CVEs from 2024
Total
7,195
critical
critical 114
high
high 1,044
medium
medium 1,991
low
low 40
% Critical
1.6%
% with KEV
2.3%
% with exploit
2.3%
Top vendors
Top products
- checkmk 10
- office 8
- profilegrid 8
- office_long_term_servicing_channel 6
- glibc 5
- virtual_traffic_manager 5
- element_pack 5
- propertyhive 5
Top packages
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2024-39476 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING Xiao reported that lvm2 test lvconvert-raid-ta… | |
| CVE-2024-38286 | high | — | 8.0 | 2y ago | Apache Tomcat Allocation of Resources Without Limits or Throttling vulnerability | |
| CVE-2024-34750 | high | — | 8.0 | 2y ago | Apache Tomcat - Denial of Service | |
| CVE-2024-6221 | high | — | 8.0 | 2y ago | A vulnerability in corydolphin/flask-cors up to version 4.0.1 allows the `Access-Control-Allow-Private-Network` CORS header to be set to true by default, without any configuration option. This behavi… | |
| CVE-2024-36941 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: don't free NULL coalescing rule If the parsing fails, we can dereference a NULL pointer here. | |
| CVE-2024-27049 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925e: fix use-after-free in free_irq() From commit a304e1b82808 ("[PATCH] Debug shared irqs"), there is a test to … | |
| CVE-2024-35800 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: efi: fix panic in kdump kernel Check if get_next_variable() is actually valid pointer before calling it. In kdump kernel this met… | |
| CVE-2024-7529 | high | — | 8.0 | 2y ago | Important: firefox security update | |
| CVE-2024-35848 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: eeprom: at24: fix memory corruption race condition If the eeprom is not accessible, an nvmem device will be registered, the read … | |
| CVE-2024-37353 | high | — | 8.0 | 2y ago | Important: kernel security update | |
| CVE-2024-35852 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash work The rehash delayed work is rescheduled with a delay if the n… | |
| CVE-2024-35911 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ice: fix memory corruption bug with suspend and rebuild The ice driver would previously panic after suspend. This is caused from … | |
| CVE-2024-27417 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ipv6: fix potential "struct net" leak in inet6_rtm_getaddr() It seems that if userspace provides a correct IFA_TARGET_NETNSID val… | |
| CVE-2024-27434 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't set the MFP flag for the GTK The firmware doesn't need the MFP flag for the GTK, it can even make the f… | |
| CVE-2024-39487 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() In function bond_option_arp_ip_targets_set(), if newval->stri… | |
| CVE-2024-36017 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation Each attribute inside a nested IFLA_VF_VLAN_LIST is assumed to b… | |
| CVE-2024-7527 | high | — | 8.0 | 2y ago | Important: firefox security update | |
| CVE-2024-7519 | high | — | 8.0 | 2y ago | Important: thunderbird security update | |
| CVE-2024-7528 | high | — | 8.0 | 2y ago | Important: firefox security update | |
| CVE-2024-40954 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It is possible to trigger a use-after-free by: * attaching … | |
| CVE-2024-35937 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: check A-MSDU format more carefully If it looks like there's another subframe in the A-MSDU but the header isn't f… | |
| CVE-2024-4076 | high | — | 8.0 | 2y ago | Important: bind and bind-dyndb-ldap security update | |
| CVE-2024-1737 | high | — | 8.0 | 2y ago | Important: bind and bind-dyndb-ldap security update | |
| CVE-2024-1975 | high | — | 8.0 | 2y ago | Important: bind and bind-dyndb-ldap security update | |
| CVE-2024-40928 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: ethtool: fix the error condition in ethtool_get_phy_stats_ethtool() Clang static checker (scan-build) warning: net/ethtool/i… | |
| CVE-2024-21823 | high | — | 8.0 | 2y ago | Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors may allow an authorized user to potentially enable escalati… | |
| CVE-2024-26600 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP If the external phy working together with phy-omap-usb2 does not imp… | |
| CVE-2024-26868 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: nfs: fix panic when nfs4_ff_layout_prepare_ds() fails We've been seeing the following panic in production BUG: kernel NULL point… | |
| CVE-2024-7521 | high | — | 8.0 | 2y ago | Important: thunderbird security update | |
| CVE-2024-7520 | high | — | 8.0 | 2y ago | Important: thunderbird security update | |
| CVE-2024-7525 | high | — | 8.0 | 2y ago | Important: firefox security update | |
| CVE-2024-36922 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: read txq->read_ptr under lock If we read txq->read_ptr without lock, we can read the same value twice, then obtain… | |
| CVE-2024-38391 | high | — | 8.0 | 2y ago | Important: kernel security update | |
| CVE-2024-7524 | high | — | 8.0 | 2y ago | Important: firefox security update | |
| CVE-2024-36903 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix potential uninit-value access in __ip6_make_skb() As it was done in commit fc1092f51567 ("ipv4: Fix uninit-value access… | |
| CVE-2024-38575 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: pcie: handle randbuf allocation failure The kzalloc() in brcmf_pcie_download_fw_nvram() will return null if the p… | |
| CVE-2024-36921 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: guard against invalid STA ID on removal Guard against invalid station IDs in iwl_mvm_mld_rm_sta_id as that wo… | |
| CVE-2024-26853 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: igc: avoid returning frame twice in XDP_REDIRECT When a frame can not be transmitted in XDP_REDIRECT (e.g. due to a full queue), … | |
| CVE-2024-26808 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain Remove netdevice from inet/ingress basechain in … | |
| CVE-2024-7522 | high | — | 8.0 | 2y ago | Important: thunderbird security update | |
| CVE-2024-7526 | high | — | 8.0 | 2y ago | Important: firefox security update | |
| CVE-2024-7518 | high | — | 8.0 | 2y ago | Important: thunderbird security update | |
| CVE-2024-26828 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: cifs: fix underflow in parse_server_interfaces() In this loop, we step through the buffer and after each item we check if the siz… | |
| CVE-2024-40974 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Enforce hcall result buffer validity and size plpar_hcall(), plpar_hcall9(), and related functions expect caller… | |
| CVE-2024-26698 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove In commit ac5047671758 ("hv_netvsc: Disable NAPI before clos… | |
| CVE-2024-35790 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group The DisplayPort driver's sysfs no… | |
| CVE-2024-26802 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: stmmac: Clear variable when destroying workqueue Currently when suspending driver and stopping workqueue it is checked whether wo… | |
| CVE-2024-27388 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix some memleaks in gssx_dec_option_array The creds and oa->data need to be freed in the error-handling paths after thei… | |
| CVE-2024-36950 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: firewire: ohci: mask bus reset interrupts between ISR and bottom half In the FireWire OHCI interrupt handler, if a bus reset inte… | |
| CVE-2024-36954 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tipc: fix a possible memleak in tipc_buf_append __skb_linearize() doesn't free the skb when it fails, so move '*buf = NULL' after… | |
| CVE-2024-38476 | high | — | 8.0 | 2y ago | Important: httpd security update | |
| CVE-2024-26773 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() Determine if the group block bitmap is corrupted b… | |
| CVE-2024-35952 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/ast: Fix soft lockup There is a while-loop in ast_dp_set_on_off() that could lead to infinite-loop. This is because the regis… | |
| CVE-2024-39573 | high | — | 8.0 | 2y ago | Important: httpd security update | |
| CVE-2024-38474 | high | — | 8.0 | 2y ago | Important: httpd security update | |
| CVE-2024-38477 | high | — | 8.0 | 2y ago | Important: httpd security update | |
| CVE-2024-38473 | high | — | 8.0 | 2y ago | Important: httpd security update | |
| CVE-2024-5564 | high | — | 8.0 | 2y ago | Important: libndp security update | |
| CVE-2024-39936 | high | — | 8.0 | 2y ago | Important: qt5-qtbase security update | |
| CVE-2024-21138 | high | — | 8.0 | 2y ago | Important: java-21-openjdk security update | |
| CVE-2024-26783 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index With numa balancing on, when a numa system is running where … | |
| CVE-2024-36957 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: avoid off-by-one read from userspace We try to access count + 1 byte from userspace with memdup_user(buffer, count … | |
| CVE-2024-21140 | high | — | 8.0 | 2y ago | Important: java-21-openjdk security update | |
| CVE-2024-38593 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: micrel: Fix receiving the timestamp in the frame for lan8841 The blamed commit started to use the ptp workqueue to get the s… | |
| CVE-2024-36886 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tipc: fix UAF in error path Sam Page (sam4k) working with Trend Micro Zero Day Initiative reported a UAF in the tipc_buf_append()… | |
| CVE-2024-26858 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Use a memory barrier to enforce PTP WQ xmit submission tracking occurs after populating the metadata_map Just simply r… | |
| CVE-2024-21147 | high | — | 8.0 | 2y ago | Important: java-11-openjdk security update | |
| CVE-2024-38543 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure The kcalloc() in dmirror_device_evict_chunk() will return null if… | |
| CVE-2024-21144 | high | — | 8.0 | 2y ago | Important: java-11-openjdk security update | |
| CVE-2024-38663 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: fix list corruption from resetting io stat Since commit 3b8cc6298724 ("blk-cgroup: Optimize blkcg_rstat_flush()"), ea… | |
| CVE-2024-21131 | high | — | 8.0 | 2y ago | Important: java-17-openjdk security update | |
| CVE-2024-21145 | high | — | 8.0 | 2y ago | Important: java-11-openjdk security update | |
| CVE-2024-27435 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: nvme: fix reconnection fail due to reserved tag allocation We found a issue on production environment while using NVMe over RDMA,… | |
| CVE-2024-37560 | high | 8.0 | 8.0 | 2y ago | Improper Privilege Management vulnerability in IqbalRony WP User Switch allows Privilege Escalation.This issue affects WP User Switch: from n/a through 1.1.0. | |
| CVE-2024-6603 | high | — | 8.0 | 2y ago | Important: thunderbird security update | |
| CVE-2024-6604 | high | — | 8.0 | 2y ago | Important: thunderbird security update | |
| CVE-2024-6601 | high | — | 8.0 | 2y ago | Important: thunderbird security update | |
| CVE-2024-35264 | high | — | 8.0 | 2y ago | Important: dotnet8.0 security update | |
| CVE-2024-30105 | high | — | 8.0 | 2y ago | Important: dotnet8.0 security update | |
| CVE-2024-38095 | high | — | 8.0 | 2y ago | Important: dotnet8.0 security update | |
| CVE-2024-26801 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Avoid potential use-after-free in hci_error_reset While handling the HCI_EV_HARDWARE_ERROR event, if the underlying BT… | |
| CVE-2024-24789 | high | — | 8.0 | 2y ago | Important: container-tools:rhel8 security update | |
| CVE-2024-4467 | high | — | 8.0 | 2y ago | Important: qemu-kvm security update | |
| CVE-2024-32020 | high | — | 8.0 | 2y ago | Important: git security update | |
| CVE-2024-32004 | high | — | 8.0 | 2y ago | Important: git security update | |
| CVE-2024-32021 | high | — | 8.0 | 2y ago | Important: git security update | |
| CVE-2024-32002 | high | — | 8.0 | 2y ago | Important: git security update | |
| CVE-2024-32465 | high | — | 8.0 | 2y ago | Important: git security update | |
| CVE-2024-0450 | high | — | 8.0 | 2y ago | Important: python3.9 security update | |
| CVE-2024-33871 | high | — | 8.0 | 2y ago | Important: ghostscript security update | |
| CVE-2024-37890 | high | — | 8.0 | 2y ago | ws affected by a DoS when handling a request with many HTTP headers | |
| CVE-2024-5696 | high | — | 8.0 | 2y ago | Important: thunderbird security update | |
| CVE-2024-5688 | high | — | 8.0 | 2y ago | Important: thunderbird security update | |
| CVE-2024-5690 | high | — | 8.0 | 2y ago | Important: thunderbird security update | |
| CVE-2024-5691 | high | — | 8.0 | 2y ago | Important: thunderbird security update | |
| CVE-2024-5693 | high | — | 8.0 | 2y ago | Important: thunderbird security update | |
| CVE-2024-32462 | high | — | 8.0 | 2y ago | Important: flatpak security update | |
| CVE-2024-5700 | high | — | 8.0 | 2y ago | Important: thunderbird security update | |
| CVE-2024-5702 | high | — | 8.0 | 2y ago | Important: thunderbird security update | |
| CVE-2024-3657 | high | — | 8.0 | 2y ago | Important: 389-ds-base security update |