CVEs from 2024
Total
7,034
critical
critical 114
high
high 1,020
medium
medium 2,013
low
low 42
% Critical
1.6%
% with KEV
2.3%
% with exploit
2.8%
Top products
- surveillance_station 12
- checkmk 10
- profilegrid 8
- office 8
- office_long_term_servicing_channel 6
- glibc 5
- virtual_traffic_manager 5
- element_pack 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-10224 | medium | — | 5.5 | 1y ago | Moderate: perl-Module-ScanDeps security update | |||
| CVE-2024-53085 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: tpm: Lock TPM chip in tpm_pm_suspend() first Setting TPM_CHIP_FLAG_SUSPENDED in the end of tpm_pm_suspend() can be racy according… | |||
| CVE-2024-56642 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free of kernel socket in cleanup_bearer(). syzkaller reported a use-after-free of UDP kernel socket in cleanu… | |||
| CVE-2024-50107 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: platform/x86/intel/pmc: Fix pmc_core_iounmap to call iounmap for valid addresses Commit 50c6dbdfd16e ("x86/ioremap: Improve iounm… | |||
| CVE-2024-42304 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: make sure the first directory block is not a hole The syzbot constructs a directory that has no dirblock but is non-inline,… | |||
| CVE-2024-53095 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free of network namespace. Recently, we got a customer report that CIFS triggers oops while reconnecti… | |||
| CVE-2024-47719 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: iommufd: Protect against overflow of ALIGN() during iova allocation Userspace can supply an iova and uptr such that the target io… | |||
| CVE-2024-56566 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: mm/slub: Avoid list corruption when removing a slab from the full list Boot with slub_debug=UFPZ. If allocated object failed in … | |||
| CVE-2024-50082 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race We're seeing crashes from rq_qos_wake_function that look like … | |||
| CVE-2024-47599 | medium | — | 5.5 | 1y ago | Moderate: gstreamer1-plugins-good security update | |||
| CVE-2024-47601 | medium | — | 5.5 | 1y ago | Moderate: gstreamer1-plugins-good security update | |||
| CVE-2024-47602 | medium | — | 5.5 | 1y ago | Moderate: gstreamer1-plugins-good security update | |||
| CVE-2024-47603 | medium | — | 5.5 | 1y ago | Moderate: gstreamer1-plugins-good security update | |||
| CVE-2024-47774 | medium | — | 5.5 | 1y ago | Moderate: gstreamer1-plugins-good security update | |||
| CVE-2024-47775 | medium | — | 5.5 | 1y ago | Moderate: gstreamer1-plugins-good security update | |||
| CVE-2024-47777 | medium | — | 5.5 | 1y ago | Moderate: gstreamer1-plugins-good security update | |||
| CVE-2024-47778 | medium | — | 5.5 | 1y ago | Moderate: gstreamer1-plugins-good security update | |||
| CVE-2024-47834 | medium | — | 5.5 | 1y ago | Moderate: gstreamer1-plugins-good security update | |||
| CVE-2024-35933 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel: Fix null ptr deref in btintel_read_version If hci_cmd_sync_complete() is triggered and skb is NULL, then hdev… | |||
| CVE-2024-35934 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net/smc: reduce rtnl pressure in smc_pnet_create_pnetids_list() Many syzbot reports show extreme rtnl pressure, and many of them … | |||
| CVE-2024-46953 | medium | — | 5.5 | 1y ago | Moderate: ghostscript security update | |||
| CVE-2024-46951 | medium | — | 5.5 | 1y ago | Moderate: ghostscript security update | |||
| CVE-2024-46952 | medium | — | 5.5 | 1y ago | Moderate: ghostscript security update | |||
| CVE-2024-46954 | medium | — | 5.5 | 1y ago | Moderate: ghostscript security update | |||
| CVE-2024-46956 | medium | — | 5.5 | 1y ago | Moderate: ghostscript security update | |||
| CVE-2024-36012 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: msft: fix slab-use-after-free in msft_do_close() Tying the msft->data lifetime to hdev by freeing it in hci_release_de… | |||
| CVE-2024-36011 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: HCI: Fix potential null-ptr-deref Fix potential null-ptr-deref in hci_le_big_sync_established_evt(). | |||
| CVE-2024-36013 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix slab-use-after-free in l2cap_connect() Extend a critical section to prevent chan from early freeing. Also m… | |||
| CVE-2024-53920 | medium | — | 5.5 | 1y ago | Moderate: emacs security update | |||
| CVE-2024-3567 | medium | — | 5.5 | 1y ago | A flaw was found in QEMU. An assertion failure was present in the update_sctp_checksum() function in hw/net/net_tx_pkt.c when trying to calculate the checksum of a short-sized fragmented packet. This… | |||
| CVE-2024-46826 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ELF: fix kernel.randomize_va_space double read ELF loader uses "randomize_va_space" twice. It is sysctl and can change at any mom… | |||
| CVE-2024-44990 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: bonding: fix null pointer deref in bond_ipsec_offload_ok We must check if there is an active slave before dereferencing the point… | |||
| CVE-2024-11234 | medium | — | 5.5 | 1y ago | Moderate: php:8.2 security update | |||
| CVE-2024-11233 | medium | — | 5.5 | 1y ago | Moderate: php:8.2 security update | |||
| CVE-2024-8929 | medium | — | 5.5 | 1y ago | Moderate: php:8.2 security update | |||
| CVE-2024-45341 | medium | — | 5.5 | 1y ago | Moderate: go-toolset:rhel8 security update | |||
| CVE-2024-43855 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: md: fix deadlock between mddev_suspend and flush bio Deadlock occurs when mddev is being suspended while some flush bio is in pro… | |||
| CVE-2024-8176 | medium | — | 5.5 | 1y ago | Moderate: expat security update | |||
| CVE-2024-45336 | medium | — | 5.5 | 1y ago | Moderate: go-toolset:rhel8 security update | |||
| CVE-2024-7347 | medium | — | 5.5 | 1y ago | Moderate: nginx security update | |||
| CVE-2024-10306 | medium | — | 5.5 | 1y ago | Moderate: mod_proxy_cluster security update | |||
| CVE-2024-58085 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: tomoyo: don't emit warning in tomoyo_write_control() syzbot is reporting too large allocation warning at tomoyo_write_control(), … | |||
| CVE-2024-58071 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: team: prevent adding a device which is already a team device lower Prevent adding a device which is already a team device lower, … | |||
| CVE-2024-58063 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: fix memory leaks and invalid access at probe error path Deinitialize at reverse order when probe fails. When init… | |||
| CVE-2024-58058 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ubifs: skip dumping tnc tree when zroot is null Clearing slab cache will free all znode in memory and make c->zroot.znode = NULL,… | |||
| CVE-2024-58051 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ipmi: ipmb: Add check devm_kasprintf() returned value devm_kasprintf() can return a NULL pointer on failure but this returned val… | |||
| CVE-2024-58020 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Add NULL check in mt_input_configured devm_kasprintf() can return a NULL pointer on failure,but this returned va… | |||
| CVE-2024-58017 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX Shifting 1 << 31 on a 32-bit int causes signed integer overflow… | |||
| CVE-2024-58016 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: safesetid: check size of policy writes syzbot attempts to write a buffer with a large size to a sysfs entry with writes handled b… | |||
| CVE-2024-57996 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: don't allow 1 packet limit The current implementation does not work correctly with a limit of 1. iproute2 act… | |||
| CVE-2024-57977 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: memcg: fix soft lockup in the OOM process A soft lockup issue was found in the product with about 56,000 tasks were in the OOM cg… | |||
| CVE-2024-21096 | medium | — | 5.5 | 1y ago | Moderate: galera and mariadb security update | |||
| CVE-2024-41184 | medium | — | 5.5 | 1y ago | Moderate: keepalived security update | |||
| CVE-2024-52533 | medium | — | 5.5 | 1y ago | Moderate: glib2 security update | |||
| CVE-2024-57948 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: mac802154: check local interfaces before deleting sdata list syzkaller reported a corrupted list in ieee802154_if_remove. [1] Re… | |||
| CVE-2024-53088 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: i40e: fix race condition by adding filter's intermediate sync state Fix a race condition in the i40e driver that leads to MAC/VLA… | |||
| CVE-2024-50154 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). Martin KaFai Lau reported use-after-free [0] in reqsk_timer_handler(… | |||
| CVE-2024-57947 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo: fix initial map fill The initial buffer has to be inited to all-ones, but it must restrict it to the si… | |||
| CVE-2024-50275 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: arm64/sve: Discard stale CPU state when handling SVE traps The logic for handling SVE traps manipulates saved FPSIMD/SVE state in… | |||
| CVE-2024-57924 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: fs: relax assertions on failure to encode file handles Encoding file handles is usually performed by a filesystem >encode_fh() me… | |||
| CVE-2024-3661 | medium | — | 5.5 | 1y ago | Moderate: Security and bug fixes for NetworkManager | |||
| CVE-2024-57902 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: af_packet: fix vlan_get_tci() vs MSG_PEEK Blamed commit forgot MSG_PEEK case, allowing a crash [1] as found by syzbot. Rework vl… | |||
| CVE-2024-57901 | medium | 5.5 | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: af_packet: fix vlan_get_protocol_dgram() vs MSG_PEEK Blamed commit forgot MSG_PEEK case, allowing a crash [1] as found by syzbot.… | |||
| CVE-2024-11029 | medium | — | 5.5 | 1y ago | Moderate: ipa security update | |||
| CVE-2024-50099 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: arm64: probes: Remove broken LDR (literal) uprobe support The simulate_ldr_literal() and simulate_ldrsw_literal() functions are u… | |||
| CVE-2024-38564 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE bpf_prog_attach uses attach_type_to_prog_type to enf… | |||
| CVE-2024-50115 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory Ignore nCR3[4:0] when loading PDPTEs from memory for nested SVM, as b… | |||
| CVE-2024-50110 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: xfrm: fix one more kernel-infoleak in algo dumping During fuzz testing, the following issue was discovered: BUG: KMSAN: kernel-i… | |||
| CVE-2024-50223 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: sched/numa: Fix the potential null pointer dereference in task_numa_work() When running stress-ng-vm-segv test, we found a null p… | |||
| CVE-2024-27399 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout There is a race condition between l2cap_chan_timeout() and l2cap_chan_… | |||
| CVE-2024-47675 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix use-after-free in bpf_uprobe_multi_link_attach() If bpf_link_prime() fails, bpf_uprobe_multi_link_attach() goes to the e… | |||
| CVE-2024-50192 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v4: Don't allow a VMOVP on a dying VPE Kunkun Jiang reported that there is a small window of opportunity for userspac… | |||
| CVE-2024-45020 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a kernel verifier crash in stacksafe() Daniel Hodges reported a kernel verifier crash when playing with sched-ext. Furth… | |||
| CVE-2024-50142 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: xfrm: validate new SA's prefixlen using SA family when sel.family is unset This expands the validation introduced in commit 07bf7… | |||
| CVE-2024-50255 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci: fix null-ptr-deref in hci_read_supported_codecs Fix __hci_cmd_sync_sk() to return not NULL for unknown opcodes. … | |||
| CVE-2024-50125 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix UAF on sco_sock_timeout conn->sk maybe have been unlinked/freed while waiting for sco_conn_lock so this check… | |||
| CVE-2024-49888 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a sdiv overflow issue Zac Ecob reported a problem where a bpf program may cause kernel crash due to the following error:… | |||
| CVE-2024-46697 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: nfsd: ensure that nfsd4_fattr_args.context is zeroed out If nfsd4_encode_fattr4 ends up doing a "goto out" before we get to check… | |||
| CVE-2024-50148 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bnep: fix wild-memory-access in proto_unregister There's issue as follows: KASAN: maybe wild-memory-access in range … | |||
| CVE-2024-50124 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix UAF on iso_sock_timeout conn->sk maybe have been unlinked/freed while waiting for iso_conn_lock so this check… | |||
| CVE-2024-50612 | medium | — | 5.5 | 2y ago | Moderate: libsndfile:1.0.31 security update | |||
| CVE-2024-10041 | medium | — | 5.5 | 2y ago | Moderate: pam security update | |||
| CVE-2024-38796 | medium | — | 5.5 | 2y ago | Moderate: edk2:20240524 security update | |||
| CVE-2024-10573 | medium | — | 5.5 | 2y ago | Moderate: mpg123:1.32.9 security update | |||
| CVE-2024-11168 | medium | — | 5.5 | 2y ago | The urllib.parse.urlsplit() and urlparse() functions improperly validated bracketed hosts (`[]`), allowing hosts that weren't IPv6 or IPvFuture. This behavior was not conformant to RFC 3986 and poten… | |||
| CVE-2024-0397 | medium | — | 5.5 | 2y ago | A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “cert_store_stats()” and “get_ca_certs()”. The race condition can be triggere… | |||
| CVE-2024-9287 | medium | — | 5.5 | 2y ago | A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands int… | |||
| CVE-2024-26615 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/smc: fix illegal rmb_desc access in SMC-D connection dump A crash was found when dumping SMC-D connections. It can be reprodu… | |||
| CVE-2024-43854 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: block: initialize integrity buffer to zero before writing it to media Metadata added by bio_integrity_prep is using plain kmalloc… | |||
| CVE-2024-8925 | medium | — | 5.5 | 2y ago | Moderate: php:8.1 security update | |||
| CVE-2024-2756 | medium | — | 5.5 | 2y ago | Moderate: php:8.1 security update | |||
| CVE-2024-9026 | medium | — | 5.5 | 2y ago | Moderate: php:8.1 security update | |||
| CVE-2024-3096 | medium | — | 5.5 | 2y ago | Moderate: php:8.1 security update | |||
| CVE-2024-5458 | medium | — | 5.5 | 2y ago | Moderate: php:8.1 security update | |||
| CVE-2024-8927 | medium | — | 5.5 | 2y ago | Moderate: php:8.1 security update | |||
| CVE-2024-49949 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: avoid potential underflow in qdisc_pkt_len_init() with UFO After commit 7c6d2ecbda83 ("net: be more gentle about silly gso r… | |||
| CVE-2024-44994 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: iommu: Restore lost return in iommu_report_device_fault() When iommu_report_device_fault gets called with a partial fault it is s… | |||
| CVE-2024-45018 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: initialise extack before use Fix missing initialisation of extack in flow offload. | |||
| CVE-2024-46695 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: selinux,smack: don't bypass permissions check in inode_setsecctx hook Marek Gresko reports that the root user on an NFS client is… | |||
| CVE-2024-31449 | medium | — | 5.5 | 2y ago | Moderate: redis:7 security update |