VIR Vulnerability Intelligence Relay

CVEs from 2024

9,429 normalized CVEs published or assigned in this year.

Total
9,429
critical
critical 114
high
high 1,043
medium
medium 1,991
low
low 40
% Critical
1.2%
% with KEV
1.7%
% with exploit
1.7%

Top vendors

Top products

  • checkmk 10
  • office 8
  • profilegrid 8
  • office_long_term_servicing_channel 6
  • glibc 5
  • virtual_traffic_manager 5
  • element_pack 5
  • propertyhive 5

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2024-28109 high 8.0 2y ago veraPDF has potential XSLT injection vulnerability when using policy files java
CVE-2024-4777 high 8.0 2y ago Important: thunderbird security update redhatrockylinuxdebiansuse
CVE-2024-4767 high 8.0 2y ago Important: thunderbird security update redhatrockylinuxdebiansuse
CVE-2024-4769 high 8.0 2y ago Important: thunderbird security update redhatrockylinuxdebiansuse
CVE-2024-4768 high 8.0 2y ago Important: thunderbird security update redhatrockylinuxdebiansuse
CVE-2024-4770 high 8.0 2y ago Important: thunderbird security update redhatrockylinuxdebiansuse
CVE-2024-29800 high 8.0 8.0 2y ago timber/timber vulnerable to Deserialization of Untrusted Data php
CVE-2024-30045 high 8.0 2y ago Important: .NET 8.0 security update redhatrockylinuxnuget
CVE-2024-30046 high 8.0 2y ago Important: .NET 7.0 security update redhatrockylinuxnuget
CVE-2024-22025 high 8.0 2y ago Important: nodejs:18 security update redhatrockylinuxdebian
CVE-2024-25629 high 8.0 2y ago Important: nodejs security update redhatdebianrockylinuxsuse
CVE-2024-27982 high 8.0 2y ago Important: nodejs security update redhatarchrockylinuxsuse+1
CVE-2024-28182 high 8.0 2y ago Important: nodejs security update redhatrockylinuxsusedebian
CVE-2024-27983 high 8.0 2y ago Important: nodejs security update redhatarchrockylinuxsuse+1
CVE-2024-31270 high 8.0 8.0 2y ago Missing Authorization vulnerability in Repute InfoSystems ARForms Form Builder.This issue affects ARForms Form Builder: from n/a through 1.6.1.
CVE-2024-3019 high 8.0 2y ago Important: pcp security, bug fix, and enhancement update redhatrockylinuxsusedebian
CVE-2024-26583 high 8.0 2y ago Important: kernel security and bug fix update redhatrockylinuxsusedebian+1
CVE-2024-28180 high 8.0 2y ago Important: container-tools:rhel8 security update redhatrockylinuxdebiansuse+1
CVE-2024-24784 high 8.0 2y ago Important: golang security update redhatrockylinuxdebiansuse+1
CVE-2024-23271 high 8.0 2y ago Important: webkit2gtk3 security update redhatrockylinuxsusedebian
CVE-2024-26585 high 8.0 2y ago Important: kernel security and bug fix update redhatsuserockylinuxdebian+1
CVE-2024-26584 high 8.0 2y ago Important: kernel security and bug fix update redhatrockylinuxsusedebian+1
CVE-2024-26586 high 8.0 2y ago Important: kernel security update redhatsuserockylinuxdebian+1
CVE-2024-26830 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: i40e: Do not allow untrusted VF to remove administratively set MAC Currently when PF administratively sets VF's MAC address and t… redhatsusedebian
CVE-2024-1085 high 8.0 2y ago Important: kernel security, bug fix, and enhancement update redhatsusedebianalmalinux
CVE-2024-0565 high 8.0 2y ago Important: kernel security, bug fix, and enhancement update redhatrockylinuxsusedebian+1
CVE-2024-26582 high 8.0 2y ago Important: kernel security, bug fix, and enhancement update redhatsusedebianalmalinux
CVE-2024-24785 high 8.0 2y ago Important: golang security update rockylinuxredhatdebiansuse+1
CVE-2024-24783 high 8.0 2y ago Important: golang security update redhatrockylinuxdebiansuse+1
CVE-2024-24786 high 8.0 2y ago Important: container-tools:rhel8 security update redhatrockylinuxdebiansuse+1
CVE-2024-26633 high 8.0 2y ago Important: kernel security, bug fix, and enhancement update redhatsusedebianalmalinux
CVE-2024-1753 high 8.0 2y ago Important: container-tools:rhel8 security update redhatrockylinuxdebiansuse+1
CVE-2024-1488 high 8.0 2y ago Important: unbound security update redhatrockylinuxsusedebian
CVE-2024-30156 high 8.0 2y ago Important: varnish security update redhatrockylinuxdebian
CVE-2024-21891 high 8.0 2y ago Important: nodejs:20 security update redhatrockylinuxsusedebian
CVE-2024-21890 high 8.0 2y ago Important: nodejs:20 security update redhatrockylinuxsusedebian
CVE-2024-22017 high 8.0 2y ago Important: nodejs:20 security update redhatrockylinuxsusedebian
CVE-2024-21896 high 8.0 2y ago Important: nodejs:20 security update redhatrockylinuxsusedebian
CVE-2024-21892 high 8.0 2y ago Important: nodejs:20 security update redhatrockylinuxsusedebian
CVE-2024-1394 high 8.0 2y ago Important: golang security update redhatrockylinuxgolang
CVE-2024-22019 high 8.0 2y ago Important: nodejs:20 security update redhatrockylinuxsusedebian
CVE-2024-1597 high 8.0 2y ago Important: postgresql-jdbc security update redhatrockylinuxsusedebian+1
CVE-2024-25617 high 8.0 2y ago Important: squid security update redhatrockylinuxsusedebian
CVE-2024-25111 high 8.0 2y ago Important: squid security update redhatrockylinuxsusedebian
CVE-2024-0646 high 8.0 2y ago Important: kernel security update redhatsuserockylinuxdebian+1
CVE-2024-1551 high 8.0 2y ago Important: thunderbird security update redhatrockylinuxdebian
CVE-2024-1550 high 8.0 2y ago Important: thunderbird security update redhatrockylinuxdebian
CVE-2024-0985 high 8.0 2y ago Important: postgresql security update redhatrockylinuxsusedebian
CVE-2024-1546 high 8.0 2y ago Important: firefox security update redhatrockylinuxdebian
CVE-2024-1549 high 8.0 2y ago Important: thunderbird security update redhatrockylinuxdebian
CVE-2024-1553 high 8.0 2y ago Important: thunderbird security update redhatrockylinuxdebian
CVE-2024-1548 high 8.0 2y ago Important: thunderbird security update redhatrockylinuxdebian
CVE-2024-1552 high 8.0 2y ago Important: thunderbird security update redhatrockylinuxdebian
CVE-2024-1547 high 8.0 2y ago Important: thunderbird security update redhatrockylinuxdebian
CVE-2024-26130 high 8.0 2y ago Important: python3.12-cryptography security update redhatsuserockylinuxdebian+1
CVE-2024-21404 high 8.0 2y ago Important: .NET 8.0 security update redhatrockylinux
CVE-2024-21386 high 8.0 2y ago Important: dotnet7.0 security update redhatrockylinuxnuget
CVE-2024-0964 high 8.0 2y ago A local file include could be remotely triggered in Gradio due to a vulnerable user-supplied JSON value in an API request. python
CVE-2024-21626 high 8.0 2y ago Important: container-tools:4.0 security update redhatrockylinuxsusedebian+1
CVE-2024-0751 high 8.0 2y ago Important: firefox security update redhatrockylinuxdebian
CVE-2024-0742 high 8.0 2y ago Important: firefox security update redhatrockylinuxdebian
CVE-2024-0753 high 8.0 2y ago Important: firefox security update redhatrockylinuxdebian
CVE-2024-0746 high 8.0 2y ago Important: firefox security update redhatrockylinuxdebian
CVE-2024-0750 high 8.0 2y ago Important: firefox security update redhatrockylinuxdebian
CVE-2024-0749 high 8.0 2y ago Important: firefox security update redhatrockylinuxdebian
CVE-2024-0747 high 8.0 2y ago Important: firefox security update redhatrockylinuxdebian
CVE-2024-0741 high 8.0 2y ago Important: thunderbird security update redhatrockylinuxdebian
CVE-2024-0755 high 8.0 2y ago Important: firefox security update redhatrockylinuxdebian
CVE-2024-20919 high 8.0 2y ago Important: java-17-openjdk security and bug fix update redhatsusedebian
CVE-2024-20932 high 8.0 2y ago Important: java-17-openjdk security and bug fix update redhatsusedebian
CVE-2024-20926 high 8.0 2y ago Important: java-11-openjdk security update redhatsusedebian
CVE-2024-20945 high 8.0 2y ago Important: java-17-openjdk security and bug fix update redhatalmalinuxsusedebian
CVE-2024-20921 high 8.0 2y ago Important: java-17-openjdk security and bug fix update redhatalmalinuxsusedebian
CVE-2024-20952 high 8.0 2y ago Important: java-17-openjdk security and bug fix update almalinuxredhatsusedebian
CVE-2024-20918 high 8.0 2y ago Important: java-17-openjdk security and bug fix update redhatsusedebian
CVE-2024-0057 high 8.0 2y ago Important: .NET 6.0 security update redhatrockylinuxnuget
CVE-2024-0056 high 8.0 2y ago Important: .NET 6.0 security update redhatrockylinuxnuget
CVE-2024-21319 high 8.0 2y ago Important: .NET 6.0 security update redhatrockylinuxnuget
CVE-2024-0443 high 8.0 3y ago A flaw was found in the blkgs destruction path in block/blk-cgroup.c in the Linux kernel, leading to a cgroup blkio memory leakage problem. When a cgroup is being destroyed, cgroup_rstat_flush() is o… redhatsusedebian
CVE-2024-57876 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/dp_mst: Fix resetting msg rx state after topology removal If the MST topology is removed during the reception of an MST down … redhatsusedebian
CVE-2024-26649 high 8.0 3y ago Important: kernel security update redhatrockylinuxsusedebian+1
CVE-2024-27808 high 8.0 3y ago The issue was addressed with improved memory handling. This issue is fixed in Safari 17.5, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. Processing web content m… redhatsusedebian
CVE-2024-23252 high 8.0 3y ago RHSA-2023:4201: webkit2gtk3 security update (Important) redhatsuse
CVE-2024-54658 high 8.0 3y ago The issue was addressed with improved memory handling. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing web content m… redhatsusedebian
CVE-2024-27833 high 8.0 3y ago An integer overflow was addressed with improved input validation. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, tvOS 17.5, visionOS 1.2. Processing malic… redhatsusedebian
CVE-2024-27834 high 8.0 3y ago The issue was addressed with improved checks. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, watchOS 10.5. An attacker with … redhatsusedebian
CVE-2024-36333 high 7.8 7.8 13d ago A DLL hijacking vulnerability in the AMD Cleanup Utility could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution. amd
CVE-2024-47091 high 7.8 7.8 15d ago Privilege escalation in the mk_mysql agent plugin on Windows in Checkmk <2.4.0p29, <2.3.0p47, and 2.2.0 (EOL) allows a local unprivileged user able to create a Windows service whose name matches 'MyS…
CVE-2024-58072 high 7.8 7.8 7mo ago Moderate: kernel security update redhatsuserockylinuxdebian+2
CVE-2024-46744 high 7.8 7.8 7mo ago Moderate: kernel security update redhatsuserockylinuxdebian+2
CVE-2024-58240 high 7.8 7.8 9mo ago In the Linux kernel, the following vulnerability has been resolved: tls: separate no-async decryption request handling from async If we're not doing async, the handling is much simpler. There's no … susedebianlinux
CVE-2024-50150 high 7.8 7.8 1y ago In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmode should keep reference to parent The altmode device release refers to its parent device, but without keeping a… redhatsusedebianlinux
CVE-2024-46853 high 7.8 7.8 1y ago In the Linux kernel, the following vulnerability has been resolved: spi: nxp-fspi: fix the KASAN report out-of-bounds bug Change the memcpy length to fix the out-of-bounds issue when writing the da… redhatsusedebianlinux
CVE-2024-53059 high 7.8 7.8 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: Fix response handling in iwl_mvm_send_recovery_cmd() 1. The size of the response packet is not validated. 2. … redhatsusedebianlinux
CVE-2024-46871 high 7.8 7.8 1y ago In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Correct the defined value for AMDGPU_DMUB_NOTIFICATION_MAX [Why & How] It actually exposes '6' types in enum dmu… redhatsusedebianlinux
CVE-2024-44987 high 7.8 7.8 1y ago In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent UAF in ip6_send_skb() syzbot reported an UAF in ip6_send_skb() [1] After ip6_local_out() has returned, we no longe… redhatsusedebianlinux
CVE-2024-50127 high 7.8 7.8 1y ago In the Linux kernel, the following vulnerability has been resolved: net: sched: fix use-after-free in taprio_change() In 'taprio_change()', 'admin' pointer may become dangling due to sched switch /… redhatsusedebianlinux
CVE-2024-49884 high 7.8 7.8 1y ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix slab-use-after-free in ext4_split_extent_at() We hit the following use-after-free: ===================================… redhatsusedebianlinux
CVE-2024-56631 high 7.8 7.8 1y ago In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Fix slab-use-after-free read in sg_release() Fix a use-after-free bug in sg_release(), detected by syzbot with KASAN: … redhatsusedebianlinux
CVE-2024-53166 high 7.8 7.8 1y ago In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix bfqq uaf in bfq_limit_depth() Set new allocated bfqq to bic or remove freed bfqq from bic are both protected by b… redhatsusedebianlinux