CVEs from 2024
Total
7,195
critical
critical 114
high
high 1,020
medium
medium 2,013
low
low 42
% Critical
1.6%
% with KEV
2.3%
% with exploit
2.3%
Top products
- surveillance_station 12
- checkmk 10
- profilegrid 8
- office 8
- office_long_term_servicing_channel 6
- glibc 5
- virtual_traffic_manager 5
- element_pack 5
Top packages
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2024-26686 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: fs/proc: do_task_stat: use sig->stats_lock to gather the threads/children stats lock_task_sighand() can trigger a hard lockup. I… | |
| CVE-2024-26656 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix use-after-free bug The bug can be triggered by sending a single amdgpu_gem_userptr_ioctl to the AMDGPU DRM driver… | |
| CVE-2024-26704 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: fix double-free of blocks due to wrong extents moved_len In ext4_move_extents(), moved_len is only updated when all moves a… | |
| CVE-2024-26660 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Implement bounds check for stream encoder creation in DCN301 'stream_enc_regs' array is an array of dcn10_stream… | |
| CVE-2024-36896 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix access violation during port device removal Testing with KASAN and syzkaller revealed a bug in port.c:disable_stor… | |
| CVE-2024-35946 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix null pointer access when abort scan During cancel scan we might use vif that weren't scanning. Fix this by using… | |
| CVE-2024-35938 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: decrease MHI channel buffer length to 8KB Currently buf_len field of ath11k_mhi_config_qca6390 is assigned with 0, … | |
| CVE-2024-35912 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: rfi: fix potential response leaks If the rx payload length check fails, or if kmemdup() fails, we still need … | |
| CVE-2024-35947 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: dyndbg: fix old BUG_ON in >control parser Fix a BUG_ON from 2009. Even if it looks "unreachable" (I didn't really look), lets ma… | |
| CVE-2024-35855 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix possible use-after-free during activity update The rule activity update delayed work periodically t… | |
| CVE-2024-42124 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Make qedf_execute_tmf() non-preemptible Stop calling smp_processor_id() from preemptible code in qedf_execute_tmf90. … | |
| CVE-2024-42237 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Validate payload length before processing block Move the payload length check in cs_dsp_load() and cs_dsp_coeff… | |
| CVE-2024-35853 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix memory leak during rehash The rehash delayed work migrates filters from one region to another. This… | |
| CVE-2024-35838 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix potential sta-link leak When a station is allocated, links are added but not set to valid yet (e.g. during co… | |
| CVE-2024-35835 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix a double-free in arfs_create_groups When `in` allocated by kvzalloc fails, arfs_create_groups will free ft->g and … | |
| CVE-2024-35847 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Prevent double free on error The error handling path in its_vpe_irq_domain_alloc() causes a double free when … | |
| CVE-2024-26645 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tracing: Ensure visibility when inserting an element into tracing_map Running the following two commands in parallel on a multi-p… | |
| CVE-2024-35809 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: PCI/PM: Drain runtime-idle callbacks before driver removal A race condition between the .runtime_idle() callback and the .remove(… | |
| CVE-2024-44970 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink When all the strides in a WQE have been consumed, the WQE is unlinked from t… | |
| CVE-2024-35814 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: swiotlb: Fix double-allocation of slots due to broken alignment handling Commit bbb73a103fbb ("swiotlb: fix a braino in the align… | |
| CVE-2024-31076 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline The absence of IRQD_MOVE_PCNTXT prevents immediate effectiv… | |
| CVE-2024-36920 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Avoid memcpy field-spanning write WARNING When the "storcli2 show" command is executed for eHBA-9600, mpi3mr driver… | |
| CVE-2024-27410 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: reject iftype change with mesh ID change It's currently possible to change the mesh ID when the interface isn't ye… | |
| CVE-2024-41038 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Prevent buffer overrun when processing V2 alg headers Check that all fields of a V2 algorithm header fit into t… | |
| CVE-2024-35824 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: misc: lis3lv02d_i2c: Fix regulators getting en-/dis-abled twice on suspend/resume When not configured for wakeup lis3lv02d_i2c_su… | |
| CVE-2024-42084 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ftruncate: pass a signed offset The old ftruncate() syscall, using the 32-bit off_t misses a sign extension when called in compat… | |
| CVE-2024-27010 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix mirred deadlock on device recursion When the mirred action is used on a classful egress qdisc and a packet is mirr… | |
| CVE-2024-35959 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix mlx5e_priv_init() cleanup flow When mlx5e_priv_init() fails, the cleanup flow calls mlx5e_selq_cleanup which calls… | |
| CVE-2024-27011 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix memleak in map from abort path The delete set command does not rely on the transaction object for eleme… | |
| CVE-2024-42228 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc Initialize the size before calling amdgpu_vce_cs_rel… | |
| CVE-2024-26921 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: inet: inet_defrag: prevent sk release while still in use ip_local_out() and other functions can pass skb->sk as function argument… | |
| CVE-2024-26846 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: nvme-fc: do not wait in vain when unloading module The module exit path has race between deleting all controllers and freeing 'le… | |
| CVE-2024-42240 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: x86/bhi: Avoid warning in #DB handler due to BHI mitigation When BHI mitigation is enabled, if SYSENTER is invoked with the TF fl… | |
| CVE-2024-26940 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed The driver creates /sys/kernel/debug/dri/0/mob_ttm even when… | |
| CVE-2024-26837 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: bridge: switchdev: Skip MDB replays of deferred events on offload Before this change, generation of the list of MDB events t… | |
| CVE-2024-26840 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix memory leak in cachefiles_add_cache() The following memory leak was reported after unbinding /dev/cachefiles: ==… | |
| CVE-2024-26843 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: efi: runtime: Fix potential overflow of soft-reserved region size md_size will have been narrowed if we have >= 4GB worth of page… | |
| CVE-2024-35924 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Limit read size on v1.2 Between UCSI 1.2 and UCSI 2.0, the size of the MESSAGE_IN region was increased from 16 … | |
| CVE-2024-42226 | high | — | 8.0 | 2y ago | Important: kernel security update | |
| CVE-2024-26772 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() Places the logic for checking if the group's block b… | |
| CVE-2024-26759 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mm/swap: fix race when skipping swapcache When skipping swapcache for SWP_SYNCHRONOUS_IO, if two or more threads swapin the same … | |
| CVE-2024-26669 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/sched: flower: Fix chain template offload When a qdisc is deleted from a net device the stack instructs the underlying driver… | |
| CVE-2024-35876 | high | — | 8.0 | 2y ago | Important: kernel-rt security update | |
| CVE-2024-26939 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/i915/vma: Fix UAF on destroy against retire race Object debugging tools were sporadically reporting illegal attempts to free … | |
| CVE-2024-26740 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/sched: act_mirred: use the backlog for mirred ingress The test Davide added in commit ca22da2fbd69 ("act_mirred: use the back… | |
| CVE-2024-3727 | high | — | 8.0 | 2y ago | Important: container-tools:rhel8 security update | |
| CVE-2024-26717 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid-of: fix NULL-deref on failed power up A while back the I2C HID implementation was split in an ACPI and OF part, but … | |
| CVE-2024-26733 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: arp: Prevent overflow in arp_req_get(). syzkaller reported an overflown write in arp_req_get(). [0] When ioctl(SIOCGARP) is issu… | |
| CVE-2024-42154 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tcp_metrics: validate source addr length I don't see anything checking that TCP_METRICS_ATTR_SADDR_IPV4 is at least 4 bytes long,… | |
| CVE-2024-9407 | high | — | 8.0 | 2y ago | Important: podman security update | |
| CVE-2024-9676 | high | — | 8.0 | 2y ago | Important: podman security update | |
| CVE-2024-10460 | high | — | 8.0 | 2y ago | Important: firefox security update | |
| CVE-2024-10465 | high | — | 8.0 | 2y ago | Important: firefox security update | |
| CVE-2024-10463 | high | — | 8.0 | 2y ago | Important: thunderbird security update | |
| CVE-2024-10462 | high | — | 8.0 | 2y ago | Important: firefox security update | |
| CVE-2024-10467 | high | — | 8.0 | 2y ago | Important: firefox security update | |
| CVE-2024-10459 | high | — | 8.0 | 2y ago | Important: firefox security update | |
| CVE-2024-10461 | high | — | 8.0 | 2y ago | Important: firefox security update | |
| CVE-2024-10464 | high | — | 8.0 | 2y ago | Important: firefox security update | |
| CVE-2024-47875 | high | — | 8.0 | 2y ago | Important: grafana security update | |
| CVE-2024-9675 | high | — | 8.0 | 2y ago | Important: podman security update | |
| CVE-2024-49761 | high | — | 8.0 | 2y ago | Important: ruby:3.1 security update | |
| CVE-2024-23254 | high | — | 8.0 | 2y ago | The issue was addressed with improved UI handling. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. A malicious website may exfi… | |
| CVE-2024-27856 | high | — | 8.0 | 2y ago | The issue was addressed with improved checks. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. Pro… | |
| CVE-2024-27838 | high | — | 8.0 | 2y ago | Important: webkit2gtk3 security update | |
| CVE-2024-40779 | high | — | 8.0 | 2y ago | Important: webkit2gtk3 security update | |
| CVE-2024-40776 | high | — | 8.0 | 2y ago | Important: webkit2gtk3 security update | |
| CVE-2024-23280 | high | — | 8.0 | 2y ago | An injection issue was addressed with improved validation. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, watchOS 10.4. A maliciously crafted webpage may … | |
| CVE-2024-40780 | high | — | 8.0 | 2y ago | Important: webkit2gtk3 security update | |
| CVE-2024-54534 | high | — | 8.0 | 2y ago | The issue was addressed with improved memory handling. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.6, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processi… | |
| CVE-2024-23284 | high | — | 8.0 | 2y ago | A logic issue was addressed with improved state management. This issue is fixed in Safari 17.4, iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, wat… | |
| CVE-2024-44187 | high | — | 8.0 | 2y ago | Important: webkit2gtk3 security update | |
| CVE-2024-40866 | high | — | 8.0 | 2y ago | Important: webkit2gtk3 security update | |
| CVE-2024-44185 | high | — | 8.0 | 2y ago | Important: webkit2gtk3 security update | |
| CVE-2024-40789 | high | — | 8.0 | 2y ago | Important: webkit2gtk3 security update | |
| CVE-2024-27820 | high | — | 8.0 | 2y ago | Important: webkit2gtk3 security update | |
| CVE-2024-40782 | high | — | 8.0 | 2y ago | Important: webkit2gtk3 security update | |
| CVE-2024-23263 | high | — | 8.0 | 2y ago | A logic issue was addressed with improved validation. This issue is fixed in Safari 17.4, iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 1… | |
| CVE-2024-4558 | high | — | 8.0 | 2y ago | Important: webkit2gtk3 security update | |
| CVE-2024-27851 | high | — | 8.0 | 2y ago | Important: webkit2gtk3 security update | |
| CVE-2024-9341 | high | — | 8.0 | 2y ago | Important: podman security update | |
| CVE-2024-43485 | high | — | 8.0 | 2y ago | Important: .NET 8.0 security update | |
| CVE-2024-43484 | high | — | 8.0 | 2y ago | Important: .NET 8.0 security update | |
| CVE-2024-43483 | high | — | 8.0 | 2y ago | Important: .NET 8.0 security update | |
| CVE-2024-38229 | high | — | 8.0 | 2y ago | Important: .NET 8.0 security update | |
| CVE-2024-8900 | high | — | 8.0 | 2y ago | Important: firefox security update | |
| CVE-2024-9401 | high | — | 8.0 | 2y ago | Important: firefox security update | |
| CVE-2024-9394 | high | — | 8.0 | 2y ago | Important: firefox security update | |
| CVE-2024-9400 | high | — | 8.0 | 2y ago | Important: firefox security update | |
| CVE-2024-9397 | high | — | 8.0 | 2y ago | Important: firefox security update | |
| CVE-2024-9402 | high | — | 8.0 | 2y ago | Important: firefox security update | |
| CVE-2024-9396 | high | — | 8.0 | 2y ago | Important: firefox security update | |
| CVE-2024-9392 | high | — | 8.0 | 2y ago | Important: firefox security update | |
| CVE-2024-9398 | high | — | 8.0 | 2y ago | Important: firefox security update | |
| CVE-2024-9403 | high | — | 8.0 | 2y ago | Important: thunderbird security update | |
| CVE-2024-9393 | high | — | 8.0 | 2y ago | Important: firefox security update | |
| CVE-2024-9399 | high | — | 8.0 | 2y ago | Important: firefox security update | |
| CVE-2024-47076 | high | — | 8.0 | 2y ago | Important: cups-filters security update | |
| CVE-2024-47176 | high | — | 8.0 | 2y ago | Important: cups-filters security update | |
| CVE-2024-47850 | high | — | 8.0 | 2y ago | CUPS cups-browsed before 2.5b1 will send an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added, a different vulnerability t… |