VIR Vulnerability Intelligence Relay

CVEs from 2024

7,194 normalized CVEs published or assigned in this year.

Total
7,194
critical
critical 114
high
high 1,043
medium
medium 1,991
low
low 40
% Critical
1.6%
% with KEV
2.3%
% with exploit
2.3%

Top vendors

Top products

  • checkmk 10
  • office 8
  • profilegrid 8
  • office_long_term_servicing_channel 6
  • glibc 5
  • virtual_traffic_manager 5
  • element_pack 5
  • propertyhive 5

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2024-36894 medium 5.6 5.6 2y ago In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete FFS based applications can utilize the aio_cancel() cal… susedebianlinux
CVE-2024-33655 medium 5.5 10d ago Moderate: unbound security update redhatsusedebian
CVE-2024-51394 medium 5.5 5.5 15d ago Buffer Overflow vulnerability in Ardupiot Copter Latest commit 92693e023793133e49a035daf37c14433e484778 allows a local attacker to cause a denial of service via the AP_MSP::loop, AP_MSP, AP_MSP.cpp c…
CVE-2024-26766 medium 5.5 4mo ago In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix sdma.h tx->num_descs off-by-one error Unfortunately the commit `fd8958efe877` introduced another error causing the `… rockylinuxsusedebian
CVE-2024-56675 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: bpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors Uprobes always use bpf_prog_run_array_uprobe() under tasks-trace-RCU… redhatsuserockylinuxdebian+1
CVE-2024-56645 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939_session_new(): fix skb reference counting Since j1939_session_skb_queue() does an extra skb_get() for each new … redhatsuserockylinuxdebian+1
CVE-2024-56603 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: net: af_can: do not leave a dangling sk pointer in can_create() On error can_create() frees the allocated sk object, but sock_ini… redhatsuserockylinuxdebian+1
CVE-2024-53135 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN Hide KVM's pt_mode module param behind CONFIG_BROKE… redhatsuserockylinuxdebian+1
CVE-2024-53119 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: virtio/vsock: Fix accept_queue memory leak As the final stages of socket destruction may be delayed, it is possible that virtio_t… redhatsuserockylinuxdebian+1
CVE-2024-58068 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: OPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized If a driver calls dev_pm_opp_find_bw_ceil/floor() the retrie… redhatsuserockylinuxdebian+1
CVE-2024-57998 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: OPP: add index check to assert to avoid buffer overflow in _read_freq() Pass the freq index to the assert function to make sure w… redhatsuserockylinuxdebian+1
CVE-2024-47727 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Fix "in-kernel MMIO" check TDX only supports kernel-initiated MMIO operations. The handle_mmio() function checks if the … redhatsuserockylinuxdebian+1
CVE-2024-57981 medium 5.5 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix NULL pointer dereference on certain command aborts If a command is queued to the final usable TRB of a ring segmen… redhatsuserockylinuxdebian+2
CVE-2024-53680 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() Under certain kernel configurations when building with Cl… redhatsuserockylinuxdebian+1
CVE-2024-56690 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Call crypto layer directly when padata_do_parallel() return -EBUSY Since commit 8f4f68e788c3 ("crypto: pcrypt - … redhatsuserockylinuxdebian+1
CVE-2024-53229 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix the qp flush warnings in req When the qp is in error state, the status of WQEs in the queue should be set to error.… redhatsuserockylinuxdebian+1
CVE-2024-50294 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix missing locking causing hanging calls If a call gets aborted (e.g. because kafs saw a signal) between it being queued … redhatsuserockylinuxdebian+1
CVE-2024-49864 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix a race between socket set up and I/O thread creation In rxrpc_open_socket(), it sets up the socket and then sets up th… redhatsuserockylinuxdebian+1
CVE-2024-45777 medium 5.5 7mo ago Moderate: grub2 security update redhatdebiansuse
CVE-2024-53052 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: io_uring/rw: fix missing NOWAIT check for O_DIRECT start write When io_uring starts a write, it'll call kiocb_start_write() to bu… redhatsuserockylinuxdebian+1
CVE-2024-56739 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: rtc: check if __rtc_read_time was successful in rtc_timer_do_work() If the __rtc_read_time call fails,, the struct rtc_time tm; m… redhatsuserockylinuxdebian+1
CVE-2024-52332 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: igb: Fix potential invalid memory access in igb_init_module() The pci_register_driver() can fail and when this happened, the dca_… redhatsuserockylinuxdebian+1
CVE-2024-49570 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: drm/xe/tracing: Fix a potential TP_printk UAF The commit afd2627f727b ("tracing: Check "%s" dereference via the field and not the… redhatsuserockylinuxdebian+1
CVE-2024-58083 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() Explicitly verify the target vCPU is fully online _prior_ to clamp… redhatsuserockylinuxdebian+1
CVE-2024-53170 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: block: fix uaf for flush rq while iterating tags blk_mq_clear_flush_rq_mapping() is not called during scsi probe, by checking blk… redhatsuserockylinuxdebian+1
CVE-2024-56709 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: io_uring: check if iowq is killed before queuing task work can be executed after the task has gone through io_uring termination, … redhatsuserockylinuxdebian+1
CVE-2024-57993 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: HID: hid-thrustmaster: Fix warning in thrustmaster_probe by adding endpoint check syzbot has found a type mismatch between a USB … redhatsuserockylinuxdebian+1
CVE-2024-53241 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercall page for doing the iret hyperc… redhatrockylinuxsusedebian+1
CVE-2024-54456 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: NFS: Fix potential buffer overflowin nfs_sysfs_link_rpc_client() name is char[64] where the size of clnt->cl_program->name remain… redhatsuserockylinuxdebian+1
CVE-2024-57986 medium 5.5 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: HID: core: Fix assumption that Resolution Multipliers must be in Logical Collections A report in 2019 by the syzbot fuzzer was fo… redhatsuserockylinuxdebian+2
CVE-2024-58057 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: idpf: convert workqueues to unbound When a workqueue is created with `WQ_UNBOUND`, its work items are served by special worker-po… redhatsuserockylinuxdebian+1
CVE-2024-58012 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params Each cpu DAI should associate with a widget. However, the top… redhatsuserockylinuxdebian+1
CVE-2024-50195 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: posix-clock: Fix missing timespec64 check in pc_clock_settime() As Andrew pointed out, it will make sense that the PTP core check… redhatsuserockylinuxdebian+1
CVE-2024-46689 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: soc: qcom: cmd-db: Map shared memory as WC, not WB Linux does not write into cmd-db region. This region of memory is write protec… redhatsuserockylinuxdebian+1
CVE-2024-58015 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix for out-of bound access error Selfgen stats are placed in a buffer using print_array_to_buf_index() function. A… redhatsuserockylinuxdebian+1
CVE-2024-57990 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: fix off by one in mt7925_load_clc() This comparison should be >= instead of > to prevent an out of bounds rea… redhatsuserockylinuxdebian+1
CVE-2024-53216 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: nfsd: release svc_expkey/svc_export with rcu_work The last reference for `cache_head` can be reduced to zero in `c_show` and `e_s… redhatsuserockylinuxdebian+1
CVE-2024-50060 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: io_uring: check if we need to reschedule during overflow flush In terms of normal application usage, this list will always be emp… redhatsuserockylinuxdebian+1
CVE-2024-56662 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl Fix an issue detected by syzbot with KASAN: BUG: KASAN: vmalloc-out-of-b… redhatsuserockylinuxdebian+1
CVE-2024-47679 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: vfs: fix race between evice_inodes() and find_inode()&iput() Hi, all Recently I noticed a bug[1] in btrfs, after digged it into … redhatsuserockylinuxdebian+1
CVE-2024-57987 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btrtl: check for NULL in btrtl_setup_realtek() If insert an USB dongle which chip is not maintained in ic_id_table, it… redhatsuserockylinuxdebian+1
CVE-2024-56786 medium 5.5 7mo ago Moderate: kernel security update redhatsuserockylinuxalmalinux
CVE-2024-57995 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix read pointer after free in ath12k_mac_assign_vif_to_vdev() In ath12k_mac_assign_vif_to_vdev(), if arvif is crea… redhatsuserockylinuxdebian+1
CVE-2024-53090 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: afs: Fix lock recursion afs_wake_up_async_call() can incur lock recursion. The problem is that it is called from AF_RXRPC whilst… redhatsuserockylinuxdebian+1
CVE-2024-57988 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btbcm: Fix NULL deref in btbcm_get_board_name() devm_kstrdup() can return a NULL pointer on failure,but this returned … redhatsuserockylinuxdebian+1
CVE-2024-58062 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: avoid NULL pointer dereference When iterating over the links of a vif, we need to make sure that the pointer … redhatsuserockylinuxdebian+1
CVE-2024-58077 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-pcm: don't use soc_pcm_ret() on .prepare callback commit 1f5664351410 ("ASoC: lower "no backend DAIs enabled for ... Po… redhatsuserockylinuxdebian+1
CVE-2024-57989 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: fix NULL deref check in mt7925_change_vif_links In mt7925_change_vif_links() devm_kzalloc() may return NULL b… redhatsuserockylinuxdebian+1
CVE-2024-58075 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: crypto: tegra - do not transfer req when tegra init fails The tegra_cmac_init or tegra_sha_init function may return an error when… redhatsuserockylinuxdebian+1
CVE-2024-58088 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: bpf: Fix deadlock when freeing cgroup storage The following commit bc235cdb423a ("bpf: Prevent deadlock from recursive bpf_task_s… redhatsuserockylinuxdebian+1
CVE-2024-13176 medium 5.5 8mo ago Moderate: mysql:8.4 security update debiansuse
CVE-2024-36357 medium 5.5 9mo ago A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged bounda… debianredhatrockylinux
CVE-2024-47252 medium 5.5 9mo ago Moderate: httpd security update debianredhatrockylinuxsuse
CVE-2024-36350 medium 5.5 10mo ago A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. debianredhatsuserockylinux
CVE-2024-47081 medium 5.5 10mo ago Moderate: python-requests security update redhatrockylinuxsusedebian+1
CVE-2024-57980 medium 5.5 10mo ago In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix double free in error path If the uvc_status_init() function fails to allocate the int_urb, it will free the … redhatrockylinuxsusedebian
CVE-2024-58002 medium 5.5 10mo ago In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Remove dangling pointers When an async control is written, we copy a pointer to the file handle that started the… redhatrockylinuxsusedebian
CVE-2024-52615 medium 5.5 10mo ago Moderate: avahi security update debianredhatsuserockylinux
CVE-2024-50379 medium 5.5 11mo ago Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability redhatrockylinuxsusedebian+1
CVE-2024-23337 medium 5.5 11mo ago Moderate: jq security update redhatrockylinuxsusedebian
CVE-2024-54661 medium 5.5 11mo ago Moderate: socat security update redhatrockylinuxsusedebian
CVE-2024-53064 medium 5.5 11mo ago In the Linux kernel, the following vulnerability has been resolved: idpf: fix idpf_vc_core_init error path In an event where the platform running the device control plane is rebooted, reset is dete… rockylinuxsusedebian
CVE-2024-45332 medium 5.5 11mo ago Moderate:microcode_ctl bug fix and enhancement update redhatrockylinuxsusedebian
CVE-2024-43420 medium 5.5 11mo ago Moderate:microcode_ctl bug fix and enhancement update redhatrockylinuxsusedebian
CVE-2024-56688 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: sunrpc: clear XPRT_SOCK_UPD_TIMEOUT when reset transport Since transport->sock has been set to NULL during reset transport, XPRT_… redhatsusedebian
CVE-2024-49875 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: nfsd: map the EBADMSG to nfserr_io to avoid warning Ext4 will throw -EBADMSG through ext4_readdir when a checksum error occurs, r… redhatsusedebian
CVE-2024-53156 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() I found the following bug in my fuzzer: UBSAN: array-i… redhatsusedebian
CVE-2024-47601 medium 5.5 1y ago Moderate: gstreamer1-plugins-good security update redhatdebiansuse
CVE-2024-53096 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mm: resolve faulty mmap_region() error path behaviour The mmap_region() function is somewhat terrifying, with spaghetti-like cont… redhatsusedebian
CVE-2024-53146 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent a potential integer overflow If the tag length is >= U32_MAX - 3 then the "length + 4" addition can result in an in… redhatsusedebian
CVE-2024-50278 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: dm cache: fix potential out-of-bounds access on the first resume Out-of-bounds access occurs if the fast device is expanded unexp… redhatsusedebian
CVE-2024-46954 medium 5.5 1y ago Moderate: ghostscript security update redhatrockylinuxdebian
CVE-2024-49927 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: x86/ioapic: Handle allocation failures gracefully Breno observed panics when using failslab under certain conditions during runti… redhatsusedebian
CVE-2024-49967 medium 5.5 1y ago RHSA-2025:6966: kernel security update (Moderate) redhatsuse
CVE-2024-12747 medium 5.5 1y ago Moderate: rsync security update archredhatrockylinuxsuse+1
CVE-2024-46828 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: sched: sch_cake: fix bulk flow accounting logic for host fairness In sch_cake, we keep track of the count of active bulk flows pe… redhatsusedebian
CVE-2024-53142 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: initramfs: avoid filename buffer overrun The initramfs filename field is defined in Documentation/driver-api/early-userspace/buff… redhatsusedebian
CVE-2024-49929 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: avoid NULL pointer dereference iwl_mvm_tx_skb_sta() and iwl_mvm_tx_mpdu() verify that the mvmvsta pointer is … redhatsusedebian
CVE-2024-47719 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: iommufd: Protect against overflow of ALIGN() during iova allocation Userspace can supply an iova and uptr such that the target io… redhatsusedebian
CVE-2024-46758 medium 5.5 1y ago RHSA-2025:6966: kernel security update (Moderate) redhatsuse
CVE-2024-50153 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Fix null-ptr-deref in target_alloc_device() There is a null-ptr-deref issue reported by KASAN: BUG: KASAN: n… redhatsusedebianlinux
CVE-2024-50191 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ext4: don't set SB_RDONLY after filesystem errors When the filesystem is mounted with errors=remount-ro, we were setting SB_RDONL… redhatsusedebian
CVE-2024-53082 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: virtio_net: Add hash_key_length check Add hash_key_length check in virtnet_probe() to avoid possible out of bound errors when set… redhatsusedebian
CVE-2024-50014 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix access to uninitialised lock in fc replay path The following kernel trace can be triggered with fstest generic/629 when… redhatsusedebian
CVE-2024-56566 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mm/slub: Avoid list corruption when removing a slab from the full list Boot with slub_debug=UFPZ. If allocated object failed in … redhatsusedebian
CVE-2024-50117 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: drm/amd: Guard against bad data for ATIF ACPI method If a BIOS provides bad data in response to an ATIF method call this causes a… redhatsusedebian
CVE-2024-50024 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net: Fix an unsafe loop on the list The kernel may crash when deleting a genetlink family if there are still listeners for that f… redhatsusedebian
CVE-2024-56605 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() bt_sock_alloc() allocates the sk object and at… redhatsusedebian
CVE-2024-46822 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry In a review discussion of the changes to support vCPU hotplug… redhatsusedebian
CVE-2024-49935 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ACPI: PAD: fix crash in exit_round_robin() The kernel occasionally crashes in cpumask_clear_cpu(), which is called within exit_ro… redhatsusedebian
CVE-2024-56664 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix race between element replace and close() Element replace (with a socket different from the one stored) may race… redhatsusedebian
CVE-2024-42291 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ice: Add a per-VF limit on number of FDIR filters While the iavf driver adds a s/w limit (128) on the number of FDIR filters that… redhatsusedebian
CVE-2024-35964 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix not validating setsockopt user input Check user input length before copying data. redhatsusedebian
CVE-2024-50073 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: Fix use-after-free in gsm_cleanup_mux BUG: KASAN: slab-use-after-free in gsm_cleanup_mux+0x77b/0x7b0 drivers/tty/n_gs… redhatsusedebian
CVE-2024-43898 medium 5.5 1y ago RHSA-2025:6966: kernel security update (Moderate) redhatsuse
CVE-2024-43910 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: bpf: add missing check_func_arg_reg_off() to prevent out-of-bounds memory accesses Currently, it's possible to pass in a modified… redhatsusedebian
CVE-2024-56601 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inet_create() sock_init_data() attaches the allocated sk object to the provided … redhatsusedebian
CVE-2024-50261 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: macsec: Fix use-after-free while sending the offloading packet KASAN reports the following UAF. The metadata_dst, which is used t… redhatsusedebian
CVE-2024-56602 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() sock_init_data() attaches the allocated sk object to t… redhatsusedebian
CVE-2024-50093 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: thermal: intel: int340x: processor: Fix warning during module unload The processor_thermal driver uses pcim_device_enable() to en… redhatsusedebian