CVEs from 2022
Total
5,385
critical
critical 88
high
high 1,220
medium
medium 938
low
low 24
% Critical
1.6%
% with KEV
2.4%
% with exploit
3.3%
Top vendors
Top products
- jdk 116
- jre 109
- openjdk 100
- zulu 82
- graalvm 74
- cloud_secure_agent 35
- oncommand_insight 34
- cloud_insights_acquisition_unit 34
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-2539 | medium | — | 5.5 | — | unknown in gitlab | |||
| CVE-2022-2456 | medium | — | 5.5 | — | unknown in gitlab | |||
| CVE-2022-0669 | medium | — | 5.5 | — | A flaw was found in dpdk. This flaw allows a malicious vhost-user master to attach an unexpected number of fds as ancillary data to VHOST_USER_GET_INFLIGHT_FD / VHOST_USER_SET_INFLIGHT_FD messages th… | |||
| CVE-2022-27780 | medium | — | 5.5 | — | The curl URL parser wrongly accepts percent-encoded URL separators like '/'when decoding the host name part of a URL, making it a *different* URL usingthe wrong host name when it is later retrieved.F… | |||
| CVE-2022-49670 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: linux/dim: Fix divide by 0 in RDMA DIM Fix a divide 0 error in rdma_dim_stats_compare() when prev->cpe_ratio == 0. CallTrace: … | |||
| CVE-2022-49672 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: net: tun: unlink NAPI from device on destruction Syzbot found a race between tun file and device destruction. NAPIs live in struc… | |||
| CVE-2022-49269 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: can: isotp: sanitize CAN ID checks in isotp_bind() Syzbot created an environment that lead to a state machine status that can not… | |||
| CVE-2022-50143 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: intel_th: Fix a resource leak in an error handling path If an error occurs after calling 'pci_alloc_irq_vectors()', 'pci_free_irq… | |||
| CVE-2022-48830 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: can: isotp: fix potential CAN frame reception race in isotp_rcv() When receiving a CAN frame the current code logic does not cons… | |||
| CVE-2022-50504 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: avoid scheduling in rtas_os_term() It's unsafe to use rtas_busy_delay() to handle a busy status from the ibm,os-ter… | |||
| CVE-2022-49845 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939_send_one(): fix missing CAN header initialization The read access to struct canxl_frame::len inside of a j1939 … | |||
| CVE-2022-49353 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: powerpc/papr_scm: don't requests stats with '0' sized stats buffer Sachin reported [1] that on a POWER-10 lpar he is seeing a ker… | |||
| CVE-2022-49357 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: efi: Do not import certificates from UEFI Secure Boot for T2 Macs On Apple T2 Macs, when Linux attempts to read the db and dbx ef… | |||
| CVE-2022-49437 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: powerpc/xive: Fix refcount leak in xive_spapr_init of_find_compatible_node() returns a node pointer with refcount incremented, we… | |||
| CVE-2022-49024 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: can: m_can: pci: add missing m_can_class_free_dev() in probe/remove methods In m_can_pci_remove() and error handling path of m_ca… | |||
| CVE-2022-49627 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: ima: Fix potential memory leak in ima_init_crypto() On failure to allocate the SHA1 tfm, IMA fails to initialize and exits withou… | |||
| CVE-2022-49443 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: list: fix a data-race around ep->rdllist ep_poll() first calls ep_events_available() with no lock held and checks if ep->rdllist … | |||
| CVE-2022-49657 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: usbnet: fix memory leak in error case usbnet_write_cmd_async() mixed up which buffers need to be freed in which error case. v2: … | |||
| CVE-2022-49432 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: powerpc/xics: fix refcount leak in icp_opal_init() The of_find_compatible_node() function returns a node pointer with refcount in… | |||
| CVE-2022-49623 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: powerpc/xive/spapr: correct bitmap allocation size kasan detects access beyond the end of the xibm->bitmap allocation: BUG: KASA… | |||
| CVE-2022-49643 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: ima: Fix a potential integer overflow in ima_appraise_measurement When the ima-modsig is enabled, the rc passed to evm_verifyxatt… | |||
| CVE-2022-49648 | medium | — | 5.5 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: tracing/histograms: Fix memory leak problem This reverts commit 46bbe5c671e06f070428b9be142cc4ee5cedebac. As commit 46bbe5c671e0… | |||
| CVE-2022-50367 | medium | — | 5.5 | 7mo ago | RHSA-2025:19932: kernel-rt security update (Moderate) | |||
| CVE-2022-50386 | medium | — | 5.5 | 7mo ago | RHSA-2025:19103: kernel-rt security update (Moderate) | |||
| CVE-2022-4981 | medium | 5.5 | 5.5 | 7mo ago | A vulnerability was detected in DCMTK up to 3.6.7. The impacted element is the function DcmQueryRetrieveConfig::readPeerList of the file /dcmqrcnf.cc of the component dcmqrscp. The manipulation resul… | |||
| CVE-2022-24130 | medium | — | 5.5 | 10mo ago | Moderate: xterm security update | |||
| CVE-2022-49788 | medium | — | 5.5 | 10mo ago | RHSA-2025:11299: kernel-rt security update (Moderate) | |||
| CVE-2022-48919 | medium | — | 5.5 | 11mo ago | RHSA-2025:9581: kernel-rt security update (Moderate) | |||
| CVE-2022-49395 | medium | — | 5.5 | 1y ago | RHSA-2025:8744: kernel-rt security update (Moderate) | |||
| CVE-2022-3424 | medium | — | 5.5 | 1y ago | Moderate: kernel security update | |||
| CVE-2022-4055 | medium | — | 5.5 | 1y ago | Moderate: xdg-utils security update | |||
| CVE-2022-49804 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: s390: avoid using global register for current_stack_pointer Commit 30de14b1884b ("s390: current_stack_pointer shouldn't be a func… | |||
| CVE-2022-49014 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net: tun: Fix use-after-free in tun_detach() syzbot reported use-after-free in tun_detach() [1]. This causes call trace like bel… | |||
| CVE-2022-50319 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: coresight: trbe: remove cpuhp instance node before remove cpuhp state cpuhp_state_add_instance() and cpuhp_state_remove_instance(… | |||
| CVE-2022-49747 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: erofs/zmap.c: Fix incorrect offset calculation Effective offset to add to length was being incorrectly calculated, which resulted… | |||
| CVE-2022-48989 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: fscache: Fix oops due to race with cookie_lru and use_cookie If a cookie expires from the LRU and the LRU_DISCARD flag is set, bu… | |||
| CVE-2022-50614 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: misc: pci_endpoint_test: Fix pci_endpoint_test_{copy,write,read}() panic The dma_map_single() doesn't permit zero length mapping.… | |||
| CVE-2022-50214 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: coresight: Clear the connection field properly coresight devices track their connections (output connections) and hold a referenc… | |||
| CVE-2022-50159 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: of: check previous kernel's ima-kexec-buffer against memory bounds Presently ima_get_kexec_buffer() doesn't check if the previous… | |||
| CVE-2022-50421 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: rpmsg: char: Avoid double destroy of default endpoint The rpmsg_dev_remove() in rpmsg_core is the place for releasing this defaul… | |||
| CVE-2022-50811 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: erofs: fix missing unmap if z_erofs_get_extent_compressedlen() fails Otherwise, meta buffers could be leaked. | |||
| CVE-2022-50743 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: erofs: Fix pcluster memleak when its block address is zero syzkaller reported a memleak: https://syzkaller.appspot.com/bug?id=62f… | |||
| CVE-2022-50491 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: coresight: cti: Fix hang in cti_disable_hw() cti_enable_hw() and cti_disable_hw() are called from an atomic context so shouldn't … | |||
| CVE-2022-50121 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: remoteproc: k3-r5: Fix refcount leak in k3_r5_cluster_of_init Every iteration of for_each_available_child_of_node() decrements th… | |||
| CVE-2022-50511 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: lib/fonts: fix undefined behavior in bit shift for get_default_font Shifting signed 32-bit value by 31 bits is undefined, so chan… | |||
| CVE-2022-1941 | medium | — | 5.5 | 1y ago | Moderate: protobuf security update | |||
| CVE-2022-49029 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails Smatch report warning as follows: drivers/hwmon/ibmpex.c:509 i… | |||
| CVE-2022-41742 | medium | — | 5.5 | 1y ago | Moderate: nginx security update | |||
| CVE-2022-41741 | medium | — | 5.5 | 1y ago | Moderate: nginx security update | |||
| CVE-2022-49006 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: tracing: Free buffers when a used dynamic event is removed After 65536 dynamic events have been added and removed, the "type" fie… | |||
| CVE-2022-50112 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: rpmsg: qcom_smd: Fix refcount leak in qcom_smd_parse_edge of_parse_phandle() returns a node pointer with refcount incremented, we… | |||
| CVE-2022-48969 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: xen-netfront: Fix NULL sring after live migration A NAPI is setup for each network sring to poll data to kernel The sring with so… | |||
| CVE-2022-49778 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: arm64/mm: fix incorrect file_map_count for non-leaf pmd/pud The page table check trigger BUG_ON() unexpectedly when collapse huge… | |||
| CVE-2022-49815 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: erofs: fix missing xas_retry() in fscache mode The xarray iteration only holds the RCU read lock and thus may encounter XA_RETRY_… | |||
| CVE-2022-49043 | medium | — | 5.5 | 1y ago | RHSA-2025:1517: libxml2 security update (Moderate) | |||
| CVE-2022-50019 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tty: serial: Fix refcount leak bug in ucc_uart.c In soc_info(), of_find_node_by_type() will return a node pointer with refcount i… | |||
| CVE-2022-50468 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: platform/chrome: cros_usbpd_notify: Fix error handling in cros_usbpd_notify_init() The following WARNING message was given when r… | |||
| CVE-2022-50653 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mmc: atmel-mci: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, it will … | |||
| CVE-2022-50541 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: k3-udma: Reset UDMA_CHAN_RT byte counters to prevent overflow UDMA_CHAN_RT_*BCNT_REG stores the real-time channel … | |||
| CVE-2022-50663 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix possible memory leak in stmmac_dvr_probe() The bitmap_free() should be called to free priv->af_xdp_zc_qps when c… | |||
| CVE-2022-50251 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory … | |||
| CVE-2022-50886 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mmc: toshsd: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory … | |||
| CVE-2022-50486 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: Fix return type of netcp_ndo_start_xmit() With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG),… | |||
| CVE-2022-49197 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: af_netlink: Fix shift out of bounds in group mask calculation When a netlink message is received, netlink_recvmsg() fills in the … | |||
| CVE-2022-50640 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mmc: core: Fix kernel panic when remove non-standard SDIO card SDIO tuple is only allocated for standard SDIO card, especially it… | |||
| CVE-2022-50769 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mmc: mxcmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory … | |||
| CVE-2022-48929 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix crash due to out of bounds access into reg2btf_ids. When commit e6ac2450d6de ("bpf: Support bpf program calling kernel f… | |||
| CVE-2022-49329 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: vduse: Fix NULL pointer dereference on sysfs access The control device has no drvdata. So we will get a NULL pointer dereference … | |||
| CVE-2022-49941 | medium | — | 5.5 | 2y ago | RHSA-2024:9315: kernel security update (Moderate) | |||
| CVE-2022-49549 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: x86/MCE/AMD: Fix memory leak when threshold_create_bank() fails In mce_threshold_create_device(), if threshold_create_bank() fail… | |||
| CVE-2022-48672 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: of: fdt: fix off-by-one error in unflatten_dt_nodes() Commit 78c44d910d3e ("drivers/of: Fix depth when unflattening devicetree") … | |||
| CVE-2022-50858 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mmc: alcor: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory t… | |||
| CVE-2022-49430 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Input: gpio-keys - cancel delayed work only in case of GPIO gpio_keys module can either accept gpios or interrupts. The module in… | |||
| CVE-2022-50312 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drivers: serial: jsm: fix some leaks in probe This error path needs to unwind instead of just returning directly. | |||
| CVE-2022-50284 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ipc: fix memory leak in init_mqueue_fs() When setup_mq_sysctls() failed in init_mqueue_fs(), mqueue_inode_cachep is not released.… | |||
| CVE-2022-49078 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: lz4: fix LZ4_decompress_safe_partial read out of bound When partialDecoding, it is EOF if we've either filled the output buffer o… | |||
| CVE-2022-49860 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: k3-udma-glue: fix memory leak when register device fail If device_register() fails, it should call put_device() to… | |||
| CVE-2022-4122 | medium | — | 5.5 | 2y ago | Moderate: podman security update | |||
| CVE-2022-50073 | medium | — | 5.5 | 2y ago | RHSA-2021:4356: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-50670 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mmc: omap_hsmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, it will… | |||
| CVE-2022-49267 | medium | — | 5.5 | 2y ago | RHSA-2024:9315: kernel security update (Moderate) | |||
| CVE-2022-48703 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: thermal/int340x_thermal: handle data_vault when the value is ZERO_SIZE_PTR In some case, the GDDV returns a package with a buffer… | |||
| CVE-2022-50761 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: x86/xen: Fix memory leak in xen_init_lock_cpu() In xen_init_lock_cpu(), the @name has allocated new string by kasprintf(), if bin… | |||
| CVE-2022-50748 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ipc: mqueue: fix possible memory leak in init_mqueue_fs() commit db7cfc380900 ("ipc: Free mq_sysctls if ipc namespace creation fa… | |||
| CVE-2022-50268 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mmc: moxart: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory … | |||
| CVE-2022-50347 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mmc: rtsx_usb_sdmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the… | |||
| CVE-2022-50141 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch of_find_matching_node() returns a node pointer with refcoun… | |||
| CVE-2022-50353 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mmc: wmt-sdmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memo… | |||
| CVE-2022-50720 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: x86/apic: Don't disable x2APIC if locked The APIC supports two modes, legacy APIC (or xAPIC), and Extended APIC (or x2APIC). X2A… | |||
| CVE-2022-50096 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: x86/kprobes: Update kcb status flag after singlestepping Fix kprobes to update kcb (kprobes control block) status flag to KPROBE_… | |||
| CVE-2022-48669 | medium | — | 5.5 | 2y ago | RHSA-2024:3618: kernel update (Moderate) | |||
| CVE-2022-50846 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mmc: via-sdmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, it will … | |||
| CVE-2022-49124 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: x86/mce: Work around an erratum on fast string copy instructions A rare kernel panic scenario can happen when the following condi… | |||
| CVE-2022-50625 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: serial: amba-pl011: avoid SBSA UART accessing DMACR register Chapter "B Generic UART" in "ARM Server Base System Architecture" [1… | |||
| CVE-2022-49787 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put() pci_get_device() will increase the reference count for t… | |||
| CVE-2022-50177 | medium | — | 5.5 | 2y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-49308 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: extcon: Modify extcon device to be created after driver data is set Currently, someone can invoke the sysfs such as state_show() … | |||
| CVE-2022-48773 | medium | — | 5.5 | 2y ago | RHSA-2024:8870: kernel-rt security update (Moderate) | |||
| CVE-2022-24809 | medium | — | 5.5 | 2y ago | Moderate: net-snmp security update | |||
| CVE-2022-24810 | medium | — | 5.5 | 2y ago | Moderate: net-snmp security update |