CVEs from 2024
Total
6,989
critical
critical 114
high
high 1,032
medium
medium 1,998
low
low 47
% Critical
1.6%
% with KEV
2.3%
% with exploit
2.8%
Top products
- surveillance_station 12
- checkmk 10
- profilegrid 8
- office 8
- office_long_term_servicing_channel 6
- glibc 5
- virtual_traffic_manager 5
- element_pack 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-40954 | high | — | 8.0 | 2y ago | RHSA-2024:7001: kernel-rt security update (Important) | |||
| CVE-2024-26828 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: cifs: fix underflow in parse_server_interfaces() In this loop, we step through the buffer and after each item we check if the siz… | |||
| CVE-2024-26808 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain Remove netdevice from inet/ingress basechain in … | |||
| CVE-2024-4076 | high | — | 8.0 | 2y ago | RHSA-2024:5390: bind9.16 security update (Important) | |||
| CVE-2024-1737 | high | — | 8.0 | 2y ago | RHSA-2024:5524: bind security update (Important) | |||
| CVE-2024-7518 | high | — | 8.0 | 2y ago | RHSA-2024:5402: thunderbird security update (Important) | |||
| CVE-2024-39487 | high | — | 8.0 | 2y ago | RHSA-2024:5102: kernel-rt security update (Important) | |||
| CVE-2024-38575 | high | — | 8.0 | 2y ago | RHSA-2024:5102: kernel-rt security update (Important) | |||
| CVE-2024-37353 | high | — | 8.0 | 2y ago | Important: kernel security update | |||
| CVE-2024-7524 | high | — | 8.0 | 2y ago | RHSA-2024:5391: firefox security update (Important) | |||
| CVE-2024-36941 | high | — | 8.0 | 2y ago | RHSA-2024:5102: kernel-rt security update (Important) | |||
| CVE-2024-36921 | high | — | 8.0 | 2y ago | RHSA-2024:5102: kernel-rt security update (Important) | |||
| CVE-2024-21823 | high | — | 8.0 | 2y ago | RHSA-2024:5102: kernel-rt security update (Important) | |||
| CVE-2024-1975 | high | — | 8.0 | 2y ago | RHSA-2024:5524: bind security update (Important) | |||
| CVE-2024-38391 | high | — | 8.0 | 2y ago | Important: kernel security update | |||
| CVE-2024-26600 | high | — | 8.0 | 2y ago | RHSA-2024:7000: kernel security update (Important) | |||
| CVE-2024-27049 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925e: fix use-after-free in free_irq() From commit a304e1b82808 ("[PATCH] Debug shared irqs"), there is a test to … | |||
| CVE-2024-35800 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: efi: fix panic in kdump kernel Check if get_next_variable() is actually valid pointer before calling it. In kdump kernel this met… | |||
| CVE-2024-35848 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: eeprom: at24: fix memory corruption race condition If the eeprom is not accessible, an nvmem device will be registered, the read … | |||
| CVE-2024-7527 | high | — | 8.0 | 2y ago | RHSA-2024:5402: thunderbird security update (Important) | |||
| CVE-2024-36903 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix potential uninit-value access in __ip6_make_skb() As it was done in commit fc1092f51567 ("ipv4: Fix uninit-value access… | |||
| CVE-2024-27417 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ipv6: fix potential "struct net" leak in inet6_rtm_getaddr() It seems that if userspace provides a correct IFA_TARGET_NETNSID val… | |||
| CVE-2024-7525 | high | — | 8.0 | 2y ago | RHSA-2024:5402: thunderbird security update (Important) | |||
| CVE-2024-7521 | high | — | 8.0 | 2y ago | RHSA-2024:5402: thunderbird security update (Important) | |||
| CVE-2024-7529 | high | — | 8.0 | 2y ago | RHSA-2024:5402: thunderbird security update (Important) | |||
| CVE-2024-7520 | high | — | 8.0 | 2y ago | RHSA-2024:5402: thunderbird security update (Important) | |||
| CVE-2024-7526 | high | — | 8.0 | 2y ago | RHSA-2024:5402: thunderbird security update (Important) | |||
| CVE-2024-7522 | high | — | 8.0 | 2y ago | RHSA-2024:5402: thunderbird security update (Important) | |||
| CVE-2024-40928 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: ethtool: fix the error condition in ethtool_get_phy_stats_ethtool() Clang static checker (scan-build) warning: net/ethtool/i… | |||
| CVE-2024-35852 | high | — | 8.0 | 2y ago | RHSA-2024:4352: kernel-rt security and bug fix update (Important) | |||
| CVE-2024-7519 | high | — | 8.0 | 2y ago | RHSA-2024:5402: thunderbird security update (Important) | |||
| CVE-2024-7528 | high | — | 8.0 | 2y ago | RHSA-2024:5402: thunderbird security update (Important) | |||
| CVE-2024-27388 | high | — | 8.0 | 2y ago | RHSA-2024:5102: kernel-rt security update (Important) | |||
| CVE-2024-26802 | high | — | 8.0 | 2y ago | RHSA-2024:5102: kernel-rt security update (Important) | |||
| CVE-2024-36950 | high | — | 8.0 | 2y ago | RHSA-2024:5102: kernel-rt security update (Important) | |||
| CVE-2024-40974 | high | — | 8.0 | 2y ago | RHSA-2024:5101: kernel security update (Important) | |||
| CVE-2024-36954 | high | — | 8.0 | 2y ago | RHSA-2024:5102: kernel-rt security update (Important) | |||
| CVE-2024-38476 | high | — | 8.0 | 2y ago | RHSA-2024:5193: httpd:2.4 security update (Important) | |||
| CVE-2024-35790 | high | — | 8.0 | 2y ago | RHSA-2024:5102: kernel-rt security update (Important) | |||
| CVE-2024-26698 | high | — | 8.0 | 2y ago | RHSA-2024:5101: kernel security update (Important) | |||
| CVE-2024-35952 | high | — | 8.0 | 2y ago | RHSA-2024:5102: kernel-rt security update (Important) | |||
| CVE-2024-36924 | high | — | 8.0 | 2y ago | RHSA-2024:5101: kernel security update (Important) | |||
| CVE-2024-36952 | high | — | 8.0 | 2y ago | RHSA-2024:5101: kernel security update (Important) | |||
| CVE-2024-26773 | high | — | 8.0 | 2y ago | RHSA-2024:5102: kernel-rt security update (Important) | |||
| CVE-2024-23638 | high | — | 8.0 | 2y ago | RHSA-2024:9644: squid:4 security update (Important) | |||
| CVE-2024-38477 | high | — | 8.0 | 2y ago | RHSA-2024:4720: httpd:2.4 security update (Important) | |||
| CVE-2024-38474 | high | — | 8.0 | 2y ago | RHSA-2024:4720: httpd:2.4 security update (Important) | |||
| CVE-2024-39573 | high | — | 8.0 | 2y ago | RHSA-2024:4720: httpd:2.4 security update (Important) | |||
| CVE-2024-38473 | high | — | 8.0 | 2y ago | RHSA-2024:4720: httpd:2.4 security update (Important) | |||
| CVE-2024-5564 | high | — | 8.0 | 2y ago | RHSA-2024:4620: libndp security update (Important) | |||
| CVE-2024-39936 | high | — | 8.0 | 2y ago | RHSA-2024:4617: qt5-qtbase security update (Important) | |||
| CVE-2024-36886 | high | — | 8.0 | 2y ago | RHSA-2024:5522: kpatch-patch-4_18_0-553 security update (Important) | |||
| CVE-2024-21140 | high | — | 8.0 | 2y ago | RHSA-2024:4573: java-21-openjdk security update (Important) | |||
| CVE-2024-38593 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: micrel: Fix receiving the timestamp in the frame for lan8841 The blamed commit started to use the ptp workqueue to get the s… | |||
| CVE-2024-21147 | high | — | 8.0 | 2y ago | RHSA-2024:4573: java-21-openjdk security update (Important) | |||
| CVE-2024-21144 | high | — | 8.0 | 2y ago | RHSA-2024:4567: java-11-openjdk security update (Important) | |||
| CVE-2024-38543 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure The kcalloc() in dmirror_device_evict_chunk() will return null if… | |||
| CVE-2024-26783 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index With numa balancing on, when a numa system is running where … | |||
| CVE-2024-36957 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: avoid off-by-one read from userspace We try to access count + 1 byte from userspace with memdup_user(buffer, count … | |||
| CVE-2024-38663 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: fix list corruption from resetting io stat Since commit 3b8cc6298724 ("blk-cgroup: Optimize blkcg_rstat_flush()"), ea… | |||
| CVE-2024-21145 | high | — | 8.0 | 2y ago | RHSA-2024:4573: java-21-openjdk security update (Important) | |||
| CVE-2024-21138 | high | — | 8.0 | 2y ago | RHSA-2024:4573: java-21-openjdk security update (Important) | |||
| CVE-2024-27435 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: nvme: fix reconnection fail due to reserved tag allocation We found a issue on production environment while using NVMe over RDMA,… | |||
| CVE-2024-21131 | high | — | 8.0 | 2y ago | RHSA-2024:4573: java-21-openjdk security update (Important) | |||
| CVE-2024-26858 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Use a memory barrier to enforce PTP WQ xmit submission tracking occurs after populating the metadata_map Just simply r… | |||
| CVE-2024-37560 | high | 8.0 | 8.0 | 2y ago | Improper Privilege Management vulnerability in IqbalRony WP User Switch allows Privilege Escalation.This issue affects WP User Switch: from n/a through 1.1.0. | |||
| CVE-2024-6604 | high | — | 8.0 | 2y ago | RHSA-2024:4635: thunderbird security update (Important) | |||
| CVE-2024-6601 | high | — | 8.0 | 2y ago | RHSA-2024:4635: thunderbird security update (Important) | |||
| CVE-2024-6603 | high | — | 8.0 | 2y ago | RHSA-2024:4635: thunderbird security update (Important) | |||
| CVE-2024-35264 | high | — | 8.0 | 2y ago | RHSA-2024:4451: dotnet8.0 security update (Important) | |||
| CVE-2024-30105 | high | — | 8.0 | 2y ago | RHSA-2024:4451: dotnet8.0 security update (Important) | |||
| CVE-2024-38095 | high | — | 8.0 | 2y ago | RHSA-2024:4451: dotnet8.0 security update (Important) | |||
| CVE-2024-26801 | high | — | 8.0 | 2y ago | RHSA-2024:4352: kernel-rt security and bug fix update (Important) | |||
| CVE-2024-4467 | high | — | 8.0 | 2y ago | RHSA-2024:4420: virt:rhel and virt-devel:rhel security update (Important) | |||
| CVE-2024-32465 | high | — | 8.0 | 2y ago | RHSA-2024:4084: git security update (Important) | |||
| CVE-2024-32020 | high | — | 8.0 | 2y ago | RHSA-2024:4084: git security update (Important) | |||
| CVE-2024-32004 | high | — | 8.0 | 2y ago | RHSA-2024:4084: git security update (Important) | |||
| CVE-2024-32002 | high | — | 8.0 | 2y ago | RHSA-2024:4084: git security update (Important) | |||
| CVE-2024-32021 | high | — | 8.0 | 2y ago | RHSA-2024:4084: git security update (Important) | |||
| CVE-2024-33871 | high | — | 8.0 | 2y ago | RHSA-2024:4000: ghostscript security update (Important) | |||
| CVE-2024-37890 | high | — | 8.0 | 2y ago | ws affected by a DoS when handling a request with many HTTP headers | |||
| CVE-2024-5702 | high | — | 8.0 | 2y ago | RHSA-2024:4036: thunderbird security update (Important) | |||
| CVE-2024-32462 | high | — | 8.0 | 2y ago | RHSA-2024:3961: flatpak security update (Important) | |||
| CVE-2024-5691 | high | — | 8.0 | 2y ago | RHSA-2024:4036: thunderbird security update (Important) | |||
| CVE-2024-5693 | high | — | 8.0 | 2y ago | RHSA-2024:4036: thunderbird security update (Important) | |||
| CVE-2024-5696 | high | — | 8.0 | 2y ago | RHSA-2024:4036: thunderbird security update (Important) | |||
| CVE-2024-5690 | high | — | 8.0 | 2y ago | RHSA-2024:4036: thunderbird security update (Important) | |||
| CVE-2024-5688 | high | — | 8.0 | 2y ago | RHSA-2024:4036: thunderbird security update (Important) | |||
| CVE-2024-5700 | high | — | 8.0 | 2y ago | RHSA-2024:4036: thunderbird security update (Important) | |||
| CVE-2024-3657 | high | — | 8.0 | 2y ago | RHSA-2024:4235: 389-ds security update (Important) | |||
| CVE-2024-2199 | high | — | 8.0 | 2y ago | RHSA-2024:4235: 389-ds security update (Important) | |||
| CVE-2024-2698 | high | — | 8.0 | 2y ago | RHSA-2024:3755: idm:DL1 security update (Important) | |||
| CVE-2024-3183 | high | — | 8.0 | 2y ago | RHSA-2024:3755: idm:DL1 security update (Important) | |||
| CVE-2024-3049 | high | — | 8.0 | 2y ago | RHSA-2024:3659: booth security update (Important) | |||
| CVE-2024-26735 | high | — | 8.0 | 2y ago | RHSA-2024:4352: kernel-rt security and bug fix update (Important) | |||
| CVE-2024-32487 | high | — | 8.0 | 2y ago | RHSA-2024:4256: less security update (Important) | |||
| CVE-2024-26804 | high | — | 8.0 | 2y ago | RHSA-2024:4352: kernel-rt security and bug fix update (Important) | |||
| CVE-2024-23672 | high | — | 8.0 | 2y ago | RHSA-2024:3666: tomcat security and bug fix update (Important) | |||
| CVE-2024-35890 | high | — | 8.0 | 2y ago | RHSA-2024:4352: kernel-rt security and bug fix update (Important) | |||
| CVE-2024-24549 | high | — | 8.0 | 2y ago | RHSA-2024:3666: tomcat security and bug fix update (Important) |