CVEs from 2024
Total
6,995
critical
critical 121
high
high 1,015
medium
medium 2,011
low
low 42
% Critical
1.7%
% with KEV
2.3%
% with exploit
2.8%
Top products
- surveillance_station 12
- checkmk 10
- profilegrid 8
- office 8
- office_long_term_servicing_channel 6
- glibc 5
- virtual_traffic_manager 5
- element_pack 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-21193 | high | — | 8.0 | 1y ago | Important: mysql:8.0 security update | |||
| CVE-2024-21219 | high | — | 8.0 | 1y ago | Important: mysql:8.0 security update | |||
| CVE-2024-21213 | high | — | 8.0 | 1y ago | Important: mysql:8.0 security update | |||
| CVE-2024-21230 | high | — | 8.0 | 1y ago | Important: mysql:8.0 security update | |||
| CVE-2024-21203 | high | — | 8.0 | 1y ago | Important: mysql:8.0 security update | |||
| CVE-2024-21231 | high | — | 8.0 | 1y ago | Important: mysql:8.0 security update | |||
| CVE-2024-11053 | high | — | 8.0 | 1y ago | Important: mysql:8.0 security update | |||
| CVE-2024-21199 | high | — | 8.0 | 1y ago | Important: mysql:8.0 security update | |||
| CVE-2024-21241 | high | — | 8.0 | 1y ago | Important: mysql:8.0 security update | |||
| CVE-2024-21238 | high | — | 8.0 | 1y ago | Important: mysql:8.0 security update | |||
| CVE-2024-21236 | high | — | 8.0 | 1y ago | Important: mysql:8.0 security update | |||
| CVE-2024-21237 | high | — | 8.0 | 1y ago | Important: mysql:8.0 security update | |||
| CVE-2024-21239 | high | — | 8.0 | 1y ago | Important: mysql:8.0 security update | |||
| CVE-2024-11187 | high | — | 8.0 | 1y ago | Important: bind security update | |||
| CVE-2024-21218 | high | — | 8.0 | 1y ago | Important: mysql:8.0 security update | |||
| CVE-2024-21194 | high | — | 8.0 | 1y ago | Important: mysql:8.0 security update | |||
| CVE-2024-7264 | high | — | 8.0 | 1y ago | Important: mysql:8.0 security update | |||
| CVE-2024-12797 | high | — | 8.0 | 1y ago | Important: openssl security update | |||
| CVE-2024-11218 | high | — | 8.0 | 1y ago | Important: podman security update | |||
| CVE-2024-52531 | high | — | 8.0 | 1y ago | Important: libsoup security update | |||
| CVE-2024-51741 | high | — | 8.0 | 1y ago | Important: redis:7 security update | |||
| CVE-2024-46981 | high | — | 8.0 | 1y ago | Important: redis:6 security update | |||
| CVE-2024-53263 | high | — | 8.0 | 1y ago | Important: git-lfs security update | |||
| CVE-2024-12085 | high | — | 8.0 | 1y ago | Important: rsync security update | |||
| CVE-2024-56326 | high | — | 8.0 | 1y ago | Important: fence-agents security update | |||
| CVE-2024-57823 | high | — | 8.0 | 1y ago | Important: raptor2 security update | |||
| CVE-2024-56201 | high | — | 8.0 | 1y ago | Important: fence-agents security update | |||
| CVE-2024-11831 | high | — | 8.0 | 1y ago | A flaw was found in npm-serialize-javascript. The vulnerability occurs because the serialize-javascript module does not properly sanitize certain inputs, such as regex or other JavaScript object type… | |||
| CVE-2024-54479 | high | — | 8.0 | 1y ago | Important: webkit2gtk3 security update | |||
| CVE-2024-54502 | high | — | 8.0 | 1y ago | Important: webkit2gtk3 security update | |||
| CVE-2024-11614 | high | — | 8.0 | 1y ago | Important: dpdk security update | |||
| CVE-2024-54505 | high | — | 8.0 | 1y ago | Important: webkit2gtk3 security update | |||
| CVE-2024-53580 | high | — | 8.0 | 1y ago | Important: iperf3 security update | |||
| CVE-2024-53122 | high | — | 8.0 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: mptcp: cope racing subflow creation in mptcp_rcv_space_adjust Additional active subflows - i.e. created by the in kernel path man… | |||
| CVE-2024-46713 | high | — | 8.0 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: perf/aux: Fix AUX buffer serialization Ole reported that event->mmap_mutex is strictly insufficient to serialize the AUX buffer, … | |||
| CVE-2024-50252 | high | — | 8.0 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_ipip: Fix memory leak when changing remote IPv6 address The device stores IPv6 addresses that are used for encaps… | |||
| CVE-2024-50208 | high | — | 8.0 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages Avoid memory corruption while setting up Level-2 PBL pages for the non… | |||
| CVE-2024-8508 | high | — | 8.0 | 2y ago | Important: unbound security update | |||
| CVE-2024-34156 | high | — | 8.0 | 2y ago | Important: buildah security update | |||
| CVE-2024-47537 | high | — | 8.0 | 2y ago | Important: gstreamer1-plugins-good security update | |||
| CVE-2024-47615 | high | — | 8.0 | 2y ago | Important: gstreamer1-plugins-base security update | |||
| CVE-2024-47607 | high | — | 8.0 | 2y ago | Important: gstreamer1-plugins-base security update | |||
| CVE-2024-47606 | high | — | 8.0 | 2y ago | Important: gstreamer1-plugins-good security update | |||
| CVE-2024-47539 | high | — | 8.0 | 2y ago | Important: gstreamer1-plugins-good security update | |||
| CVE-2024-47538 | high | — | 8.0 | 2y ago | Important: gstreamer1-plugins-base security update | |||
| CVE-2024-47613 | high | — | 8.0 | 2y ago | Important: gstreamer1-plugins-good security update | |||
| CVE-2024-47540 | high | — | 8.0 | 2y ago | Important: gstreamer1-plugins-good security update | |||
| CVE-2024-12254 | high | — | 8.0 | 2y ago | Important: python3.12 security update | |||
| CVE-2024-10978 | high | — | 8.0 | 2y ago | Important: postgresql:16 security update | |||
| CVE-2024-10979 | high | — | 8.0 | 2y ago | Important: postgresql:16 security update | |||
| CVE-2024-10976 | high | — | 8.0 | 2y ago | Important: postgresql:16 security update | |||
| CVE-2024-11696 | high | — | 8.0 | 2y ago | Important: thunderbird security update | |||
| CVE-2024-11694 | high | — | 8.0 | 2y ago | Important: thunderbird security update | |||
| CVE-2024-11697 | high | — | 8.0 | 2y ago | Important: thunderbird security update | |||
| CVE-2024-11159 | high | — | 8.0 | 2y ago | Important: thunderbird security update | |||
| CVE-2024-11699 | high | — | 8.0 | 2y ago | Important: thunderbird security update | |||
| CVE-2024-11692 | high | — | 8.0 | 2y ago | Important: thunderbird security update | |||
| CVE-2024-11695 | high | — | 8.0 | 2y ago | Important: thunderbird security update | |||
| CVE-2024-52804 | high | — | 8.0 | 2y ago | Important: pcs security update | |||
| CVE-2024-52336 | high | — | 8.0 | 2y ago | Important: tuned security update | |||
| CVE-2024-52337 | high | — | 8.0 | 2y ago | Important: tuned security update | |||
| CVE-2024-10963 | high | — | 8.0 | 2y ago | Important: pam:1.5.1 security update | |||
| CVE-2024-53899 | high | — | 8.0 | 2y ago | Important: python36:3.6 security update | |||
| CVE-2024-45802 | high | — | 8.0 | 2y ago | Important: squid security update | |||
| CVE-2024-43499 | high | — | 8.0 | 2y ago | Important: .NET 9.0 security update | |||
| CVE-2024-43498 | high | — | 8.0 | 2y ago | Important: .NET 9.0 security update | |||
| CVE-2024-9050 | high | — | 8.0 | 2y ago | Important: NetworkManager-libreswan security update | |||
| CVE-2024-52532 | high | — | 8.0 | 2y ago | Important: libsoup security update | |||
| CVE-2024-52530 | high | — | 8.0 | 2y ago | Important: libsoup security update | |||
| CVE-2024-44244 | high | — | 8.0 | 2y ago | Important: webkit2gtk3 security update | |||
| CVE-2024-44296 | high | — | 8.0 | 2y ago | Important: webkit2gtk3 security update | |||
| CVE-2024-26740 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/sched: act_mirred: use the backlog for mirred ingress The test Davide added in commit ca22da2fbd69 ("act_mirred: use the back… | |||
| CVE-2024-38581 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/mes: fix use-after-free issue Delete fence fallback timer to fix the ramdom use-after-free issue. v2: move to amdgpu_… | |||
| CVE-2024-40906 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Always stop health timer during driver removal Currently, if teardown_hca fails to execute during driver removal, mlx5 … | |||
| CVE-2024-26717 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid-of: fix NULL-deref on failed power up A while back the I2C HID implementation was split in an ACPI and OF part, but … | |||
| CVE-2024-27410 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: reject iftype change with mesh ID change It's currently possible to change the mesh ID when the interface isn't ye… | |||
| CVE-2024-36945 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/smc: fix neighbour and rtable leak in smc_ib_find_route() In smc_ib_find_route(), the neighbour found by neigh_lookup() and r… | |||
| CVE-2024-36927 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix uninit-value access in __ip_make_skb() KMSAN reported uninit-value access in __ip_make_skb() [1]. __ip_make_skb() test… | |||
| CVE-2024-26940 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed The driver creates /sys/kernel/debug/dri/0/mob_ttm even when… | |||
| CVE-2024-36933 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: nsh: Restore skb->{protocol,data,mac_header} for outer header in nsh_gso_segment(). syzbot triggered various splats (see [0] and … | |||
| CVE-2024-39276 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find() Syzbot reports a warning as follows: =================… | |||
| CVE-2024-26939 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/i915/vma: Fix UAF on destroy against retire race Object debugging tools were sporadically reporting illegal attempts to free … | |||
| CVE-2024-42226 | high | — | 8.0 | 2y ago | Important: kernel security update | |||
| CVE-2024-36010 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: igb: Fix string truncation warnings in igb_set_fw_version Commit 1978d3ead82c ("intel: fix string truncation warnings") fixes '-W… | |||
| CVE-2024-27042 | high | — | 8.0 | 2y ago | Important: kernel security update | |||
| CVE-2024-35938 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: decrease MHI channel buffer length to 8KB Currently buf_len field of ath11k_mhi_config_qca6390 is assigned with 0, … | |||
| CVE-2024-35838 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix potential sta-link leak When a station is allocated, links are added but not set to valid yet (e.g. during co… | |||
| CVE-2024-38555 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Discard command completions in internal error Fix use after free when FW completion arrives while device is in internal… | |||
| CVE-2024-26733 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: arp: Prevent overflow in arp_req_get(). syzkaller reported an overflown write in arp_req_get(). [0] When ioctl(SIOCGARP) is issu… | |||
| CVE-2024-35824 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: misc: lis3lv02d_i2c: Fix regulators getting en-/dis-abled twice on suspend/resume When not configured for wakeup lis3lv02d_i2c_su… | |||
| CVE-2024-35835 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix a double-free in arfs_create_groups When `in` allocated by kvzalloc fails, arfs_create_groups will free ft->g and … | |||
| CVE-2024-35814 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: swiotlb: Fix double-allocation of slots due to broken alignment handling Commit bbb73a103fbb ("swiotlb: fix a braino in the align… | |||
| CVE-2024-26846 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: nvme-fc: do not wait in vain when unloading module The module exit path has race between deleting all controllers and freeing 'le… | |||
| CVE-2024-26686 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: fs/proc: do_task_stat: use sig->stats_lock to gather the threads/children stats lock_task_sighand() can trigger a hard lockup. I… | |||
| CVE-2024-26840 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix memory leak in cachefiles_add_cache() The following memory leak was reported after unbinding /dev/cachefiles: ==… | |||
| CVE-2024-40901 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory There is a potential out-of-bounds access when using test_b… | |||
| CVE-2024-38627 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: stm class: Fix a double free in stm_register_device() The put_device(&stm->dev) call will trigger stm_device_release() which free… | |||
| CVE-2024-26656 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix use-after-free bug The bug can be triggered by sending a single amdgpu_gem_userptr_ioctl to the AMDGPU DRM driver… | |||
| CVE-2024-40989 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Disassociate vcpus from redistributor region on teardown When tearing down a redistributor region, make sure we don't… | |||
| CVE-2024-35810 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix the lifetime of the bo cursor memory The cleanup can be dispatched while the atomic update is still active, which… |