CVEs from 2022
Total
5,746
critical
critical 88
high
high 1,220
medium
medium 938
low
low 24
% Critical
1.5%
% with KEV
2.3%
% with exploit
2.5%
Top vendors
Top products
- jdk 116
- jre 109
- openjdk 100
- zulu 82
- graalvm 74
- cloud_secure_agent 35
- oncommand_insight 34
- cloud_insights_acquisition_unit 34
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-49029 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails Smatch report warning as follows: drivers/hwmon/ibmpex.c:509 i… | |||
| CVE-2022-50121 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: remoteproc: k3-r5: Fix refcount leak in k3_r5_cluster_of_init Every iteration of for_each_available_child_of_node() decrements th… | |||
| CVE-2022-50811 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: erofs: fix missing unmap if z_erofs_get_extent_compressedlen() fails Otherwise, meta buffers could be leaked. | |||
| CVE-2022-50511 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: lib/fonts: fix undefined behavior in bit shift for get_default_font Shifting signed 32-bit value by 31 bits is undefined, so chan… | |||
| CVE-2022-50614 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: misc: pci_endpoint_test: Fix pci_endpoint_test_{copy,write,read}() panic The dma_map_single() doesn't permit zero length mapping.… | |||
| CVE-2022-41741 | medium | — | 5.5 | 1y ago | Moderate: nginx security update | |||
| CVE-2022-49778 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: arm64/mm: fix incorrect file_map_count for non-leaf pmd/pud The page table check trigger BUG_ON() unexpectedly when collapse huge… | |||
| CVE-2022-41742 | medium | — | 5.5 | 1y ago | Moderate: nginx security update | |||
| CVE-2022-48969 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: xen-netfront: Fix NULL sring after live migration A NAPI is setup for each network sring to poll data to kernel The sring with so… | |||
| CVE-2022-50319 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: coresight: trbe: remove cpuhp instance node before remove cpuhp state cpuhp_state_add_instance() and cpuhp_state_remove_instance(… | |||
| CVE-2022-50421 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: rpmsg: char: Avoid double destroy of default endpoint The rpmsg_dev_remove() in rpmsg_core is the place for releasing this defaul… | |||
| CVE-2022-49014 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net: tun: Fix use-after-free in tun_detach() syzbot reported use-after-free in tun_detach() [1]. This causes call trace like bel… | |||
| CVE-2022-49804 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: s390: avoid using global register for current_stack_pointer Commit 30de14b1884b ("s390: current_stack_pointer shouldn't be a func… | |||
| CVE-2022-50743 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: erofs: Fix pcluster memleak when its block address is zero syzkaller reported a memleak: https://syzkaller.appspot.com/bug?id=62f… | |||
| CVE-2022-49006 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: tracing: Free buffers when a used dynamic event is removed After 65536 dynamic events have been added and removed, the "type" fie… | |||
| CVE-2022-1941 | medium | — | 5.5 | 1y ago | Moderate: protobuf security update | |||
| CVE-2022-50491 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: coresight: cti: Fix hang in cti_disable_hw() cti_enable_hw() and cti_disable_hw() are called from an atomic context so shouldn't … | |||
| CVE-2022-50159 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: of: check previous kernel's ima-kexec-buffer against memory bounds Presently ima_get_kexec_buffer() doesn't check if the previous… | |||
| CVE-2022-49815 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: erofs: fix missing xas_retry() in fscache mode The xarray iteration only holds the RCU read lock and thus may encounter XA_RETRY_… | |||
| CVE-2022-48989 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: fscache: Fix oops due to race with cookie_lru and use_cookie If a cookie expires from the LRU and the LRU_DISCARD flag is set, bu… | |||
| CVE-2022-50214 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: coresight: Clear the connection field properly coresight devices track their connections (output connections) and hold a referenc… | |||
| CVE-2022-49747 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: erofs/zmap.c: Fix incorrect offset calculation Effective offset to add to length was being incorrectly calculated, which resulted… | |||
| CVE-2022-50112 | medium | — | 5.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: rpmsg: qcom_smd: Fix refcount leak in qcom_smd_parse_edge of_parse_phandle() returns a node pointer with refcount incremented, we… | |||
| CVE-2022-49043 | medium | — | 5.5 | 1y ago | RHSA-2025:1517: libxml2 security update (Moderate) | |||
| CVE-2022-48669 | medium | — | 5.5 | 2y ago | RHSA-2024:3618: kernel update (Moderate) | |||
| CVE-2022-50720 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: x86/apic: Don't disable x2APIC if locked The APIC supports two modes, legacy APIC (or xAPIC), and Extended APIC (or x2APIC). X2A… | |||
| CVE-2022-50019 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tty: serial: Fix refcount leak bug in ucc_uart.c In soc_info(), of_find_node_by_type() will return a node pointer with refcount i… | |||
| CVE-2022-50073 | medium | — | 5.5 | 2y ago | RHSA-2021:4356: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-49787 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put() pci_get_device() will increase the reference count for t… | |||
| CVE-2022-50353 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mmc: wmt-sdmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memo… | |||
| CVE-2022-50670 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mmc: omap_hsmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, it will… | |||
| CVE-2022-49329 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: vduse: Fix NULL pointer dereference on sysfs access The control device has no drvdata. So we will get a NULL pointer dereference … | |||
| CVE-2022-4122 | medium | — | 5.5 | 2y ago | Moderate: podman security update | |||
| CVE-2022-49430 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Input: gpio-keys - cancel delayed work only in case of GPIO gpio_keys module can either accept gpios or interrupts. The module in… | |||
| CVE-2022-50486 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: Fix return type of netcp_ndo_start_xmit() With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG),… | |||
| CVE-2022-50761 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: x86/xen: Fix memory leak in xen_init_lock_cpu() In xen_init_lock_cpu(), the @name has allocated new string by kasprintf(), if bin… | |||
| CVE-2022-50625 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: serial: amba-pl011: avoid SBSA UART accessing DMACR register Chapter "B Generic UART" in "ARM Server Base System Architecture" [1… | |||
| CVE-2022-50096 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: x86/kprobes: Update kcb status flag after singlestepping Fix kprobes to update kcb (kprobes control block) status flag to KPROBE_… | |||
| CVE-2022-50347 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mmc: rtsx_usb_sdmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the… | |||
| CVE-2022-50663 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix possible memory leak in stmmac_dvr_probe() The bitmap_free() should be called to free priv->af_xdp_zc_qps when c… | |||
| CVE-2022-50858 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mmc: alcor: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory t… | |||
| CVE-2022-50468 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: platform/chrome: cros_usbpd_notify: Fix error handling in cros_usbpd_notify_init() The following WARNING message was given when r… | |||
| CVE-2022-50312 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drivers: serial: jsm: fix some leaks in probe This error path needs to unwind instead of just returning directly. | |||
| CVE-2022-48929 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix crash due to out of bounds access into reg2btf_ids. When commit e6ac2450d6de ("bpf: Support bpf program calling kernel f… | |||
| CVE-2022-50846 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mmc: via-sdmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, it will … | |||
| CVE-2022-50886 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mmc: toshsd: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory … | |||
| CVE-2022-48672 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: of: fdt: fix off-by-one error in unflatten_dt_nodes() Commit 78c44d910d3e ("drivers/of: Fix depth when unflattening devicetree") … | |||
| CVE-2022-49549 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: x86/MCE/AMD: Fix memory leak when threshold_create_bank() fails In mce_threshold_create_device(), if threshold_create_bank() fail… | |||
| CVE-2022-49308 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: extcon: Modify extcon device to be created after driver data is set Currently, someone can invoke the sysfs such as state_show() … | |||
| CVE-2022-50177 | medium | — | 5.5 | 2y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-50748 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ipc: mqueue: fix possible memory leak in init_mqueue_fs() commit db7cfc380900 ("ipc: Free mq_sysctls if ipc namespace creation fa… | |||
| CVE-2022-50640 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mmc: core: Fix kernel panic when remove non-standard SDIO card SDIO tuple is only allocated for standard SDIO card, especially it… | |||
| CVE-2022-49124 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: x86/mce: Work around an erratum on fast string copy instructions A rare kernel panic scenario can happen when the following condi… | |||
| CVE-2022-49941 | medium | — | 5.5 | 2y ago | RHSA-2024:9315: kernel security update (Moderate) | |||
| CVE-2022-50141 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch of_find_matching_node() returns a node pointer with refcoun… | |||
| CVE-2022-50284 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ipc: fix memory leak in init_mqueue_fs() When setup_mq_sysctls() failed in init_mqueue_fs(), mqueue_inode_cachep is not released.… | |||
| CVE-2022-50541 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: k3-udma: Reset UDMA_CHAN_RT byte counters to prevent overflow UDMA_CHAN_RT_*BCNT_REG stores the real-time channel … | |||
| CVE-2022-50769 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mmc: mxcmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory … | |||
| CVE-2022-50268 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mmc: moxart: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory … | |||
| CVE-2022-50251 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory … | |||
| CVE-2022-50653 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mmc: atmel-mci: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, it will … | |||
| CVE-2022-49860 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: k3-udma-glue: fix memory leak when register device fail If device_register() fails, it should call put_device() to… | |||
| CVE-2022-49267 | medium | — | 5.5 | 2y ago | RHSA-2024:9315: kernel security update (Moderate) | |||
| CVE-2022-48703 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: thermal/int340x_thermal: handle data_vault when the value is ZERO_SIZE_PTR In some case, the GDDV returns a package with a buffer… | |||
| CVE-2022-49197 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: af_netlink: Fix shift out of bounds in group mask calculation When a netlink message is received, netlink_recvmsg() fills in the … | |||
| CVE-2022-49078 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: lz4: fix LZ4_decompress_safe_partial read out of bound When partialDecoding, it is EOF if we've either filled the output buffer o… | |||
| CVE-2022-48773 | medium | — | 5.5 | 2y ago | RHSA-2024:8870: kernel-rt security update (Moderate) | |||
| CVE-2022-24807 | medium | — | 5.5 | 2y ago | Moderate: net-snmp security update | |||
| CVE-2022-24806 | medium | — | 5.5 | 2y ago | Moderate: net-snmp security update | |||
| CVE-2022-24809 | medium | — | 5.5 | 2y ago | Moderate: net-snmp security update | |||
| CVE-2022-24808 | medium | — | 5.5 | 2y ago | Moderate: net-snmp security update | |||
| CVE-2022-24805 | medium | — | 5.5 | 2y ago | Moderate: net-snmp security update | |||
| CVE-2022-24810 | medium | — | 5.5 | 2y ago | Moderate: net-snmp security update | |||
| CVE-2022-48627 | medium | — | 5.5 | 2y ago | RHSA-2024:3627: kernel-rt security and bug fix update (Moderate) | |||
| CVE-2022-48829 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes iattr::ia_size is a loff_t, so these NFSv3 procedures must be caref… | |||
| CVE-2022-48828 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix ia_size underflow iattr::ia_size is a loff_t, which is a signed 64-bit type. NFSv3 and NFSv4 both define file size as a… | |||
| CVE-2022-48622 | medium | — | 5.5 | 2y ago | RHSA-2024:3341: gdk-pixbuf2 security update (Moderate) | |||
| CVE-2022-23222 | medium | — | 5.5 | 2y ago | RHSA-2024:3138: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-48565 | medium | — | 5.5 | 2y ago | RHSA-2024:2987: python27:2.7 security update (Moderate) | |||
| CVE-2022-50274 | medium | — | 5.5 | 2y ago | RHSA-2024:3138: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-0500 | medium | — | 5.5 | 2y ago | RHSA-2024:3138: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-49940 | medium | — | 5.5 | 2y ago | RHSA-2024:3138: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-48947 | medium | — | 5.5 | 2y ago | RHSA-2024:3138: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-50782 | medium | — | 5.5 | 2y ago | RHSA-2024:3138: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-50673 | medium | — | 5.5 | 2y ago | RHSA-2026:2378: kernel-rt security update (Moderate) | |||
| CVE-2022-33065 | medium | — | 5.5 | 2y ago | RHSA-2024:3030: libsndfile security update (Moderate) | |||
| CVE-2022-50116 | medium | — | 5.5 | 2y ago | RHSA-2024:3138: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-50638 | medium | — | 5.5 | 2y ago | RHSA-2024:3138: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-49977 | medium | — | 5.5 | 2y ago | RHSA-2025:11851: kernel-rt security update (Moderate) | |||
| CVE-2022-40090 | medium | — | 5.5 | 2y ago | Moderate: libtiff security update | |||
| CVE-2022-50286 | medium | — | 5.5 | 2y ago | RHSA-2024:3138: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-50485 | medium | — | 5.5 | 2y ago | RHSA-2024:3138: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-38096 | medium | 5.5 | 5.5 | 2y ago | RHSA-2024:1614: kernel-rt security and bug fix update (Important) | |||
| CVE-2022-45934 | medium | — | 5.5 | 2y ago | RHSA-2024:3138: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-48564 | medium | — | 5.5 | 2y ago | RHSA-2024:0114: python3 security update (Moderate) | |||
| CVE-2022-48560 | medium | — | 5.5 | 2y ago | RHSA-2024:2987: python27:2.7 security update (Moderate) | |||
| CVE-2022-44638 | medium | — | 5.5 | 3y ago | RHSA-2024:0131: pixman security update (Moderate) | |||
| CVE-2022-24963 | medium | — | 5.5 | 3y ago | Moderate: apr security update | |||
| CVE-2022-48468 | medium | — | 5.5 | 3y ago | RHSA-2023:6944: protobuf-c security update (Moderate) | |||
| CVE-2022-37601 | medium | — | 5.5 | 3y ago | RHSA-2023:6972: grafana security and enhancement update (Moderate) |