CVEs from 2022
Total
5,751
critical
critical 89
high
high 1,226
medium
medium 901
low
low 24
% Critical
1.5%
% with KEV
2.3%
% with exploit
2.5%
Top vendors
Top products
- jdk 116
- jre 109
- openjdk 100
- zulu 82
- graalvm 74
- cloud_secure_agent 35
- oncommand_insight 34
- cloud_insights_acquisition_unit 34
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-40090 | medium | — | 5.5 | 2y ago | Moderate: libtiff security update | |||
| CVE-2022-38096 | medium | 5.5 | 5.5 | 2y ago | A NULL pointer dereference vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw… | |||
| CVE-2022-49977 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead ftrace_startup does not remove ops from ftrace_o… | |||
| CVE-2022-48624 | medium | — | 5.5 | 2y ago | Moderate: less security update | |||
| CVE-2022-48564 | medium | — | 5.5 | 2y ago | read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format. | |||
| CVE-2022-48560 | medium | — | 5.5 | 2y ago | Moderate: python27:2.7 security update | |||
| CVE-2022-44638 | medium | — | 5.5 | 3y ago | Moderate: mingw-pixman security update | |||
| CVE-2022-24963 | medium | — | 5.5 | 3y ago | Moderate: apr security update | |||
| CVE-2022-23552 | medium | — | 5.5 | 3y ago | Moderate: grafana security and enhancement update | |||
| CVE-2022-39307 | medium | — | 5.5 | 3y ago | Moderate: grafana security and enhancement update | |||
| CVE-2022-39324 | medium | — | 5.5 | 3y ago | Moderate: grafana security and enhancement update | |||
| CVE-2022-50865 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: tcp: fix a signed-integer-overflow bug in tcp_add_backlog() The type of sk_rcvbuf and sk_sndbuf in struct sock is int, and in tcp… | |||
| CVE-2022-50087 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails When scpi probe fails, at any point, we need to ensure th… | |||
| CVE-2022-3565 | medium | — | 5.5 | 3y ago | Moderate: kernel security, bug fix, and enhancement update | |||
| CVE-2022-50543 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix mr->map double free rxe_mr_cleanup() which tries to free mr->map again will be called when rxe_mr_init_user() fails… | |||
| CVE-2022-4285 | medium | — | 5.5 | 3y ago | Moderate: binutils security update | |||
| CVE-2022-40318 | medium | — | 5.5 | 3y ago | Moderate: frr security and bug fix update | |||
| CVE-2022-31123 | medium | — | 5.5 | 3y ago | Moderate: grafana security and enhancement update | |||
| CVE-2022-31130 | medium | — | 5.5 | 3y ago | Moderate: grafana security and enhancement update | |||
| CVE-2022-39306 | medium | — | 5.5 | 3y ago | Moderate: grafana security and enhancement update | |||
| CVE-2022-40302 | medium | — | 5.5 | 3y ago | Moderate: frr security and bug fix update | |||
| CVE-2022-43681 | medium | — | 5.5 | 3y ago | Moderate: frr security and bug fix update | |||
| CVE-2022-39201 | medium | — | 5.5 | 3y ago | Moderate: grafana security and enhancement update | |||
| CVE-2022-36440 | medium | — | 5.5 | 3y ago | Moderate: frr security and bug fix update | |||
| CVE-2022-48468 | medium | — | 5.5 | 3y ago | Moderate: protobuf-c security update | |||
| CVE-2022-38745 | medium | — | 5.5 | 3y ago | Moderate: libreoffice security update | |||
| CVE-2022-37601 | medium | — | 5.5 | 3y ago | Prototype pollution vulnerability in function parseQuery in parseQuery.js in webpack loader-utils via the name variable in parseQuery.js. This affects all versions prior to 1.4.1 and 2.0.3. | |||
| CVE-2022-2127 | medium | — | 5.5 | 3y ago | Moderate: samba security, bug fix, and enhancement update | |||
| CVE-2022-23527 | medium | — | 5.5 | 3y ago | Moderate: mod_auth_openidc:2.3 security and bug fix update | |||
| CVE-2022-40898 | medium | — | 5.5 | 3y ago | Moderate: python-wheel security update | |||
| CVE-2022-3064 | medium | — | 5.5 | 3y ago | Moderate: toolbox security and bug fix update | |||
| CVE-2022-40433 | medium | — | 5.5 | 3y ago | Moderate: java-1.8.0-openjdk security update | |||
| CVE-2022-48281 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2022-46663 | medium | — | 5.5 | 3y ago | Moderate: less security update | |||
| CVE-2022-4515 | medium | — | 5.5 | 3y ago | Moderate: ctags security update | |||
| CVE-2022-30786 | medium | — | 5.5 | 3y ago | Moderate: libguestfs-winsupport security update | |||
| CVE-2022-4645 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2022-49058 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: cifs: potential buffer overflow in handling symlinks Smatch printed a warning: arch/x86/crypto/poly1305_glue.c:198 poly1305_upda… | |||
| CVE-2022-50228 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0 Don't BUG/WARN on interrupt injection due to GIF being cleared, … | |||
| CVE-2022-44792 | medium | — | 5.5 | 3y ago | Moderate: net-snmp security and bug fix update | |||
| CVE-2022-25881 | medium | — | 5.5 | 3y ago | Moderate: nodejs and nodejs-nodemon security, bug fix, and enhancement update | |||
| CVE-2022-37032 | medium | — | 5.5 | 3y ago | Moderate: frr security, bug fix, and enhancement update | |||
| CVE-2022-1925 | medium | — | 5.5 | 3y ago | Moderate: gstreamer1-plugins-good security update | |||
| CVE-2022-3970 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2022-39229 | medium | — | 5.5 | 3y ago | Moderate: grafana security update | |||
| CVE-2022-41724 | medium | — | 5.5 | 3y ago | Moderate: podman security, bug fix, and enhancement update | |||
| CVE-2022-30788 | medium | — | 5.5 | 3y ago | Moderate: libguestfs-winsupport security update | |||
| CVE-2022-1922 | medium | — | 5.5 | 3y ago | Moderate: gstreamer1-plugins-good security update | |||
| CVE-2022-34302 | medium | — | 5.5 | 3y ago | Moderate: fwupd security and bug fix update | |||
| CVE-2022-45939 | medium | — | 5.5 | 3y ago | Moderate: emacs security and bug fix update | |||
| CVE-2022-3551 | medium | — | 5.5 | 3y ago | Moderate: xorg-x11-server-Xwayland security update | |||
| CVE-2022-35957 | medium | — | 5.5 | 3y ago | Moderate: grafana security and enhancement update | |||
| CVE-2022-44793 | medium | — | 5.5 | 3y ago | Moderate: net-snmp security and bug fix update | |||
| CVE-2022-30784 | medium | — | 5.5 | 3y ago | Moderate: libguestfs-winsupport security update | |||
| CVE-2022-41877 | medium | — | 5.5 | 3y ago | Moderate: freerdp security update | |||
| CVE-2022-2122 | medium | — | 5.5 | 3y ago | Moderate: gstreamer1-plugins-good security update | |||
| CVE-2022-41973 | medium | — | 5.5 | 3y ago | Moderate: device-mapper-multipath security and bug fix update | |||
| CVE-2022-3165 | medium | — | 5.5 | 3y ago | Moderate: qemu-kvm security, bug fix, and enhancement update | |||
| CVE-2022-4904 | medium | — | 5.5 | 3y ago | Moderate: nodejs and nodejs-nodemon security, bug fix, and enhancement update | |||
| CVE-2022-3190 | medium | — | 5.5 | 3y ago | Moderate: wireshark security and bug fix update | |||
| CVE-2022-41725 | medium | — | 5.5 | 3y ago | Moderate: toolbox security and bug fix update | |||
| CVE-2022-46340 | medium | — | 5.5 | 3y ago | Moderate: tigervnc security and bug fix update | |||
| CVE-2022-41946 | medium | — | 5.5 | 3y ago | TemporaryFolder on unix-like systems does not limit access to created files | |||
| CVE-2022-2928 | medium | — | 5.5 | 3y ago | Moderate: dhcp security and enhancement update | |||
| CVE-2022-24765 | medium | — | 5.5 | 3y ago | Moderate: git security and bug fix update | |||
| CVE-2022-1920 | medium | — | 5.5 | 3y ago | Moderate: gstreamer1-plugins-good security update | |||
| CVE-2022-40023 | medium | — | 5.5 | 3y ago | Moderate: python-mako security update | |||
| CVE-2022-3287 | medium | — | 5.5 | 3y ago | When creating an OPERATOR user account on the BMC, the redfish plugin saved the auto-generated password to /etc/fwupd/redfish.conf without proper restriction, allowing any user on the system to read … | |||
| CVE-2022-29187 | medium | — | 5.5 | 3y ago | Moderate: git security and bug fix update | |||
| CVE-2022-46344 | medium | — | 5.5 | 3y ago | Moderate: tigervnc security and bug fix update | |||
| CVE-2022-34303 | medium | — | 5.5 | 3y ago | Moderate: fwupd security and bug fix update | |||
| CVE-2022-46341 | medium | — | 5.5 | 3y ago | Moderate: tigervnc security and bug fix update | |||
| CVE-2022-39320 | medium | — | 5.5 | 3y ago | Moderate: freerdp security update | |||
| CVE-2022-2393 | medium | — | 5.5 | 3y ago | Moderate: pki-core security, bug fix, and enhancement update | |||
| CVE-2022-1924 | medium | — | 5.5 | 3y ago | Moderate: gstreamer1-plugins-good security update | |||
| CVE-2022-3550 | medium | — | 5.5 | 3y ago | Moderate: xorg-x11-server security and bug fix update | |||
| CVE-2022-3094 | medium | — | 5.5 | 3y ago | Moderate: bind security and bug fix update | |||
| CVE-2022-1921 | medium | — | 5.5 | 3y ago | Moderate: gstreamer1-plugins-good security update | |||
| CVE-2022-30789 | medium | — | 5.5 | 3y ago | Moderate: libguestfs-winsupport security update | |||
| CVE-2022-3924 | medium | — | 5.5 | 3y ago | Moderate: bind security and bug fix update | |||
| CVE-2022-2929 | medium | — | 5.5 | 3y ago | Moderate: dhcp security and enhancement update | |||
| CVE-2022-3204 | medium | — | 5.5 | 3y ago | Moderate: unbound security update | |||
| CVE-2022-1923 | medium | — | 5.5 | 3y ago | Moderate: gstreamer1-plugins-good security update | |||
| CVE-2022-39253 | medium | — | 5.5 | 3y ago | Moderate: git security and bug fix update | |||
| CVE-2022-38784 | medium | — | 5.5 | 3y ago | Moderate: poppler security and bug fix update | |||
| CVE-2022-2795 | medium | — | 5.5 | 3y ago | Moderate: bind security and bug fix update | |||
| CVE-2022-46343 | medium | — | 5.5 | 3y ago | Moderate: tigervnc security and bug fix update | |||
| CVE-2022-46342 | medium | — | 5.5 | 3y ago | Moderate: tigervnc security and bug fix update | |||
| CVE-2022-4283 | medium | — | 5.5 | 3y ago | Moderate: tigervnc security and bug fix update | |||
| CVE-2022-34301 | medium | — | 5.5 | 3y ago | Moderate: fwupd security and bug fix update | |||
| CVE-2022-39317 | medium | — | 5.5 | 3y ago | Moderate: freerdp security update | |||
| CVE-2022-3598 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2022-39282 | medium | — | 5.5 | 3y ago | Moderate: freerdp security update | |||
| CVE-2022-3627 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2022-39319 | medium | — | 5.5 | 3y ago | Moderate: freerdp security update | |||
| CVE-2022-39316 | medium | — | 5.5 | 3y ago | Moderate: freerdp security update | |||
| CVE-2022-41723 | medium | — | 5.5 | 3y ago | Moderate: toolbox security and bug fix update | |||
| CVE-2022-4172 | medium | — | 5.5 | 3y ago | Moderate: qemu-kvm security, bug fix, and enhancement update | |||
| CVE-2022-39283 | medium | — | 5.5 | 3y ago | Moderate: freerdp security update | |||
| CVE-2022-41861 | medium | — | 5.5 | 3y ago | Moderate: freeradius:3.0 security update |