CVEs from 2024
Total
7,034
critical
critical 114
high
high 1,020
medium
medium 2,013
low
low 42
% Critical
1.6%
% with KEV
2.3%
% with exploit
2.8%
Top products
- surveillance_station 12
- checkmk 10
- profilegrid 8
- office 8
- office_long_term_servicing_channel 6
- glibc 5
- virtual_traffic_manager 5
- element_pack 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-50235 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: clear wdev->cqm_config pointer on free When we free wdev->cqm_config when unregistering, we also need to clear ou… | |||
| CVE-2024-50236 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: Fix memory leak in management tx In the current logic, memory is allocated for storing the MSDU context during mana… | |||
| CVE-2024-42278 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ASoC: TAS2781: Fix tasdev_load_calibrated_data() This function has a reversed if statement so it's either a no-op or it leads to … | |||
| CVE-2024-50237 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower Avoid potentially crashing in the driver because of unini… | |||
| CVE-2024-53097 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: mm: krealloc: Fix MTE false alarm in __do_krealloc This patch addresses an issue introduced by commit 1a83a716ec233 ("mm: kreallo… | |||
| CVE-2024-27398 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout When the sco connection is established and then, the sco socket is … | |||
| CVE-2024-53103 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer When hvs is released, there is a possibility that vsk->tra… | |||
| CVE-2024-53110 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: vp_vdpa: fix id_table array not null terminated error Allocate one extra virtio_device_id as null terminator, otherwise vdpa_mgmt… | |||
| CVE-2024-53117 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: virtio/vsock: Improve MSG_ZEROCOPY error handling Add a missing kfree_skb() to prevent memory leaks. | |||
| CVE-2024-53118 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: vsock: Fix sk_error_queue memory leak Kernel queues MSG_ZEROCOPY completion notifications on the error queue. Where they remain, … | |||
| CVE-2024-50014 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: fix access to uninitialised lock in fc replay path The following kernel trace can be triggered with fstest generic/629 when… | |||
| CVE-2024-53120 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: CT: Fix null-ptr-deref in add rule err flow In error flow of mlx5_tc_ct_entry_add_rule(), in case ct_rule_add() callba… | |||
| CVE-2024-53121 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fs, lock FTE when checking if active The referenced commits introduced a two-step process for deleting FTEs: - Lock th… | |||
| CVE-2024-53123 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: mptcp: error out earlier on disconnect Eric reported a division by zero splat in the MPTCP protocol: Oops: divide error: 0000 [#… | |||
| CVE-2024-53134 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx93-blk-ctrl: correct remove path The check condition should be 'i < bc->onecell_data.num_domains', not 'bc->onecell_… | |||
| CVE-2024-53136 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: mm: revert "mm: shmem: fix data-race in shmem_getattr()" Revert d949d1d14fa2 ("mm: shmem: fix data-race in shmem_getattr()") as s… | |||
| CVE-2024-53232 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: iommu/s390: Implement blocking domain This fixes a crash when surprise hot-unplugging a PCI device. This crash happens because du… | |||
| CVE-2024-56827 | medium | — | 5.5 | 1y ago | Moderate: openjpeg2 security update | |||
| CVE-2024-53681 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: nvmet: Don't overflow subsysnqn nvmet_root_discovery_nqn_store treats the subsysnqn string like a fixed size buffer, even though … | |||
| CVE-2024-8418 | medium | — | 5.5 | 1y ago | Moderate: aardvark-dns security update | |||
| CVE-2024-56535 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: coex: check NULL return of kmalloc in btc_fw_set_monreg() kmalloc may fail, return value might be NULL and will caus… | |||
| CVE-2024-56544 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: udmabuf: change folios array from kmalloc to kvmalloc When PAGE_SIZE 4096, MAX_PAGE_ORDER 10, 64bit machine, page_alloc only supp… | |||
| CVE-2024-50082 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race We're seeing crashes from rq_qos_wake_function that look like … | |||
| CVE-2024-56663 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: fix NL80211_ATTR_MLO_LINK_ID off-by-one Since the netlink attribute range validation provides inclusive checking, … | |||
| CVE-2024-53237 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix use-after-free in device_for_each_child() Syzbot has reported the following KASAN splat: BUG: KASAN: slab-use-aft… | |||
| CVE-2024-56566 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: mm/slub: Avoid list corruption when removing a slab from the full list Boot with slub_debug=UFPZ. If allocated object failed in … | |||
| CVE-2024-36968 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init() l2cap_le_flowctl_init() can cause both div-by-zero and an integer ov… | |||
| CVE-2024-49975 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: uprobes: fix kernel info leak via "[uprobes]" vma xol_add_vma() maps the uninitialized page allocated by __create_xol_area() into… | |||
| CVE-2024-53920 | medium | — | 5.5 | 1y ago | Moderate: emacs security update | |||
| CVE-2024-3567 | medium | — | 5.5 | 1y ago | A flaw was found in QEMU. An assertion failure was present in the update_sctp_checksum() function in hw/net/net_tx_pkt.c when trying to calculate the checksum of a short-sized fragmented packet. This… | |||
| CVE-2024-46826 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ELF: fix kernel.randomize_va_space double read ELF loader uses "randomize_va_space" twice. It is sysctl and can change at any mom… | |||
| CVE-2024-44990 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: bonding: fix null pointer deref in bond_ipsec_offload_ok We must check if there is an active slave before dereferencing the point… | |||
| CVE-2024-8929 | medium | — | 5.5 | 1y ago | Moderate: php:8.2 security update | |||
| CVE-2024-11233 | medium | — | 5.5 | 1y ago | Moderate: php:8.2 security update | |||
| CVE-2024-11234 | medium | — | 5.5 | 1y ago | Moderate: php:8.2 security update | |||
| CVE-2024-45341 | medium | — | 5.5 | 1y ago | Moderate: go-toolset:rhel8 security update | |||
| CVE-2024-43855 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: md: fix deadlock between mddev_suspend and flush bio Deadlock occurs when mddev is being suspended while some flush bio is in pro… | |||
| CVE-2024-8176 | medium | — | 5.5 | 1y ago | Moderate: expat security update | |||
| CVE-2024-45336 | medium | — | 5.5 | 1y ago | Moderate: go-toolset:rhel8 security update | |||
| CVE-2024-7347 | medium | — | 5.5 | 1y ago | Moderate: nginx security update | |||
| CVE-2024-10306 | medium | — | 5.5 | 1y ago | Moderate: mod_proxy_cluster security update | |||
| CVE-2024-58085 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: tomoyo: don't emit warning in tomoyo_write_control() syzbot is reporting too large allocation warning at tomoyo_write_control(), … | |||
| CVE-2024-58071 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: team: prevent adding a device which is already a team device lower Prevent adding a device which is already a team device lower, … | |||
| CVE-2024-58063 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: fix memory leaks and invalid access at probe error path Deinitialize at reverse order when probe fails. When init… | |||
| CVE-2024-58058 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ubifs: skip dumping tnc tree when zroot is null Clearing slab cache will free all znode in memory and make c->zroot.znode = NULL,… | |||
| CVE-2024-58051 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ipmi: ipmb: Add check devm_kasprintf() returned value devm_kasprintf() can return a NULL pointer on failure but this returned val… | |||
| CVE-2024-58020 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Add NULL check in mt_input_configured devm_kasprintf() can return a NULL pointer on failure,but this returned va… | |||
| CVE-2024-58017 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX Shifting 1 << 31 on a 32-bit int causes signed integer overflow… | |||
| CVE-2024-58016 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: safesetid: check size of policy writes syzbot attempts to write a buffer with a large size to a sysfs entry with writes handled b… | |||
| CVE-2024-57996 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: don't allow 1 packet limit The current implementation does not work correctly with a limit of 1. iproute2 act… | |||
| CVE-2024-57977 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: memcg: fix soft lockup in the OOM process A soft lockup issue was found in the product with about 56,000 tasks were in the OOM cg… | |||
| CVE-2024-52533 | medium | — | 5.5 | 1y ago | Moderate: glib2 security update | |||
| CVE-2024-21096 | medium | — | 5.5 | 1y ago | Moderate: galera and mariadb security update | |||
| CVE-2024-41184 | medium | — | 5.5 | 1y ago | Moderate: keepalived security update | |||
| CVE-2024-57948 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: mac802154: check local interfaces before deleting sdata list syzkaller reported a corrupted list in ieee802154_if_remove. [1] Re… | |||
| CVE-2024-57947 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo: fix initial map fill The initial buffer has to be inited to all-ones, but it must restrict it to the si… | |||
| CVE-2024-53088 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: i40e: fix race condition by adding filter's intermediate sync state Fix a race condition in the i40e driver that leads to MAC/VLA… | |||
| CVE-2024-50154 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). Martin KaFai Lau reported use-after-free [0] in reqsk_timer_handler(… | |||
| CVE-2024-50275 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: arm64/sve: Discard stale CPU state when handling SVE traps The logic for handling SVE traps manipulates saved FPSIMD/SVE state in… | |||
| CVE-2024-57924 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: fs: relax assertions on failure to encode file handles Encoding file handles is usually performed by a filesystem >encode_fh() me… | |||
| CVE-2024-3661 | medium | — | 5.5 | 1y ago | Moderate: Security and bug fixes for NetworkManager | |||
| CVE-2024-57902 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: af_packet: fix vlan_get_tci() vs MSG_PEEK Blamed commit forgot MSG_PEEK case, allowing a crash [1] as found by syzbot. Rework vl… | |||
| CVE-2024-57901 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: af_packet: fix vlan_get_protocol_dgram() vs MSG_PEEK Blamed commit forgot MSG_PEEK case, allowing a crash [1] as found by syzbot.… | |||
| CVE-2024-11029 | medium | — | 5.5 | 1y ago | Moderate: ipa security update | |||
| CVE-2024-50110 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: xfrm: fix one more kernel-infoleak in algo dumping During fuzz testing, the following issue was discovered: BUG: KMSAN: kernel-i… | |||
| CVE-2024-50099 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: arm64: probes: Remove broken LDR (literal) uprobe support The simulate_ldr_literal() and simulate_ldrsw_literal() functions are u… | |||
| CVE-2024-47675 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix use-after-free in bpf_uprobe_multi_link_attach() If bpf_link_prime() fails, bpf_uprobe_multi_link_attach() goes to the e… | |||
| CVE-2024-50115 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory Ignore nCR3[4:0] when loading PDPTEs from memory for nested SVM, as b… | |||
| CVE-2024-45020 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a kernel verifier crash in stacksafe() Daniel Hodges reported a kernel verifier crash when playing with sched-ext. Furth… | |||
| CVE-2024-27399 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout There is a race condition between l2cap_chan_timeout() and l2cap_chan_… | |||
| CVE-2024-49888 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a sdiv overflow issue Zac Ecob reported a problem where a bpf program may cause kernel crash due to the following error:… | |||
| CVE-2024-50148 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bnep: fix wild-memory-access in proto_unregister There's issue as follows: KASAN: maybe wild-memory-access in range … | |||
| CVE-2024-50124 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix UAF on iso_sock_timeout conn->sk maybe have been unlinked/freed while waiting for iso_conn_lock so this check… | |||
| CVE-2024-50255 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci: fix null-ptr-deref in hci_read_supported_codecs Fix __hci_cmd_sync_sk() to return not NULL for unknown opcodes. … | |||
| CVE-2024-50125 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix UAF on sco_sock_timeout conn->sk maybe have been unlinked/freed while waiting for sco_conn_lock so this check… | |||
| CVE-2024-50142 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: xfrm: validate new SA's prefixlen using SA family when sel.family is unset This expands the validation introduced in commit 07bf7… | |||
| CVE-2024-46697 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: nfsd: ensure that nfsd4_fattr_args.context is zeroed out If nfsd4_encode_fattr4 ends up doing a "goto out" before we get to check… | |||
| CVE-2024-50223 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: sched/numa: Fix the potential null pointer dereference in task_numa_work() When running stress-ng-vm-segv test, we found a null p… | |||
| CVE-2024-50192 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v4: Don't allow a VMOVP on a dying VPE Kunkun Jiang reported that there is a small window of opportunity for userspac… | |||
| CVE-2024-38564 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE bpf_prog_attach uses attach_type_to_prog_type to enf… | |||
| CVE-2024-50612 | medium | — | 5.5 | 2y ago | Moderate: libsndfile:1.0.31 security update | |||
| CVE-2024-38796 | medium | — | 5.5 | 2y ago | Moderate: edk2:20240524 security update | |||
| CVE-2024-10573 | medium | — | 5.5 | 2y ago | Moderate: mpg123:1.32.9 security update | |||
| CVE-2024-10041 | medium | — | 5.5 | 2y ago | Moderate: pam security update | |||
| CVE-2024-9287 | medium | — | 5.5 | 2y ago | A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands int… | |||
| CVE-2024-11168 | medium | — | 5.5 | 2y ago | The urllib.parse.urlsplit() and urlparse() functions improperly validated bracketed hosts (`[]`), allowing hosts that weren't IPv6 or IPvFuture. This behavior was not conformant to RFC 3986 and poten… | |||
| CVE-2024-0397 | medium | — | 5.5 | 2y ago | A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “cert_store_stats()” and “get_ca_certs()”. The race condition can be triggere… | |||
| CVE-2024-46695 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: selinux,smack: don't bypass permissions check in inode_setsecctx hook Marek Gresko reports that the root user on an NFS client is… | |||
| CVE-2024-26615 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/smc: fix illegal rmb_desc access in SMC-D connection dump A crash was found when dumping SMC-D connections. It can be reprodu… | |||
| CVE-2024-9026 | medium | — | 5.5 | 2y ago | Moderate: php:8.1 security update | |||
| CVE-2024-8927 | medium | — | 5.5 | 2y ago | Moderate: php:8.1 security update | |||
| CVE-2024-5458 | medium | — | 5.5 | 2y ago | Moderate: php:8.1 security update | |||
| CVE-2024-3096 | medium | — | 5.5 | 2y ago | Moderate: php:8.1 security update | |||
| CVE-2024-2756 | medium | — | 5.5 | 2y ago | Moderate: php:8.1 security update | |||
| CVE-2024-8925 | medium | — | 5.5 | 2y ago | Moderate: php:8.1 security update | |||
| CVE-2024-44994 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: iommu: Restore lost return in iommu_report_device_fault() When iommu_report_device_fault gets called with a partial fault it is s… | |||
| CVE-2024-49949 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: avoid potential underflow in qdisc_pkt_len_init() with UFO After commit 7c6d2ecbda83 ("net: be more gentle about silly gso r… | |||
| CVE-2024-45018 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: initialise extack before use Fix missing initialisation of extack in flow offload. | |||
| CVE-2024-43854 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: block: initialize integrity buffer to zero before writing it to media Metadata added by bio_integrity_prep is using plain kmalloc… | |||
| CVE-2024-31228 | medium | — | 5.5 | 2y ago | Moderate: redis:7 security update |