CVEs from 2024
Total
6,656
critical
critical 114
high
high 1,034
medium
medium 1,997
low
low 47
% Critical
1.7%
% with KEV
2.4%
% with exploit
3.3%
Top products
- surveillance_station 12
- checkmk 10
- profilegrid 8
- office 8
- office_long_term_servicing_channel 6
- glibc 5
- virtual_traffic_manager 5
- element_pack 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-41096 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: PCI/MSI: Fix UAF in msi_capability_init KFENCE reports the following UAF: BUG: KFENCE: use-after-free read in __pci_enable_msi_… | |||
| CVE-2024-36019 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: regmap: maple: Fix cache corruption in regcache_maple_drop() When keeping the upper end of a cache block entry, the entry[] array… | |||
| CVE-2024-26886 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: af_bluetooth: Fix deadlock Attemting to do sock_lock on .recvmsg may cause a deadlock as shown bellow, so instead of u… | |||
| CVE-2024-35797 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mm: cachestat: fix two shmem bugs When cachestat on shmem races with swapping and invalidation, there are two possible bugs: 1) … | |||
| CVE-2024-35875 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: x86/coco: Require seeding RNG with RDRAND on CoCo systems There are few uses of CoCo that don't rely on working cryptography and … | |||
| CVE-2024-38619 | medium | 5.5 | 5.5 | 2y ago | RHSA-2024:7001: kernel-rt security update (Important) | |||
| CVE-2024-27267 | medium | — | 5.5 | 2y ago | RHSA-2024:6595: java-1.8.0-ibm security update (Moderate) | |||
| CVE-2024-35791 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() Do the cache flush of converted pages in svm_regist… | |||
| CVE-2024-42096 | medium | 5.5 | 5.5 | 2y ago | RHSA-2024:7001: kernel-rt security update (Important) | |||
| CVE-2024-26630 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mm: cachestat: fix folio read-after-free in cache walk In cachestat, we access the folio from the page cache's xarray to compute … | |||
| CVE-2024-42102 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again" Patch series "mm: Avoid possible overflows in dirt… | |||
| CVE-2024-26629 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: nfsd: fix RELEASE_LOCKOWNER The test on so_count in nfsd4_release_lockowner() is nonsense and harmful. Revert to using check_for… | |||
| CVE-2024-42082 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: xdp: Remove WARN() from __xdp_reg_mem_model() syzkaller reports a warning in __xdp_reg_mem_model(). The warning occurs only if _… | |||
| CVE-2024-40936 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix memregion leaks in devm_cxl_add_region() Move the mode verification to __create_region() before allocating the me… | |||
| CVE-2024-23184 | medium | — | 5.5 | 2y ago | RHSA-2024:6973: dovecot security update (Moderate) | |||
| CVE-2024-23185 | medium | — | 5.5 | 2y ago | RHSA-2024:6973: dovecot security update (Moderate) | |||
| CVE-2024-39331 | medium | — | 5.5 | 2y ago | RHSA-2024:6987: emacs security update (Moderate) | |||
| CVE-2024-44948 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: x86/mtrr: Check if fixed MTRRs exist before saving them MTRRs have an obsolete fixed variant for fine grained caching control of … | |||
| CVE-2024-33869 | medium | — | 5.5 | 2y ago | An issue was discovered in Artifex Ghostscript before 10.03.1. Path traversal and command execution can occur (via a crafted PostScript document) because of path reduction in base/gpmisc.c. For examp… | |||
| CVE-2024-38428 | medium | — | 5.5 | 2y ago | RHSA-2024:5299: wget security update (Moderate) | |||
| CVE-2024-33870 | medium | — | 5.5 | 2y ago | An issue was discovered in Artifex Ghostscript before 10.03.1. There is path traversal (via a crafted PostScript document) to arbitrary files if the current directory is in the permitted paths. For e… | |||
| CVE-2024-40897 | medium | — | 5.5 | 2y ago | RHSA-2024:5306: orc security update (Moderate) | |||
| CVE-2024-28863 | medium | — | 5.5 | 2y ago | RHSA-2024:6148: nodejs:18 security update (Moderate) | |||
| CVE-2024-6923 | medium | — | 5.5 | 2y ago | RHSA-2024:6975: python3 security update (Moderate) | |||
| CVE-2024-8088 | medium | — | 5.5 | 2y ago | RHSA-2024:6962: python3.11 security update (Moderate) | |||
| CVE-2024-44944 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: use helper function to calculate expect ID Delete expectation path is missing a call to the nf_expect_get_i… | |||
| CVE-2024-38540 | medium | — | 5.5 | 2y ago | RHSA-2024:8870: kernel-rt security update (Moderate) | |||
| CVE-2024-35962 | medium | 5.5 | 5.5 | 2y ago | RHSA-2024:5101: kernel security update (Important) | |||
| CVE-2024-40912 | medium | 5.5 | 5.5 | 2y ago | RHSA-2024:7001: kernel-rt security update (Important) | |||
| CVE-2024-38579 | medium | 5.5 | 5.5 | 2y ago | RHSA-2024:7000: kernel security update (Important) | |||
| CVE-2024-38608 | medium | — | 5.5 | 2y ago | RHSA-2024:8870: kernel-rt security update (Moderate) | |||
| CVE-2024-35897 | medium | 5.5 | 5.5 | 2y ago | RHSA-2024:5102: kernel-rt security update (Important) | |||
| CVE-2024-26925 | medium | 5.5 | 5.5 | 2y ago | RHSA-2024:5102: kernel-rt security update (Important) | |||
| CVE-2024-40941 | medium | 5.5 | 5.5 | 2y ago | RHSA-2024:7001: kernel-rt security update (Important) | |||
| CVE-2024-40983 | medium | — | 5.5 | 2y ago | RHSA-2024:8870: kernel-rt security update (Moderate) | |||
| CVE-2024-35898 | medium | 5.5 | 5.5 | 2y ago | RHSA-2024:8870: kernel-rt security update (Moderate) | |||
| CVE-2024-35839 | medium | — | 5.5 | 2y ago | RHSA-2024:8870: kernel-rt security update (Moderate) | |||
| CVE-2024-26855 | medium | 5.5 | 5.5 | 2y ago | RHSA-2024:7001: kernel-rt security update (Important) | |||
| CVE-2024-44935 | medium | 5.5 | 5.5 | 2y ago | RHSA-2024:8870: kernel-rt security update (Moderate) | |||
| CVE-2024-43893 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: serial: core: check uartclk for zero to avoid divide by zero Calling ioctl TIOCSSERIAL with an invalid baud_base can result in ua… | |||
| CVE-2024-43890 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tracing: Fix overflow in get_free_elt() "tracing_map->next_elt" in get_free_elt() is at risk of overflowing. Once it overflows, … | |||
| CVE-2024-22020 | medium | — | 5.5 | 2y ago | RHSA-2024:6148: nodejs:18 security update (Moderate) | |||
| CVE-2024-36137 | medium | — | 5.5 | 2y ago | RHSA-2024:5814: nodejs:20 security update (Moderate) | |||
| CVE-2024-22018 | medium | — | 5.5 | 2y ago | RHSA-2024:5814: nodejs:20 security update (Moderate) | |||
| CVE-2024-43398 | medium | — | 5.5 | 2y ago | RHSA-2025:4063: ruby:3.1 security update (Moderate) | |||
| CVE-2024-6472 | medium | — | 5.5 | 2y ago | RHSA-2024:5598: libreoffice security update (Moderate) | |||
| CVE-2024-2398 | medium | — | 5.5 | 2y ago | RHSA-2024:5654: curl security update (Moderate) | |||
| CVE-2024-42306 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: udf: Avoid using corrupted block bitmap buffer When the filesystem block bitmap is corrupted, we detect the corruption while load… | |||
| CVE-2024-42281 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a segment issue when downgrading gso_size Linearize the skb when downgrading gso_size because it may trigger a BUG_ON() … | |||
| CVE-2024-36020 | medium | 5.5 | 5.5 | 2y ago | RHSA-2024:5102: kernel-rt security update (Important) | |||
| CVE-2024-36489 | medium | 5.5 | 5.5 | 2y ago | RHSA-2024:5102: kernel-rt security update (Important) | |||
| CVE-2024-6345 | medium | — | 5.5 | 2y ago | RHSA-2024:6311: resource-agents security update (Moderate) | |||
| CVE-2024-33621 | medium | 5.5 | 5.5 | 2y ago | RHSA-2024:5102: kernel-rt security update (Important) | |||
| CVE-2024-40961 | medium | 5.5 | 5.5 | 2y ago | RHSA-2024:8870: kernel-rt security update (Moderate) | |||
| CVE-2024-38167 | medium | — | 5.5 | 2y ago | RHSA-2024:5337: .NET 8.0 security update (Moderate) | |||
| CVE-2024-36005 | medium | 5.5 | 5.5 | 2y ago | RHSA-2024:5102: kernel-rt security update (Important) | |||
| CVE-2024-38558 | medium | 5.5 | 5.5 | 2y ago | RHSA-2024:7001: kernel-rt security update (Important) | |||
| CVE-2024-37356 | medium | 5.5 | 5.5 | 2y ago | RHSA-2024:7001: kernel-rt security update (Important) | |||
| CVE-2024-35969 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr Although ipv6_get_ifaddr walks inet6_addr_lst under the RCU lo… | |||
| CVE-2024-36929 | medium | 5.5 | 5.5 | 2y ago | RHSA-2024:5102: kernel-rt security update (Important) | |||
| CVE-2024-42259 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Fix Virtual Memory mapping boundaries calculation Calculating the size of the mapped area as the lesser value betwe… | |||
| CVE-2024-5953 | medium | — | 5.5 | 2y ago | RHSA-2024:6569: 389-ds:1.4 security update (Moderate) | |||
| CVE-2024-6237 | medium | — | 5.5 | 2y ago | Moderate: 389-ds-base security update | |||
| CVE-2024-41123 | medium | — | 5.5 | 2y ago | RHSA-2025:4063: ruby:3.1 security update (Moderate) | |||
| CVE-2024-41946 | medium | — | 5.5 | 2y ago | RHSA-2025:4063: ruby:3.1 security update (Moderate) | |||
| CVE-2024-35885 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mlxbf_gige: stop interface during shutdown The mlxbf_gige driver intermittantly encounters a NULL pointer exception while the sys… | |||
| CVE-2024-27030 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Use separate handlers for interrupts For PF to AF interrupt vector and VF to AF vector same interrupt handler is re… | |||
| CVE-2024-35907 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mlxbf_gige: call request_irq() after NAPI initialized The mlxbf_gige driver encounters a NULL pointer exception in mlxbf_gige_ope… | |||
| CVE-2024-26737 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix racing between bpf_timer_cancel_and_free and bpf_timer_cancel The following race is possible between bpf_timer_cancel_an… | |||
| CVE-2024-38580 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: epoll: be better about file lifetimes epoll can call out to vfs_poll() with a file pointer that may race with the last 'fput()'. … | |||
| CVE-2024-35857 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: icmp: prevent possible NULL dereferences from icmp_build_probe() First problem is a double call to __in_dev_get_rcu(), because th… | |||
| CVE-2024-26880 | medium | 5.5 | 5.5 | 2y ago | RHSA-2024:7001: kernel-rt security update (Important) | |||
| CVE-2024-27046 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: nfp: flower: handle acti_netdevs allocation failure The kmalloc_array() in nfp_fl_lag_do_work() will return null, if the physical… | |||
| CVE-2024-42097 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ALSA: emux: improve patch ioctl data validation In load_data(), make the validation of and skipping over the main info block matc… | |||
| CVE-2024-41016 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() xattr in ocfs2 maybe 'non-indexed', which saved with addition… | |||
| CVE-2024-37894 | medium | — | 5.5 | 2y ago | Moderate: squid security update | |||
| CVE-2024-4032 | medium | — | 5.5 | 2y ago | RHSA-2024:6975: python3 security update (Moderate) | |||
| CVE-2024-24806 | medium | — | 5.5 | 2y ago | RHSA-2024:4247: libuv security update (Moderate) | |||
| CVE-2024-35235 | medium | — | 5.5 | 2y ago | RHSA-2024:4265: cups security update (Moderate) | |||
| CVE-2024-3044 | medium | — | 5.5 | 2y ago | RHSA-2024:4242: libreoffice security update (Moderate) | |||
| CVE-2024-38586 | medium | — | 5.5 | 2y ago | RHSA-2024:8870: kernel-rt security update (Moderate) | |||
| CVE-2024-36270 | medium | 5.5 | 5.5 | 2y ago | RHSA-2024:5102: kernel-rt security update (Important) | |||
| CVE-2024-35958 | medium | 5.5 | 5.5 | 2y ago | RHSA-2024:4352: kernel-rt security and bug fix update (Important) | |||
| CVE-2024-39908 | medium | — | 5.5 | 2y ago | RHSA-2025:4063: ruby:3.1 security update (Moderate) | |||
| CVE-2024-41006 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netrom: Fix a memory leak in nr_heartbeat_expiry() syzbot reported a memory leak in nr_create() [0]. Commit 409db27e3a2e ("netro… | |||
| CVE-2024-41004 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tracing: Build event generation tests only as modules The kprobes and synth event generation test modules add events and lock (ge… | |||
| CVE-2024-40993 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Fix suspicious rcu_dereference_protected() When destroying all sets, we are either in pernet exit phase or are … | |||
| CVE-2024-40980 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drop_monitor: replace spin_lock by raw_spin_lock trace_drop_common() is called with preemption disabled, and it acquires a spin_l… | |||
| CVE-2024-40971 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: f2fs: remove clear SB_INLINECRYPT flag in default_options In f2fs_remount, SB_INLINECRYPT flag will be clear and re-set. If creat… | |||
| CVE-2024-40942 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects The hwmp code use objects of type mesh_preq_queue, added to a list in i… | |||
| CVE-2024-40934 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode() Fix a memory leak on logi_dj_recv_send_report() error path. | |||
| CVE-2024-40916 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found When reading EDID fails and driver reports no modes a… | |||
| CVE-2024-39509 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: HID: core: remove unnecessary WARN_ON() in implement() Syzkaller hit a warning [1] in a call to implement() when trying to write … | |||
| CVE-2024-39493 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak Using completion_done to determine whether the caller has gone away only works a… | |||
| CVE-2024-39489 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix memleak in seg6_hmac_init_algo seg6_hmac_init_algo returns without cleaning up the previous allocations if one fail… | |||
| CVE-2024-6409 | medium | — | 5.5 | 2y ago | A race condition vulnerability was discovered in how signals are handled by OpenSSH's server (sshd). If a remote attacker does not authenticate within a set time period, then sshd's SIGALRM handler i… | |||
| CVE-2024-27393 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: xen-netfront: Add missing skb_mark_for_recycle Notice that skb_mark_for_recycle() is introduced later than fixes tag in commit 6a… | |||
| CVE-2024-35870 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in smb2_reconnect_server() The UAF bug is due to smb2_reconnect_server() accessing a session that is already… | |||
| CVE-2024-39482 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bcache: fix variable length array abuse in btree_iter btree_iter is used in two ways: either allocated on the stack with a fixed … | |||
| CVE-2024-24789 | medium | — | 5.5 | 2y ago | RHSA-2024:5291: grafana security update (Moderate) |