VIR Vulnerability Intelligence Relay

CVEs from 2024

7,195 normalized CVEs published or assigned in this year.

Total
7,195
critical
critical 114
high
high 1,044
medium
medium 1,991
low
low 40
% Critical
1.6%
% with KEV
2.3%
% with exploit
2.3%

Top vendors

Top products

  • checkmk 10
  • office 8
  • profilegrid 8
  • office_long_term_servicing_channel 6
  • glibc 5
  • virtual_traffic_manager 5
  • element_pack 5
  • propertyhive 5

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2024-11187 high 8.0 1y ago Important: bind security update redhatdebianrockylinuxsuse
CVE-2024-21193 high 8.0 1y ago Important: mysql security update redhatrockylinuxdebian
CVE-2024-21230 high 8.0 1y ago Important: mysql:8.0 security update redhatrockylinuxdebian
CVE-2024-21194 high 8.0 1y ago Important: mysql security update redhatrockylinuxdebian
CVE-2024-21237 high 8.0 1y ago Important: mysql:8.0 security update redhatrockylinuxdebian
CVE-2024-21231 high 8.0 1y ago Important: mysql security update redhatrockylinuxdebian
CVE-2024-21197 high 8.0 1y ago Important: mysql security update redhatrockylinuxdebian
CVE-2024-21219 high 8.0 1y ago Important: mysql:8.0 security update redhatrockylinuxdebian
CVE-2024-21236 high 8.0 1y ago Important: mysql security update redhatrockylinuxdebian
CVE-2024-12705 high 8.0 1y ago Important: bind9.18 security update redhatdebiansuserockylinux
CVE-2024-12797 high 8.0 1y ago Important: openssl security update redhatsuserockylinuxdebian+1
CVE-2024-11218 high 8.0 1y ago Important: buildah security update redhatrockylinuxdebiansuse+1
CVE-2024-52531 high 8.0 1y ago Important: libsoup security update redhatrockylinuxsusedebian
CVE-2024-46981 high 8.0 1y ago Important: redis:6 security update redhatrockylinuxsusedebian
CVE-2024-51741 high 8.0 1y ago Important: redis:7 security update redhatsuserockylinuxdebian
CVE-2024-53263 high 8.0 1y ago Important: git-lfs security update redhatrockylinuxdebiangolang
CVE-2024-12085 high 8.0 1y ago Important: rsync security update archredhatrockylinuxsuse+1
CVE-2024-56201 high 8.0 1y ago Important: fence-agents security update redhatdebiansusepython
CVE-2024-56326 high 8.0 1y ago Important: fence-agents security update redhatrockylinuxdebiansuse+1
CVE-2024-11831 high 8.0 1y ago A flaw was found in npm-serialize-javascript. The vulnerability occurs because the serialize-javascript module does not properly sanitize certain inputs, such as regex or other JavaScript object type… redhatsusedebiannpm
CVE-2024-57823 high 8.0 1y ago Important: raptor2 security update redhatrockylinuxsusedebian
CVE-2024-54479 high 8.0 1y ago Important: webkit2gtk3 security update redhatrockylinuxsusedebian
CVE-2024-53580 high 8.0 1y ago Important: iperf3 security update redhatrockylinuxdebiansuse
CVE-2024-54505 high 8.0 1y ago Important: webkit2gtk3 security update redhatrockylinuxsusedebian
CVE-2024-11614 high 8.0 1y ago Important: dpdk security update redhatrockylinuxdebiansuse
CVE-2024-54502 high 8.0 1y ago Important: webkit2gtk3 security update redhatrockylinuxsusedebian
CVE-2024-54508 high 8.0 1y ago Important: webkit2gtk3 security update redhatrockylinuxsusedebian
CVE-2024-50208 high 8.0 1y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages Avoid memory corruption while setting up Level-2 PBL pages for the non… redhatsusedebian
CVE-2024-46713 high 8.0 1y ago In the Linux kernel, the following vulnerability has been resolved: perf/aux: Fix AUX buffer serialization Ole reported that event->mmap_mutex is strictly insufficient to serialize the AUX buffer, … redhatsusedebian
CVE-2024-50252 high 8.0 1y ago In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_ipip: Fix memory leak when changing remote IPv6 address The device stores IPv6 addresses that are used for encaps… redhatsusedebian
CVE-2024-53122 high 8.0 1y ago In the Linux kernel, the following vulnerability has been resolved: mptcp: cope racing subflow creation in mptcp_rcv_space_adjust Additional active subflows - i.e. created by the in kernel path man… redhatrockylinuxsusedebian
CVE-2024-34156 high 8.0 2y ago Important: golang security update redhatrockylinuxdebiansuse+1
CVE-2024-8508 high 8.0 2y ago Important: unbound security update redhatrockylinuxsusedebian
CVE-2024-47539 high 8.0 2y ago Important: gstreamer1-plugins-good security update redhatrockylinuxdebiansuse
CVE-2024-47537 high 8.0 2y ago Important: gstreamer1-plugins-good security update redhatrockylinuxdebiansuse
CVE-2024-47606 high 8.0 2y ago Important: gstreamer1-plugins-good security update redhatrockylinuxdebiansuse
CVE-2024-47538 high 8.0 2y ago Important: gstreamer1-plugins-base security update redhatrockylinuxdebiansuse
CVE-2024-47540 high 8.0 2y ago Important: gstreamer1-plugins-good security update redhatrockylinuxdebiansuse
CVE-2024-47613 high 8.0 2y ago Important: gstreamer1-plugins-good security update redhatrockylinuxdebiansuse
CVE-2024-47615 high 8.0 2y ago Important: gstreamer1-plugins-base security update redhatrockylinuxdebiansuse
CVE-2024-47607 high 8.0 2y ago Important: gstreamer1-plugins-base security update redhatrockylinuxdebiansuse
CVE-2024-12254 high 8.0 2y ago Important: python3.12 security update redhatrockylinuxsusedebian
CVE-2024-9287 high 8.0 2y ago Important: python39:3.9 security update rockylinuxredhatsusedebian
CVE-2024-31228 high 8.0 2y ago Important: redis:6 security update redhatrockylinuxsusedebian
CVE-2024-31449 high 8.0 2y ago Important: redis:6 security update redhatrockylinuxsusedebian
CVE-2024-10978 high 8.0 2y ago Important: postgresql security update redhatrockylinuxsusedebian
CVE-2024-10976 high 8.0 2y ago Important: postgresql security update redhatrockylinuxsusedebian
CVE-2024-10979 high 8.0 2y ago Important: postgresql security update redhatrockylinuxsusedebian
CVE-2024-11699 high 8.0 2y ago Important: thunderbird security update redhatrockylinuxdebiansuse
CVE-2024-52804 high 8.0 2y ago Important: python-tornado security update redhatrockylinuxsusedebian+1
CVE-2024-11694 high 8.0 2y ago Important: thunderbird security update redhatrockylinuxdebiansuse
CVE-2024-11697 high 8.0 2y ago Important: thunderbird security update redhatrockylinuxdebiansuse
CVE-2024-11159 high 8.0 2y ago Important: thunderbird security update redhatrockylinuxsusedebian
CVE-2024-11696 high 8.0 2y ago Important: thunderbird security update redhatrockylinuxdebiansuse
CVE-2024-11692 high 8.0 2y ago Important: thunderbird security update redhatrockylinuxdebiansuse
CVE-2024-11695 high 8.0 2y ago Important: thunderbird security update redhatrockylinuxdebiansuse
CVE-2024-52336 high 8.0 2y ago Important: tuned security update redhatsuserockylinuxdebian
CVE-2024-52337 high 8.0 2y ago Important: tuned security update redhatrockylinuxsusedebian
CVE-2024-10963 high 8.0 2y ago Important: pam security update redhatrockylinuxsusedebian
CVE-2024-53899 high 8.0 2y ago Important: python36:3.6 security update rockylinuxsusedebianpython
CVE-2024-45802 high 8.0 2y ago Important: squid:4 security update redhatrockylinuxsusedebian
CVE-2024-52532 high 8.0 2y ago Important: libsoup security update redhatrockylinuxsusedebian
CVE-2024-44244 high 8.0 2y ago Important: webkit2gtk3 security update redhatrockylinuxsusedebian
CVE-2024-43498 high 8.0 2y ago Important: .NET 9.0 security update redhatnuget
CVE-2024-52530 high 8.0 2y ago Important: libsoup security update redhatrockylinuxsusedebian
CVE-2024-44296 high 8.0 2y ago Important: webkit2gtk3 security update rockylinuxsusedebian
CVE-2024-43499 high 8.0 2y ago Important: .NET 9.0 security update redhatnuget
CVE-2024-9050 high 8.0 2y ago Important: NetworkManager-libreswan security update redhatrockylinux
CVE-2024-26840 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix memory leak in cachefiles_add_cache() The following memory leak was reported after unbinding /dev/cachefiles: ==… redhatrockylinuxsusedebian+1
CVE-2024-42240 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: x86/bhi: Avoid warning in #DB handler due to BHI mitigation When BHI mitigation is enabled, if SYSENTER is invoked with the TF fl… redhatrockylinuxsusedebian+1
CVE-2024-42084 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ftruncate: pass a signed offset The old ftruncate() syscall, using the 32-bit off_t misses a sign extension when called in compat… redhatrockylinuxsusedebian+1
CVE-2024-26645 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: tracing: Ensure visibility when inserting an element into tracing_map Running the following two commands in parallel on a multi-p… redhatrockylinuxsusedebian+1
CVE-2024-40988 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/radeon: fix UBSAN warning in kv_dpm.c Adds bounds check for sumo_vid_mapping_entry. redhatrockylinuxsusedebian+1
CVE-2024-42237 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Validate payload length before processing block Move the payload length check in cs_dsp_load() and cs_dsp_coeff… redhatrockylinuxsusedebian+1
CVE-2024-26660 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Implement bounds check for stream encoder creation in DCN301 'stream_enc_regs' array is an array of dcn10_stream… redhatrockylinuxsusedebian+1
CVE-2024-26669 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net/sched: flower: Fix chain template offload When a qdisc is deleted from a net device the stack instructs the underlying driver… redhatrockylinuxsusedebian+1
CVE-2024-26638 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: nbd: always initialize struct msghdr completely syzbot complains that msg->msg_get_inq value can be uninitialized [1] struct msg… redhatrockylinuxsusedebian+1
CVE-2024-41038 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Prevent buffer overrun when processing V2 alg headers Check that all fields of a V2 algorithm header fit into t… redhatrockylinuxsusedebian+1
CVE-2024-35924 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Limit read size on v1.2 Between UCSI 1.2 and UCSI 2.0, the size of the MESSAGE_IN region was increased from 16 … redhatrockylinuxsusedebian+1
CVE-2024-41060 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/radeon: check bo_va->bo is non-NULL before using it The call to radeon_vm_clear_freed might clear bo_va->bo, so we have to ch… redhatrockylinuxsusedebian+1
CVE-2024-44970 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink When all the strides in a WQE have been consumed, the WQE is unlinked from t… redhatrockylinuxsusedebian
CVE-2024-42154 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: tcp_metrics: validate source addr length I don't see anything checking that TCP_METRICS_ATTR_SADDR_IPV4 is at least 4 bytes long,… redhatrockylinuxsusedebian+1
CVE-2024-41065 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Whitelist dtl slub object for copying to userspace Reading the dispatch trace log from /sys/kernel/debug/powerpc… redhatrockylinuxsusedebian+1
CVE-2024-42238 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Return error if block header overflows file Return an error from cs_dsp_power_up() if a block header is longer … redhatrockylinuxsusedebian+1
CVE-2024-42226 high 8.0 2y ago Important: kernel security update redhatrockylinuxsusealmalinux
CVE-2024-35810 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix the lifetime of the bo cursor memory The cleanup can be dispatched while the atomic update is still active, which… redhatrockylinuxsusedebian+1
CVE-2024-36917 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: block: fix overflow in blk_ioctl_discard() There is no check for overflow of 'start + len' in blk_ioctl_discard(). Hung task occu… redhatrockylinuxsusedebian+1
CVE-2024-39499 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: vmci: prevent speculation leaks by sanitizing event in event_deliver() Coverity spotted that event_msg is controlled by user-spac… redhatrockylinuxsusedebian+1
CVE-2024-42228 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc Initialize the size before calling amdgpu_vce_cs_rel… redhatrockylinuxsusedebian+1
CVE-2024-41007 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: tcp: avoid too many retransmit packets If a TCP socket is using TCP_USER_TIMEOUT, and the other peer retracted its window to zero… redhatrockylinuxsusedebian+1
CVE-2024-40989 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Disassociate vcpus from redistributor region on teardown When tearing down a redistributor region, make sure we don't… redhatrockylinuxsusedebian+1
CVE-2024-35854 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash The rehash delayed work migrates filters from one region to a… redhatrockylinuxsusedebian+1
CVE-2024-36901 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6_output() According to syzbot, there is a chance that ip6_dst_idev() returns NULL in ip6_out… redhatrockylinuxsusedebian+1
CVE-2024-38581 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/mes: fix use-after-free issue Delete fence fallback timer to fix the ramdom use-after-free issue. v2: move to amdgpu_… redhatrockylinuxsusedebian+1
CVE-2024-36896 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix access violation during port device removal Testing with KASAN and syzkaller revealed a bug in port.c:disable_stor… redhatrockylinuxsusedebian+1
CVE-2024-35824 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: misc: lis3lv02d_i2c: Fix regulators getting en-/dis-abled twice on suspend/resume When not configured for wakeup lis3lv02d_i2c_su… redhatrockylinuxsusedebian+1
CVE-2024-41012 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: filelock: Remove locks reliably when fcntl/close race is detected When fcntl_setlk() races with close(), it removes the created l… redhatrockylinuxsusedebian+1
CVE-2024-40901 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory There is a potential out-of-bounds access when using test_b… redhatrockylinuxsusedebian+1
CVE-2024-35912 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: rfi: fix potential response leaks If the rx payload length check fails, or if kmemdup() fails, we still need … redhatrockylinuxsusedebian+1
CVE-2024-42124 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Make qedf_execute_tmf() non-preemptible Stop calling smp_processor_id() from preemptible code in qedf_execute_tmf90. … redhatrockylinuxsusedebian+1