redhatrockylinuxsusedebian+1
CVE-2024-26638 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: nbd: always initialize struct msghdr completely syzbot complains that msg->msg_get_inq value can be uninitialized [1] struct msg… redhatrockylinuxsusedebian+1
CVE-2024-41007 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: tcp: avoid too many retransmit packets If a TCP socket is using TCP_USER_TIMEOUT, and the other peer retracted its window to zero… redhatrockylinuxsusedebian+1
CVE-2024-40989 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Disassociate vcpus from redistributor region on teardown When tearing down a redistributor region, make sure we don't… redhatrockylinuxsusedebian+1
CVE-2024-31076 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline The absence of IRQD_MOVE_PCNTXT prevents immediate effectiv… redhatrockylinuxsusedebian+1
CVE-2024-42124 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Make qedf_execute_tmf() non-preemptible Stop calling smp_processor_id() from preemptible code in qedf_execute_tmf90. … redhatrockylinuxsusedebian+1
CVE-2024-35847 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Prevent double free on error The error handling path in its_vpe_irq_domain_alloc() causes a double free when … redhatrockylinuxsusedebian+1
CVE-2024-26940 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed The driver creates /sys/kernel/debug/dri/0/mob_ttm even when… redhatrockylinuxsusedebian+1
CVE-2024-26614 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: tcp: make sure init the accept_queue's spinlocks once When I run syz's reproduction C program locally, it causes the following is… redhatrockylinuxsusedebian+1
CVE-2024-26686 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: fs/proc: do_task_stat: use sig->stats_lock to gather the threads/children stats lock_task_sighand() can trigger a hard lockup. I… redhatrockylinuxsusedebian+1