U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.


The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, product names, and impact metrics.

For information on how to cite the NVD, including the database's Digital Object Identifier (DOI), please consult NIST's Public Data Repository.

Last 20 Scored Vulnerability IDs & Summaries CVSS Severity
  • CVE-2024-53124 - In the Linux kernel, the following vulnerability has been resolved: net: fix data-races around sk->sk_forward_alloc Syzkaller reported this warning: ------------[ cut here ]------------ WARNING: CPU: 0 PID: 16 at net/ipv4/af_inet.c:156 inet_so... read CVE-2024-53124
    Published: December 02, 2024; 9:15:13 AM -0500

    V3.1: 4.7 MEDIUM

  • CVE-2024-53123 - In the Linux kernel, the following vulnerability has been resolved: mptcp: error out earlier on disconnect Eric reported a division by zero splat in the MPTCP protocol: Oops: divide error: 0000 [#1] PREEMPT SMP KASAN PTI CPU: 1 UID: 0 PID: 6094... read CVE-2024-53123
    Published: December 02, 2024; 9:15:13 AM -0500

    V3.1: 5.5 MEDIUM

  • CVE-2024-53122 - In the Linux kernel, the following vulnerability has been resolved: mptcp: cope racing subflow creation in mptcp_rcv_space_adjust Additional active subflows - i.e. created by the in kernel path manager - are included into the subflow list before... read CVE-2024-53122
    Published: December 02, 2024; 9:15:13 AM -0500

    V3.1: 5.5 MEDIUM

  • CVE-2024-53121 - In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fs, lock FTE when checking if active The referenced commits introduced a two-step process for deleting FTEs: - Lock the FTE, delete it from hardware, set the hardware... read CVE-2024-53121
    Published: December 02, 2024; 9:15:12 AM -0500

    V3.1: 5.5 MEDIUM

  • CVE-2024-53120 - In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: CT: Fix null-ptr-deref in add rule err flow In error flow of mlx5_tc_ct_entry_add_rule(), in case ct_rule_add() callback returns error, zone_rule->attr is used uninit... read CVE-2024-53120
    Published: December 02, 2024; 9:15:12 AM -0500

    V3.1: 5.5 MEDIUM

  • CVE-2024-53119 - In the Linux kernel, the following vulnerability has been resolved: virtio/vsock: Fix accept_queue memory leak As the final stages of socket destruction may be delayed, it is possible that virtio_transport_recv_listen() will be called after the ... read CVE-2024-53119
    Published: December 02, 2024; 9:15:12 AM -0500

    V3.1: 5.5 MEDIUM

  • CVE-2024-53118 - In the Linux kernel, the following vulnerability has been resolved: vsock: Fix sk_error_queue memory leak Kernel queues MSG_ZEROCOPY completion notifications on the error queue. Where they remain, until explicitly recv()ed. To prevent memory lea... read CVE-2024-53118
    Published: December 02, 2024; 9:15:12 AM -0500

    V3.1: 5.5 MEDIUM

  • CVE-2024-53117 - In the Linux kernel, the following vulnerability has been resolved: virtio/vsock: Improve MSG_ZEROCOPY error handling Add a missing kfree_skb() to prevent memory leaks.
    Published: December 02, 2024; 9:15:12 AM -0500

    V3.1: 5.5 MEDIUM

  • CVE-2024-44306 - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.6. An app may be able to execute arbitrary code with kernel privileges.
    Published: November 19, 2024; 7:15:16 PM -0500

    V3.1: 7.8 HIGH

  • CVE-2024-53116 - In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix handling of partial GPU mapping of BOs This commit fixes the bug in the handling of partial mapping of the buffer objects to the GPU, which caused kernel warnin... read CVE-2024-53116
    Published: December 02, 2024; 9:15:12 AM -0500

    V3.1: 5.5 MEDIUM

  • CVE-2024-44307 - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.6. An app may be able to execute arbitrary code with kernel privileges.
    Published: November 19, 2024; 7:15:17 PM -0500

    V3.1: 7.8 HIGH

  • CVE-2024-53115 - In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: avoid null_ptr_deref in vmw_framebuffer_surface_create_handle The 'vmw_user_object_buffer' function may return NULL with incorrect inputs. To avoid possible null poi... read CVE-2024-53115
    Published: December 02, 2024; 9:15:12 AM -0500

    V3.1: 5.5 MEDIUM

  • CVE-2024-53114 - In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client A number of Zen4 client SoCs advertise the ability to use virtualized VMLOAD/VMSAVE, but using these instructions is ... read CVE-2024-53114
    Published: December 02, 2024; 9:15:12 AM -0500

    V3.1: 5.5 MEDIUM

  • CVE-2024-53113 - In the Linux kernel, the following vulnerability has been resolved: mm: fix NULL pointer dereference in alloc_pages_bulk_noprof We triggered a NULL pointer dereference for ac.preferred_zoneref->zone in alloc_pages_bulk_noprof() when the task is ... read CVE-2024-53113
    Published: December 02, 2024; 9:15:12 AM -0500

    V3.1: 5.5 MEDIUM

  • CVE-2024-53112 - In the Linux kernel, the following vulnerability has been resolved: ocfs2: uncache inode which has failed entering the group Syzbot has reported the following BUG: kernel BUG at fs/ocfs2/uptodate.c:509! ... Call Trace: <TASK> ? __die_body+0x5... read CVE-2024-53112
    Published: December 02, 2024; 9:15:11 AM -0500

    V3.1: 5.5 MEDIUM

  • CVE-2024-53111 - In the Linux kernel, the following vulnerability has been resolved: mm/mremap: fix address wraparound in move_page_tables() On 32-bit platforms, it is possible for the expression `len + old_addr < old_end` to be false-positive if `len + old_addr... read CVE-2024-53111
    Published: December 02, 2024; 9:15:11 AM -0500

    V3.1: 5.5 MEDIUM

  • CVE-2023-6371 - An issue has been discovered in GitLab CE/EE affecting all versions before 16.8.5, all versions starting from 16.9 before 16.9.3, all versions starting from 16.10 before 16.10.1. A wiki page with a crafted payload may lead to a Stored XSS, allowin... read CVE-2023-6371
    Published: March 28, 2024; 4:15:26 AM -0400

    V3.1: 5.4 MEDIUM

  • CVE-2024-2818 - An issue has been discovered in GitLab CE/EE affecting all versions before 16.8.5, all versions starting from 16.9 before 16.9.3, all versions starting from 16.10 before 16.10.1. It was possible for an attacker to cause a denial of service using m... read CVE-2024-2818
    Published: March 28, 2024; 4:15:26 AM -0400

    V3.1: 6.5 MEDIUM

  • CVE-2024-53110 - In the Linux kernel, the following vulnerability has been resolved: vp_vdpa: fix id_table array not null terminated error Allocate one extra virtio_device_id as null terminator, otherwise vdpa_mgmtdev_get_classes() may iterate multiple times and... read CVE-2024-53110
    Published: December 02, 2024; 9:15:11 AM -0500

    V3.1: 5.5 MEDIUM

  • CVE-2024-1299 - A privilege escalation vulnerability was discovered in GitLab affecting versions 16.8 prior to 16.8.4 and 16.9 prior to 16.9.2. It was possible for a user with custom role of `manage_group_access_tokens` to rotate group access tokens with owner pr... read CVE-2024-1299
    Published: March 06, 2024; 8:15:52 PM -0500

    V3.1: 8.1 HIGH

Created September 20, 2022 , Updated August 27, 2024