VIR Vulnerability Intelligence Relay

CVEs from 2024

7,377 normalized CVEs published or assigned in this year.

Total
7,377
critical
critical 114
high
high 1,043
medium
medium 1,991
low
low 40
% Critical
1.5%
% with KEV
2.2%
% with exploit
2.2%

Top vendors

Top products

  • checkmk 10
  • office 8
  • profilegrid 8
  • office_long_term_servicing_channel 6
  • glibc 5
  • virtual_traffic_manager 5
  • element_pack 5
  • propertyhive 5

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2024-36894 medium 5.6 5.6 2y ago In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete FFS based applications can utilize the aio_cancel() cal… susedebianlinux
CVE-2024-33655 medium 5.5 10d ago Moderate: unbound security update redhatsusedebian
CVE-2024-51394 medium 5.5 5.5 15d ago Buffer Overflow vulnerability in Ardupiot Copter Latest commit 92693e023793133e49a035daf37c14433e484778 allows a local attacker to cause a denial of service via the AP_MSP::loop, AP_MSP, AP_MSP.cpp c…
CVE-2024-26766 medium 5.5 4mo ago In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix sdma.h tx->num_descs off-by-one error Unfortunately the commit `fd8958efe877` introduced another error causing the `… rockylinuxsusedebian
CVE-2024-50060 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: io_uring: check if we need to reschedule during overflow flush In terms of normal application usage, this list will always be emp… redhatsuserockylinuxdebian+1
CVE-2024-58088 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: bpf: Fix deadlock when freeing cgroup storage The following commit bc235cdb423a ("bpf: Prevent deadlock from recursive bpf_task_s… redhatsuserockylinuxdebian+1
CVE-2024-58077 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-pcm: don't use soc_pcm_ret() on .prepare callback commit 1f5664351410 ("ASoC: lower "no backend DAIs enabled for ... Po… redhatsuserockylinuxdebian+1
CVE-2024-58075 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: crypto: tegra - do not transfer req when tegra init fails The tegra_cmac_init or tegra_sha_init function may return an error when… redhatsuserockylinuxdebian+1
CVE-2024-58057 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: idpf: convert workqueues to unbound When a workqueue is created with `WQ_UNBOUND`, its work items are served by special worker-po… redhatsuserockylinuxdebian+1
CVE-2024-58062 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: avoid NULL pointer dereference When iterating over the links of a vif, we need to make sure that the pointer … redhatsuserockylinuxdebian+1
CVE-2024-57990 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: fix off by one in mt7925_load_clc() This comparison should be >= instead of > to prevent an out of bounds rea… redhatsuserockylinuxdebian+1
CVE-2024-57995 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix read pointer after free in ath12k_mac_assign_vif_to_vdev() In ath12k_mac_assign_vif_to_vdev(), if arvif is crea… redhatsuserockylinuxdebian+1
CVE-2024-57989 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: fix NULL deref check in mt7925_change_vif_links In mt7925_change_vif_links() devm_kzalloc() may return NULL b… redhatsuserockylinuxdebian+1
CVE-2024-57988 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btbcm: Fix NULL deref in btbcm_get_board_name() devm_kstrdup() can return a NULL pointer on failure,but this returned … redhatsuserockylinuxdebian+1
CVE-2024-57987 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btrtl: check for NULL in btrtl_setup_realtek() If insert an USB dongle which chip is not maintained in ic_id_table, it… redhatsuserockylinuxdebian+1
CVE-2024-58015 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix for out-of bound access error Selfgen stats are placed in a buffer using print_array_to_buf_index() function. A… redhatsuserockylinuxdebian+1
CVE-2024-58012 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params Each cpu DAI should associate with a widget. However, the top… redhatsuserockylinuxdebian+1
CVE-2024-56662 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl Fix an issue detected by syzbot with KASAN: BUG: KASAN: vmalloc-out-of-b… redhatsuserockylinuxdebian+1
CVE-2024-45777 medium 5.5 7mo ago Moderate: grub2 security update redhatdebiansuse
CVE-2024-54456 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: NFS: Fix potential buffer overflowin nfs_sysfs_link_rpc_client() name is char[64] where the size of clnt->cl_program->name remain… redhatsuserockylinuxdebian+1
CVE-2024-53090 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: afs: Fix lock recursion afs_wake_up_async_call() can incur lock recursion. The problem is that it is called from AF_RXRPC whilst… redhatsuserockylinuxdebian+1
CVE-2024-58083 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() Explicitly verify the target vCPU is fully online _prior_ to clamp… redhatsuserockylinuxdebian+1
CVE-2024-58068 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: OPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized If a driver calls dev_pm_opp_find_bw_ceil/floor() the retrie… redhatsuserockylinuxdebian+1
CVE-2024-57998 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: OPP: add index check to assert to avoid buffer overflow in _read_freq() Pass the freq index to the assert function to make sure w… redhatsuserockylinuxdebian+1
CVE-2024-57993 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: HID: hid-thrustmaster: Fix warning in thrustmaster_probe by adding endpoint check syzbot has found a type mismatch between a USB … redhatsuserockylinuxdebian+1
CVE-2024-57986 medium 5.5 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: HID: core: Fix assumption that Resolution Multipliers must be in Logical Collections A report in 2019 by the syzbot fuzzer was fo… redhatsuserockylinuxdebian+2
CVE-2024-47727 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Fix "in-kernel MMIO" check TDX only supports kernel-initiated MMIO operations. The handle_mmio() function checks if the … redhatsuserockylinuxdebian+1
CVE-2024-57981 medium 5.5 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix NULL pointer dereference on certain command aborts If a command is queued to the final usable TRB of a ring segmen… redhatsuserockylinuxdebian+2
CVE-2024-50294 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix missing locking causing hanging calls If a call gets aborted (e.g. because kafs saw a signal) between it being queued … redhatsuserockylinuxdebian+1
CVE-2024-53216 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: nfsd: release svc_expkey/svc_export with rcu_work The last reference for `cache_head` can be reduced to zero in `c_show` and `e_s… redhatsuserockylinuxdebian+1
CVE-2024-56739 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: rtc: check if __rtc_read_time was successful in rtc_timer_do_work() If the __rtc_read_time call fails,, the struct rtc_time tm; m… redhatsuserockylinuxdebian+1
CVE-2024-56709 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: io_uring: check if iowq is killed before queuing task work can be executed after the task has gone through io_uring termination, … redhatsuserockylinuxdebian+1
CVE-2024-56690 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Call crypto layer directly when padata_do_parallel() return -EBUSY Since commit 8f4f68e788c3 ("crypto: pcrypt - … redhatsuserockylinuxdebian+1
CVE-2024-56675 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: bpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors Uprobes always use bpf_prog_run_array_uprobe() under tasks-trace-RCU… redhatsuserockylinuxdebian+1
CVE-2024-56645 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939_session_new(): fix skb reference counting Since j1939_session_skb_queue() does an extra skb_get() for each new … redhatsuserockylinuxdebian+1
CVE-2024-56603 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: net: af_can: do not leave a dangling sk pointer in can_create() On error can_create() frees the allocated sk object, but sock_ini… redhatsuserockylinuxdebian+1
CVE-2024-47679 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: vfs: fix race between evice_inodes() and find_inode()&iput() Hi, all Recently I noticed a bug[1] in btrfs, after digged it into … redhatsuserockylinuxdebian+1
CVE-2024-53680 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() Under certain kernel configurations when building with Cl… redhatsuserockylinuxdebian+1
CVE-2024-53241 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercall page for doing the iret hyperc… redhatrockylinuxsusedebian+1
CVE-2024-53229 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix the qp flush warnings in req When the qp is in error state, the status of WQEs in the queue should be set to error.… redhatsuserockylinuxdebian+1
CVE-2024-53170 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: block: fix uaf for flush rq while iterating tags blk_mq_clear_flush_rq_mapping() is not called during scsi probe, by checking blk… redhatsuserockylinuxdebian+1
CVE-2024-53135 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN Hide KVM's pt_mode module param behind CONFIG_BROKE… redhatsuserockylinuxdebian+1
CVE-2024-53119 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: virtio/vsock: Fix accept_queue memory leak As the final stages of socket destruction may be delayed, it is possible that virtio_t… redhatsuserockylinuxdebian+1
CVE-2024-52332 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: igb: Fix potential invalid memory access in igb_init_module() The pci_register_driver() can fail and when this happened, the dca_… redhatsuserockylinuxdebian+1
CVE-2024-53052 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: io_uring/rw: fix missing NOWAIT check for O_DIRECT start write When io_uring starts a write, it'll call kiocb_start_write() to bu… redhatsuserockylinuxdebian+1
CVE-2024-46689 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: soc: qcom: cmd-db: Map shared memory as WC, not WB Linux does not write into cmd-db region. This region of memory is write protec… redhatsuserockylinuxdebian+1
CVE-2024-49570 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: drm/xe/tracing: Fix a potential TP_printk UAF The commit afd2627f727b ("tracing: Check "%s" dereference via the field and not the… redhatsuserockylinuxdebian+1
CVE-2024-49864 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix a race between socket set up and I/O thread creation In rxrpc_open_socket(), it sets up the socket and then sets up th… redhatsuserockylinuxdebian+1
CVE-2024-50195 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: posix-clock: Fix missing timespec64 check in pc_clock_settime() As Andrew pointed out, it will make sense that the PTP core check… redhatsuserockylinuxdebian+1
CVE-2024-56786 medium 5.5 7mo ago Moderate: kernel security update redhatsuserockylinuxalmalinux
CVE-2024-13176 medium 5.5 8mo ago Moderate: mysql:8.4 security update debiansuse
CVE-2024-36357 medium 5.5 9mo ago A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged bounda… debianredhatrockylinux
CVE-2024-47252 medium 5.5 9mo ago Moderate: httpd security update debianredhatrockylinuxsuse
CVE-2024-36350 medium 5.5 10mo ago A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. debianredhatsuserockylinux
CVE-2024-47081 medium 5.5 10mo ago Moderate: python-requests security update redhatrockylinuxsusedebian+1
CVE-2024-57980 medium 5.5 10mo ago In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix double free in error path If the uvc_status_init() function fails to allocate the int_urb, it will free the … redhatrockylinuxsusedebian
CVE-2024-52615 medium 5.5 10mo ago Moderate: avahi security update debianredhatsuserockylinux
CVE-2024-58002 medium 5.5 10mo ago In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Remove dangling pointers When an async control is written, we copy a pointer to the file handle that started the… redhatrockylinuxsusedebian
CVE-2024-50379 medium 5.5 11mo ago Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability redhatrockylinuxsusedebian+1
CVE-2024-23337 medium 5.5 11mo ago Moderate: jq security update redhatrockylinuxsusedebian
CVE-2024-54661 medium 5.5 11mo ago Moderate: socat security update redhatrockylinuxsusedebian
CVE-2024-53064 medium 5.5 11mo ago In the Linux kernel, the following vulnerability has been resolved: idpf: fix idpf_vc_core_init error path In an event where the platform running the device control plane is rebooted, reset is dete… rockylinuxsusedebian
CVE-2024-45332 medium 5.5 11mo ago Moderate:microcode_ctl bug fix and enhancement update redhatrockylinuxsusedebian
CVE-2024-43420 medium 5.5 11mo ago Moderate:microcode_ctl bug fix and enhancement update redhatrockylinuxsusedebian
CVE-2024-50141 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ACPI: PRM: Find EFI_MEMORY_RUNTIME block for PRM handler and context PRMT needs to find the correct type of block to translate th… redhatsusedebian
CVE-2024-49975 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: uprobes: fix kernel info leak via "[uprobes]" vma xol_add_vma() maps the uninitialized page allocated by __create_xol_area() into… redhatsusedebian
CVE-2024-56566 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mm/slub: Avoid list corruption when removing a slab from the full list Boot with slub_debug=UFPZ. If allocated object failed in … redhatsusedebian
CVE-2024-46839 medium 5.5 1y ago RHSA-2025:6966: kernel security update (Moderate) redhatsuse
CVE-2024-50107 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: platform/x86/intel/pmc: Fix pmc_core_iounmap to call iounmap for valid addresses Commit 50c6dbdfd16e ("x86/ioremap: Improve iounm… redhatsusedebian
CVE-2024-44931 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: gpio: prevent potential speculation leaks in gpio_device_get_desc() Userspace may trigger a speculative read of an address outsid… redhatsusedebian
CVE-2024-46750 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: PCI: Add missing bridge lock to pci_bus_lock() One of the true positives that the cfg_access_lock lockdep effort identified is th… redhatsusedebianlinux
CVE-2024-49935 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ACPI: PAD: fix crash in exit_round_robin() The kernel occasionally crashes in cpumask_clear_cpu(), which is called within exit_ro… redhatsusedebian
CVE-2024-12088 medium 5.5 1y ago Moderate: rsync security update archredhatrockylinuxsuse+1
CVE-2024-56757 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: mediatek: add intf release flow when usb disconnect MediaTek claim an special usb intr interface for ISO data t… redhatsusedebian
CVE-2024-52616 medium 5.5 1y ago Moderate: avahi security update debianredhatsuserockylinux
CVE-2024-56642 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free of kernel socket in cleanup_bearer(). syzkaller reported a use-after-free of UDP kernel socket in cleanu… redhatsusedebian
CVE-2024-49954 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: static_call: Replace pointless WARN_ON() in static_call_module_notify() static_call_module_notify() triggers a WARN_ON(), when me… redhatsusedebian
CVE-2024-52005 medium 5.5 1y ago Moderate: git security update redhatdebiansuserockylinux
CVE-2024-40956 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list Use list_for_each_entry_safe() to allow iterating through t… redhatsusedebian
CVE-2024-47687 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: vdpa/mlx5: Fix invalid mr resource destroy Certain error paths from mlx5_vdpa_dev_add() can end up releasing mr resources which n… redhatsusedebian
CVE-2024-44975 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: fix panic caused by partcmd_update We find a bug as below: BUG: unable to handle page fault for address: 00000003 … redhatsusedebian
CVE-2024-52949 medium 5.5 1y ago Moderate: iptraf-ng security update redhatdebianrockylinux
CVE-2024-38541 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: of: module: add buffer overflow check in of_modalias() In of_modalias(), if the buffer happens to be too small even for the 1st s… redhatrockylinuxsusedebian
CVE-2024-50058 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: serial: protect uart_port_dtr_rts() in uart_shutdown() too Commit af224ca2df29 (serial: core: Prevent unsafe uart port access, pa… redhatsusedebianlinux
CVE-2024-28047 medium 5.5 1y ago Moderate: microcode_ctl security update rockylinuxredhatdebian
CVE-2024-10224 medium 5.5 1y ago Moderate: perl-Module-ScanDeps security update redhatdebianrockylinux
CVE-2024-43884 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Add error handling to pair_device() hci_conn_params_add() never checks for a NULL value and could lead to a NULL… redhatsusedebian
CVE-2024-43898 medium 5.5 1y ago RHSA-2025:6966: kernel security update (Moderate) redhatsuse
CVE-2024-50055 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: driver core: bus: Fix double free in driver API bus_register() For bus_register(), any error which happens after kset_register() … redhatsusedebian
CVE-2024-50256 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() I got a syzbot report without a repro [1] crashing in nf_send_… redhatrockylinuxsusedebian
CVE-2024-56664 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix race between element replace and close() Element replace (with a socket different from the one stored) may race… redhatsusedebian
CVE-2024-53085 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: tpm: Lock TPM chip in tpm_pm_suspend() first Setting TPM_CHIP_FLAG_SUSPENDED in the end of tpm_pm_suspend() can be racy according… redhatsusedebian
CVE-2024-43914 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: md/raid5: avoid BUG_ON() while continue reshape after reassembling Currently, mdadm support --revert-reshape to abort the reshape… redhatsusedebian
CVE-2024-56654 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Fix using rcu_read_(un)lock while iterating The usage of rcu_read_(un)lock while inside list_for_each_entry… redhatsusedebian
CVE-2024-47597 medium 5.5 1y ago Moderate: gstreamer1-plugins-good security update redhatdebiansuse
CVE-2024-50046 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies() On the node of an NFS client, some files saved in the mountpoi… redhatsusedebianlinux
CVE-2024-47596 medium 5.5 1y ago Moderate: gstreamer1-plugins-good security update redhatdebiansuse
CVE-2024-49946 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ppp: do not assume bh is held in ppp_channel_bridge_input() Networking receive path is usually handled from BH handler. However, … redhatsusedebian
CVE-2024-44934 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net: bridge: mcast: wait for previous gc cycles when removing port syzbot hit a use-after-free[1] which is caused because the bri… redhatsusedebian
CVE-2024-35978 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix memory leak in hci_req_sync_complete() In 'hci_req_sync_complete()', always free the previous sync request state b… redhatsusedebianlinux