CVEs from 2022
Total
5,732
critical
critical 88
high
high 1,220
medium
medium 938
low
low 24
% Critical
1.5%
% with KEV
2.3%
% with exploit
3.1%
Top vendors
Top products
- jdk 116
- jre 109
- openjdk 100
- zulu 82
- graalvm 74
- cloud_secure_agent 35
- oncommand_insight 34
- cloud_insights_acquisition_unit 34
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-27781 | high | 7.5 | 7.5 | 4y ago | libcurl provides the `CURLOPT_CERTINFO` option to allow applications torequest details to be returned about a server's certificate chain.Due to an erroneous function, a malicious server could make li… | |||
| CVE-2022-27775 | high | 7.5 | 7.5 | 4y ago | Low: curl security update | |||
| CVE-2022-29145 | high | 7.5 | 7.5 | 4y ago | RHSA-2022:2202: .NET Core 3.1 security, bug fix, and enhancement update (Important) | |||
| CVE-2022-29117 | high | 7.5 | 7.5 | 4y ago | RHSA-2022:2202: .NET Core 3.1 security, bug fix, and enhancement update (Important) | |||
| CVE-2022-23267 | high | 7.5 | 7.5 | 4y ago | RHSA-2022:2202: .NET Core 3.1 security, bug fix, and enhancement update (Important) | |||
| CVE-2022-25647 | high | 7.5 | 7.5 | 4y ago | Deserialization of Untrusted Data in Gson | |||
| CVE-2022-21476 | high | 7.5 | 7.5 | 4y ago | RHSA-2022:1491: java-1.8.0-openjdk security update (Important) | |||
| CVE-2022-24763 | high | 7.5 | 7.5 | 4y ago | PJSIP is a free and open source multimedia communication library written in the C language. Versions 2.12 and prior contain a denial-of-service vulnerability that affects PJSIP users that consume PJS… | |||
| CVE-2022-0778 | high | 7.5 | 7.5 | 4y ago | RHSA-2022:5326: compat-openssl10 security update (Low) | |||
| CVE-2022-24464 | high | 7.5 | 7.5 | 4y ago | RHSA-2022:0830: .NET 5.0 security and bugfix update (Important) | |||
| CVE-2022-4988 | high | 7.3 | 7.3 | 19d ago | Alien::FreeImage versions through 1.001 for Perl contains several vulnerable libraries. Alien::FreeImage contains version 3.17.0 of the FreeImage library from 2017, which has known vulnerabilities s… | |||
| CVE-2022-45083 | high | 7.2 | 7.2 | 2y ago | Deserialization of Untrusted Data vulnerability in ProfilePress Membership Team Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress.T… | |||
| CVE-2022-47599 | high | 7.2 | 7.2 | 3y ago | Deserialization of Untrusted Data vulnerability in File Manager by Bit Form Team File Manager – 100% Free & Open Source File Manager Plugin for WordPress | Bit File Manager.This issue affects File Ma… | |||
| CVE-2022-45078 | high | 7.2 | 7.2 | 3y ago | Improper Neutralization of Formula Elements in a CSV File vulnerability in Solwin Infotech User Blocker.This issue affects User Blocker: from n/a through 1.5.5. | |||
| CVE-2022-47605 | high | 7.2 | 7.2 | 3y ago | Auth. SQL Injection') vulnerability in Kunal Nagar Custom 404 Pro plugin <= 3.7.0 versions. | |||
| CVE-2022-27224 | high | 7.2 | 7.2 | 4y ago | An issue was discovered in Galleon NTS-6002-GPS 4.14.103-Galleon-NTS-6002.V12 4. An authenticated attacker can perform command injection as root via shell metacharacters within the Network Tools sect… | |||
| CVE-2022-48827 | high | 7.1 | 7.1 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix the behavior of READ near OFFSET_MAX Dan Aloni reports: > Due to commit 8cfb9015280d ("NFS: Always provide aligned buff… | |||
| CVE-2022-3775 | high | 7.1 | 7.1 | 4y ago | RHSA-2023:0049: grub2 security update (Moderate) | |||
| CVE-2022-2347 | high | 7.1 | 7.1 | 4y ago | There exists an unchecked length field in UBoot. The U-Boot DFU implementation does not bound the length field in USB DFU download setup packets, and it does not verify that the transfer direction co… | |||
| CVE-2022-50377 | high | — | — | 2y ago | RHSA-2024:2394: kernel security, bug fix, and enhancement update (Important) |