CVEs from 2024
Total
9,429
critical
critical 114
high
high 1,043
medium
medium 1,991
low
low 40
% Critical
1.2%
% with KEV
1.7%
% with exploit
1.7%
Top vendors
Top products
- checkmk 10
- office 8
- profilegrid 8
- office_long_term_servicing_channel 6
- glibc 5
- virtual_traffic_manager 5
- element_pack 5
- propertyhive 5
Top packages
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2024-29816 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in htdat Woo Viet allows Stored XSS.This issue affects Woo Viet: from n/a through 1.5.2. | |
| CVE-2024-29815 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aminur Islam WP Change Email Sender allows Stored XSS.This issue affects WP Change Email Sender: … | |
| CVE-2024-29813 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CartFlows Inc. Funnel Builder by CartFlows allows Stored XSS.This issue affects Funnel Builder by… | |
| CVE-2024-29819 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Syam Mohan WPFront Notification Bar allows Stored XSS.This issue affects WPFront Notification Bar… | |
| CVE-2024-29929 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WC Lovers WCFM – Frontend Manager for WooCommerce allows Stored XSS.This issue affects WCFM – Fro… | |
| CVE-2024-29922 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Quantum Cloud Slider Hero allows Stored XSS.This issue affects Slider Hero: from n/a through 8.6.… | |
| CVE-2024-2579 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Data443 Tracking Code Manager.This issue affects Tracking Code Manager: from n/a through 2.0.16. | |
| CVE-2024-29105 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Timersys WP Popups allows Stored XSS.This issue affects WP Popups: from n/a through 2.1.5.5. | |
| CVE-2024-29124 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AAM Advanced Access Manager allows Stored XSS.This issue affects Advanced Access Manager: from n/… | |
| CVE-2024-29140 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Matt Manning MJM Clinic allows Stored XSS.This issue affects MJM Clinic: from n/a through 1.1.22. | |
| CVE-2024-35910 | medium | 5.8 | 5.8 | 2y ago | Important: kernel security update | |
| CVE-2024-32587 | medium | 5.8 | 5.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EnvialoSimple EnvíaloSimple allows Reflected XSS.This issue affects EnvíaloSimple: from n/a throu… | |
| CVE-2024-32547 | medium | 5.8 | 5.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Max Bond Code Insert Manager (Q2W3 Inc Manager) allows Reflected XSS.This issue affects Code Inse… | |
| CVE-2024-31122 | medium | 5.8 | 5.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Prism IT Systems User Rights Access Manager allows Reflected XSS.This issue affects User Rights A… | |
| CVE-2024-36894 | medium | 5.6 | 5.6 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete FFS based applications can utilize the aio_cancel() cal… | |
| CVE-2024-33655 | medium | — | 5.5 | 9d ago | Moderate: unbound security update | |
| CVE-2024-51394 | medium | 5.5 | 5.5 | 15d ago | Buffer Overflow vulnerability in Ardupiot Copter Latest commit 92693e023793133e49a035daf37c14433e484778 allows a local attacker to cause a denial of service via the AP_MSP::loop, AP_MSP, AP_MSP.cpp c… | |
| CVE-2024-26766 | medium | — | 5.5 | 4mo ago | Moderate: kernel-rt security update | |
| CVE-2024-56645 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-58083 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-52332 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-57998 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-56739 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-58075 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-58068 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-53229 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-57993 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-50294 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-53241 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-53216 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-56662 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-57989 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-57988 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-58012 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-57987 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-57981 | medium | 5.5 | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-56690 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-53119 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-45777 | medium | — | 5.5 | 7mo ago | Moderate: grub2 security update | |
| CVE-2024-53680 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-57990 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-53170 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-50195 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-56603 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-54456 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-49570 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-53135 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-49864 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-57995 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-53090 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-58077 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-58057 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-47727 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-58088 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-53052 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-50060 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-56786 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-57986 | medium | 5.5 | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-47679 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-56675 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-56709 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-46689 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-58062 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-58015 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |
| CVE-2024-13176 | medium | — | 5.5 | 8mo ago | Moderate: mysql:8.4 security update | |
| CVE-2024-36357 | medium | — | 5.5 | 8mo ago | Moderate: kernel security update | |
| CVE-2024-47252 | medium | — | 5.5 | 9mo ago | Moderate: httpd security update | |
| CVE-2024-36350 | medium | — | 5.5 | 10mo ago | Moderate: kernel security update | |
| CVE-2024-47081 | medium | — | 5.5 | 10mo ago | Moderate: python-requests security update | |
| CVE-2024-57980 | medium | — | 5.5 | 10mo ago | Moderate: kernel-rt security update | |
| CVE-2024-58002 | medium | — | 5.5 | 10mo ago | Moderate: kernel-rt security update | |
| CVE-2024-52615 | medium | — | 5.5 | 10mo ago | Moderate: avahi security update | |
| CVE-2024-50379 | medium | — | 5.5 | 11mo ago | Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability | |
| CVE-2024-23337 | medium | — | 5.5 | 11mo ago | Moderate: jq security update | |
| CVE-2024-54661 | medium | — | 5.5 | 11mo ago | Moderate: socat security update | |
| CVE-2024-53064 | medium | — | 5.5 | 11mo ago | Moderate: kernel-rt security update | |
| CVE-2024-45332 | medium | — | 5.5 | 11mo ago | Moderate:microcode_ctl bug fix and enhancement update | |
| CVE-2024-43420 | medium | — | 5.5 | 11mo ago | Moderate:microcode_ctl bug fix and enhancement update | |
| CVE-2024-49881 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: update orig_path in ext4_find_extent() In ext4_find_extent(), if the path is not big enough, we free it and set *orig_path … | |
| CVE-2024-47596 | medium | — | 5.5 | 1y ago | Moderate: gstreamer1-plugins-good security update | |
| CVE-2024-45000 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: fs/netfs/fscache_cookie: add missing "n_accesses" check This fixes a NULL pointer dereference bug due to a data race which looks … | |
| CVE-2024-27398 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout When the sco connection is established and then, the sco socket is … | |
| CVE-2024-49878 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: resource: fix region_intersects() vs add_memory_driver_managed() On a system with CXL memory, the resource tree (/proc/iomem) rel… | |
| CVE-2024-56614 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: xsk: fix OOB map writes when deleting elements Jordy says: " In the xsk_map_delete_elem function an unsigned integer (map->max_e… | |
| CVE-2024-56653 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btmtk: avoid UAF in btmtk_process_coredump hci_devcd_append may lead to the release of the skb, so it cannot be access… | |
| CVE-2024-47544 | medium | — | 5.5 | 1y ago | Moderate: gstreamer1-plugins-good security update | |
| CVE-2024-50130 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: bpf: must hold reference on net namespace BUG: KASAN: slab-use-after-free in __nf_unregister_net_hook+0x640/0x6b0 Read… | |
| CVE-2024-50046 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies() On the node of an NFS client, some files saved in the mountpoi… | |
| CVE-2024-50002 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: static_call: Handle module init failure correctly in static_call_del_module() Module insertion invokes static_call_add_module() t… | |
| CVE-2024-28047 | medium | — | 5.5 | 1y ago | Moderate: microcode_ctl security update | |
| CVE-2024-40956 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list Use list_for_each_entry_safe() to allow iterating through t… | |
| CVE-2024-47739 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: padata: use integer wrap around to prevent deadlock on seq_nr overflow When submitting more than 2^32 padata objects to padata_do… | |
| CVE-2024-49856 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: x86/sgx: Fix deadlock in SGX NUMA node search When the current node doesn't have an EPC section configured by firmware and all ot… | |
| CVE-2024-48873 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: check return value of ieee80211_probereq_get() for RNR The return value of ieee80211_probereq_get() might be NULL, s… | |
| CVE-2024-50102 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: x86: fix user address masking non-canonical speculation issue It turns out that AMD has a "Meltdown Lite(tm)" issue with non-cano… | |
| CVE-2024-50215 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: nvmet-auth: assign dh_key to NULL after kfree_sensitive ctrl->dh_key might be used across multiple calls to nvmet_setup_dhgroup()… | |
| CVE-2024-53085 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: tpm: Lock TPM chip in tpm_pm_suspend() first Setting TPM_CHIP_FLAG_SUSPENDED in the end of tpm_pm_suspend() can be racy according… | |
| CVE-2024-47687 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: vdpa/mlx5: Fix invalid mr resource destroy Certain error paths from mlx5_vdpa_dev_add() can end up releasing mr resources which n… | |
| CVE-2024-49885 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: mm, slub: avoid zeroing kmalloc redzone Since commit 946fa0dbf2d8 ("mm/slub: extend redzone check to extra allocated kmalloc spac… | |
| CVE-2024-50107 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: platform/x86/intel/pmc: Fix pmc_core_iounmap to call iounmap for valid addresses Commit 50c6dbdfd16e ("x86/ioremap: Improve iounm… |