CVEs from 2024
Total
6,647
critical
critical 114
high
high 1,034
medium
medium 1,997
low
low 47
% Critical
1.7%
% with KEV
2.5%
% with exploit
3.3%
Top products
- surveillance_station 12
- checkmk 10
- profilegrid 8
- office 8
- office_long_term_servicing_channel 6
- glibc 5
- virtual_traffic_manager 5
- element_pack 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-40967 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: serial: imx: Introduce timeout when waiting on transmitter empty By waiting at most 1 second for USR2_TXDC to be set, we avoid a … | |||
| CVE-2024-40965 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: i2c: lpi2c: Avoid calling clk_get_rate during transfer Instead of repeatedly calling clk_get_rate for each transfer, lock the clo… | |||
| CVE-2024-40966 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tty: add the option to have a tty reject a new ldisc ... and use it to limit the virtual terminals to just N_TTY. They are kind … | |||
| CVE-2024-43892 | medium | — | 5.5 | 2y ago | RHSA-2024:8870: kernel-rt security update (Moderate) | |||
| CVE-2024-40948 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mm/page_table_check: fix crash on ZONE_DEVICE Not all pages may apply to pgtable check. One example is ZONE_DEVICE pages: they m… | |||
| CVE-2024-40913 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: cachefiles: defer exposing anon_fd until after copy_to_user() succeeds After installing the anonymous fd, we can now see it in us… | |||
| CVE-2024-40903 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: fix use-after-free case in tcpm_register_source_caps There could be a potential use-after-free case in tcpm_reg… | |||
| CVE-2024-39508 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: io_uring/io-wq: Use set_bit() and test_bit() at worker->flags Utilize set_bit() and test_bit() on worker->flags within io_uring/i… | |||
| CVE-2024-39507 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash problem in concurrent scenario When link status change, the nic driver need to notify the roce driver… | |||
| CVE-2024-39479 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/i915/hwmon: Get rid of devm When both hwmon and hwmon drvdata (on which hwmon depends) are device managed resources, the expe… | |||
| CVE-2024-39473 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension If a process module does not have base… | |||
| CVE-2024-39291 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix buffer size in gfx_v9_4_3_init_ cp_compute_microcode() and rlc_microcode() The function gfx_v9_4_3_init_microcode… | |||
| CVE-2024-36967 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Fix memory leak in tpm2_key_encode() 'scratch' is never freed. Fix this by calling kfree() in the success, and in … | |||
| CVE-2024-36961 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Fix two locking issues with thermal zone debug With the current thermal zone locking arrangement in the debugfs … | |||
| CVE-2024-36956 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Free all thermal zone debug memory on zone removal Because thermal_debug_tz_remove() does not free all memory al… | |||
| CVE-2024-36955 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node() The documentation for device_get_named_child_node() mention… | |||
| CVE-2024-36477 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer The TPM SPI transfer mechanism uses MAX_SPI_FRAMESIZE for… | |||
| CVE-2024-36031 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: keys: Fix overwrite of key expiration on instantiation The expiry time of a key is unconditionally overwritten during instantiati… | |||
| CVE-2024-36030 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: fix the double free in rvu_npc_freemem() Clang static checker(scan-build) warning: drivers/net/ethernet/marvell/oct… | |||
| CVE-2024-35954 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Avoid sg device teardown race sg_remove_sfp_usercontext() must not use sg_device_destroy() after calling scsi_device_pu… | |||
| CVE-2024-26734 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: devlink: fix possible use-after-free and memory leaks in devlink_init() The pernet operations structure for the subsystem must be… | |||
| CVE-2024-35950 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/client: Fully protect modes[] with dev->mode_config.mutex The modes[] array contains pointers to modes on the connectors' mod… | |||
| CVE-2024-35944 | medium | 5.5 | 5.5 | 2y ago | RHSA-2024:7001: kernel-rt security update (Important) | |||
| CVE-2024-35878 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: of: module: prevent NULL pointer dereference in vsnprintf() In of_modalias(), we can get passed the str and len parameters which … | |||
| CVE-2024-35872 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix GUP-fast succeeding on secretmem folios folio_is_secretmem() currently relies on secretmem folios being LRU fol… | |||
| CVE-2024-35869 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: smb: client: guarantee refcounted children from parent session Avoid potential use-after-free bugs when walking DFS referrals, mo… | |||
| CVE-2024-35867 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_stats_proc_show() Skip sessions that are being teared down (status == SES_EXITING) to avoi… | |||
| CVE-2024-35866 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_dump_full_key() Skip sessions that are being teared down (status == SES_EXITING) to avoid … | |||
| CVE-2024-35865 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_valid_oplock_break() Skip sessions that are being teared down (status == SES_EXITING) t… | |||
| CVE-2024-35864 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_valid_lease_break() Skip sessions that are being teared down (status == SES_EXITING) to… | |||
| CVE-2024-35863 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in is_valid_oplock_break() Skip sessions that are being teared down (status == SES_EXITING) to avo… | |||
| CVE-2024-43842 | medium | — | 5.5 | 2y ago | RHSA-2025:8247: kernel-rt security update (Moderate) | |||
| CVE-2024-35862 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_network_name_deleted() Skip sessions that are being teared down (status == SES_EXITING)… | |||
| CVE-2024-35861 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect() Skip sessions that are being teared down (status == SES_EXITI… | |||
| CVE-2024-35859 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: block: fix module reference leakage from bdev_open_by_dev error path At the time bdev_may_open() is called, module reference is g… | |||
| CVE-2024-35805 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: dm snapshot: fix lockup in dm_exception_table_exit There was reported lockup when we exit a snapshot with many exceptions. Fix th… | |||
| CVE-2024-9676 | medium | — | 5.5 | 2y ago | RHSA-2024:10289: container-tools:rhel8 security update (Moderate) | |||
| CVE-2024-50210 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: posix-clock: posix-clock: Fix unbalanced locking in pc_clock_settime() If get_clock_desc() succeeds, it calls fget() for the cloc… | |||
| CVE-2024-50205 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size() The step variable is initialized to zero. It is changed … | |||
| CVE-2024-50188 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: phy: dp83869: fix memory corruption when enabling fiber When configuring the fiber port, the DP83869 PHY driver incorrectly … | |||
| CVE-2024-50134 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/vboxvideo: Replace fake VLA at end of vbva_mouse_pointer_shape with real VLA Replace the fake VLA at end of the vbva_mouse_po… | |||
| CVE-2024-50095 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/mad: Improve handling of timed out WRs of mad agent Current timeout handler of mad agent acquires/releases mad_agent_priv lo… | |||
| CVE-2024-41066 | medium | — | 5.5 | 2y ago | RHSA-2024:8870: kernel-rt security update (Moderate) | |||
| CVE-2024-43880 | medium | — | 5.5 | 2y ago | RHSA-2024:8870: kernel-rt security update (Moderate) | |||
| CVE-2024-7006 | medium | — | 5.5 | 2y ago | RHSA-2024:8833: libtiff security update (Moderate) | |||
| CVE-2024-21510 | medium | — | 5.5 | 2y ago | RHSA-2024:10987: pcs security update (Moderate) | |||
| CVE-2024-10460 | medium | — | 5.5 | 2y ago | RHSA-2024:8790: thunderbird security update (Moderate) | |||
| CVE-2024-10461 | medium | — | 5.5 | 2y ago | RHSA-2024:8790: thunderbird security update (Moderate) | |||
| CVE-2024-10462 | medium | — | 5.5 | 2y ago | RHSA-2024:8790: thunderbird security update (Moderate) | |||
| CVE-2024-10467 | medium | — | 5.5 | 2y ago | RHSA-2024:8790: thunderbird security update (Moderate) | |||
| CVE-2024-10465 | medium | — | 5.5 | 2y ago | RHSA-2024:8790: thunderbird security update (Moderate) | |||
| CVE-2024-10464 | medium | — | 5.5 | 2y ago | RHSA-2024:8790: thunderbird security update (Moderate) | |||
| CVE-2024-10463 | medium | — | 5.5 | 2y ago | RHSA-2024:8790: thunderbird security update (Moderate) | |||
| CVE-2024-10458 | medium | — | 5.5 | 2y ago | RHSA-2024:8790: thunderbird security update (Moderate) | |||
| CVE-2024-10459 | medium | — | 5.5 | 2y ago | RHSA-2024:8790: thunderbird security update (Moderate) | |||
| CVE-2024-10466 | medium | — | 5.5 | 2y ago | RHSA-2024:8790: thunderbird security update (Moderate) | |||
| CVE-2024-40960 | medium | 5.5 | 5.5 | 2y ago | RHSA-2024:7001: kernel-rt security update (Important) | |||
| CVE-2024-39504 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_inner: validate mandatory meta and payload Check for mandatory netlink attributes in payload and meta expression w… | |||
| CVE-2024-40995 | medium | 5.5 | 5.5 | 2y ago | RHSA-2024:7001: kernel-rt security update (Important) | |||
| CVE-2024-26935 | medium | 5.5 | 5.5 | 2y ago | RHSA-2025:1068: kernel security update (Moderate) | |||
| CVE-2024-36244 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: extend minimum interval restriction to entire cycle too It is possible for syzbot to side-step the restriction… | |||
| CVE-2024-49761 | medium | — | 5.5 | 2y ago | RHSA-2025:11047: pcs security update (Moderate) | |||
| CVE-2024-49767 | medium | — | 5.5 | 2y ago | Werkzeug possible resource exhaustion when parsing file data in forms | |||
| CVE-2024-6232 | medium | — | 5.5 | 2y ago | RHSA-2024:8838: python3.11 security update (Moderate) | |||
| CVE-2024-50045 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: br_netfilter: fix panic with metadata_dst skb Fix a kernel panic in the br_netfilter module when sending untagged traf… | |||
| CVE-2024-50040 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: igb: Do not bring the device up after non-fatal error Commit 004d25060c78 ("igb: Fix igb_down hung on surprise removal") changed … | |||
| CVE-2024-50001 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix error path in multi-packet WQE transmit Remove the erroneous unmap in case no DMA mapping was established The mult… | |||
| CVE-2024-49955 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ACPI: battery: Fix possible crash when unregistering a battery hook When a battery hook returns an error when adding a new batter… | |||
| CVE-2024-49952 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: prevent nf_skb_duplicated corruption syzbot found that nf_dup_ipv4() or nf_dup_ipv6() could write per-cpu v… | |||
| CVE-2024-49944 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start In sctp_listen_start() invoked by sctp_inet_listen(), it… | |||
| CVE-2024-49902 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: jfs: check if leafidx greater than num leaves per dmap tree syzbot report a out of bounds in dbSplit, it because dmt_leafidx grea… | |||
| CVE-2024-49892 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Initialize get_bytes_per_element's default to 1 Variables, used as denominators and maybe not assigned to other … | |||
| CVE-2024-49890 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: ensure the fw_info is not null before using it This resolves the dereference null return value warning reported by Co… | |||
| CVE-2024-47735 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix spin_unlock_irqrestore() called with IRQs enabled Fix missuse of spin_lock_irq()/spin_unlock_irq() when spin_lock_i… | |||
| CVE-2024-47709 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: can: bcm: Clear bo->bcm_proc_read after remove_proc_entry(). syzbot reported a warning in bcm_release(). [0] The blamed change f… | |||
| CVE-2024-47707 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev() Blamed commit accidentally removed a check for rt->rt6i_idev bei… | |||
| CVE-2024-47704 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check link_res->hpo_dp_link_enc before using it [WHAT & HOW] Functions dp_enable_link_phy and dp_disable_link_ph… | |||
| CVE-2024-47699 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential null-ptr-deref in nilfs_btree_insert() Patch series "nilfs2: fix potential issues with empty b-tree nodes".… | |||
| CVE-2024-47684 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tcp: check skb is non-NULL in tcp_rto_delta_us() We have some machines running stock Ubuntu 20.04.6 which is their 5.4.0-174-gene… | |||
| CVE-2024-21208 | medium | — | 5.5 | 2y ago | RHSA-2024:8127: java-21-openjdk security update (Moderate) | |||
| CVE-2024-42079 | medium | — | 5.5 | 2y ago | RHSA-2024:8870: kernel-rt security update (Moderate) | |||
| CVE-2024-21217 | medium | — | 5.5 | 2y ago | RHSA-2024:8127: java-21-openjdk security update (Moderate) | |||
| CVE-2024-42284 | medium | — | 5.5 | 2y ago | RHSA-2024:8870: kernel-rt security update (Moderate) | |||
| CVE-2024-21235 | medium | — | 5.5 | 2y ago | RHSA-2024:8127: java-21-openjdk security update (Moderate) | |||
| CVE-2024-40959 | medium | 5.5 | 5.5 | 2y ago | RHSA-2024:7001: kernel-rt security update (Important) | |||
| CVE-2024-38556 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Add a timeout to acquire the command queue semaphore Prevent forced completion handling on an entry that has not yet be… | |||
| CVE-2024-21210 | medium | — | 5.5 | 2y ago | RHSA-2024:8127: java-21-openjdk security update (Moderate) | |||
| CVE-2024-42272 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: sched: act_ct: take care of padding in struct zones_ht_key Blamed commit increased lookup key size from 2 bytes to 16 bytes, beca… | |||
| CVE-2024-27403 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_flow_offload: reset dst in route object after setting up flow dst is transferred to the flow object, route object … | |||
| CVE-2024-39483 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: WARN on vNMI + NMI window iff NMIs are outright masked When requesting an NMI window, WARN on vNMI support being enable… | |||
| CVE-2024-42934 | medium | — | 5.5 | 2y ago | Moderate: OpenIPMI security update | |||
| CVE-2024-9355 | medium | — | 5.5 | 2y ago | RHSA-2024:8847: grafana-pcp security update (Moderate) | |||
| CVE-2024-46544 | medium | — | 5.5 | 2y ago | Moderate: mod_jk bug fix update | |||
| CVE-2024-40984 | medium | 5.5 | 5.5 | 2y ago | RHSA-2024:8870: kernel-rt security update (Moderate) | |||
| CVE-2024-38615 | medium | 5.5 | 5.5 | 2y ago | RHSA-2024:5102: kernel-rt security update (Important) | |||
| CVE-2024-35895 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Prevent lock inversion deadlock in map delete elem syzkaller started using corpuses where a BPF tracing program del… | |||
| CVE-2024-24791 | medium | — | 5.5 | 2y ago | RHSA-2024:7349: grafana security update (Moderate) | |||
| CVE-2024-7383 | medium | — | 5.5 | 2y ago | RHSA-2024:6964: virt:rhel and virt-devel:rhel security update (Moderate) | |||
| CVE-2024-6602 | medium | — | 5.5 | 2y ago | A mismatch between allocator and deallocator could have led to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128. | |||
| CVE-2024-26886 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: af_bluetooth: Fix deadlock Attemting to do sock_lock on .recvmsg may cause a deadlock as shown bellow, so instead of u… |