CVEs from 2022
Total
5,752
critical
critical 89
high
high 1,231
medium
medium 900
low
low 24
% Critical
1.5%
% with KEV
2.3%
% with exploit
2.5%
Top vendors
Top products
- jdk 116
- jre 109
- openjdk 100
- zulu 82
- graalvm 74
- cloud_secure_agent 35
- oncommand_insight 34
- cloud_insights_acquisition_unit 34
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-2795 | medium | — | 5.5 | 3y ago | Moderate: bind security and bug fix update | |||
| CVE-2022-41723 | medium | — | 5.5 | 3y ago | Moderate: toolbox security and bug fix update | |||
| CVE-2022-30784 | medium | — | 5.5 | 3y ago | Moderate: libguestfs-winsupport security update | |||
| CVE-2022-2929 | medium | — | 5.5 | 3y ago | Moderate: dhcp security and enhancement update | |||
| CVE-2022-3551 | medium | — | 5.5 | 3y ago | Moderate: xorg-x11-server-Xwayland security update | |||
| CVE-2022-3736 | medium | — | 5.5 | 3y ago | Moderate: bind security and bug fix update | |||
| CVE-2022-3165 | medium | — | 5.5 | 3y ago | Moderate: qemu-kvm security, bug fix, and enhancement update | |||
| CVE-2022-30786 | medium | — | 5.5 | 3y ago | Moderate: libguestfs-winsupport security update | |||
| CVE-2022-49058 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: cifs: potential buffer overflow in handling symlinks Smatch printed a warning: arch/x86/crypto/poly1305_glue.c:198 poly1305_upda… | |||
| CVE-2022-41973 | medium | — | 5.5 | 3y ago | Moderate: device-mapper-multipath security and bug fix update | |||
| CVE-2022-4172 | medium | — | 5.5 | 3y ago | Moderate: qemu-kvm security, bug fix, and enhancement update | |||
| CVE-2022-37454 | medium | — | 5.5 | 3y ago | The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic… | |||
| CVE-2022-2625 | medium | — | 5.5 | 3y ago | Moderate: postgresql:12 security update | |||
| CVE-2022-41862 | medium | — | 5.5 | 3y ago | Moderate: postgresql security update | |||
| CVE-2022-4899 | medium | — | 5.5 | 3y ago | Moderate: mysql security update | |||
| CVE-2022-45061 | medium | — | 5.5 | 3y ago | An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably lo… | |||
| CVE-2022-45873 | medium | — | 5.5 | 3y ago | Moderate: systemd security update | |||
| CVE-2022-37436 | medium | — | 5.5 | 3y ago | Moderate: httpd security and bug fix update | |||
| CVE-2022-31630 | medium | — | 5.5 | 3y ago | Moderate: php:8.1 security update | |||
| CVE-2022-48303 | medium | — | 5.5 | 3y ago | Moderate: tar security update | |||
| CVE-2022-31628 | medium | — | 5.5 | 3y ago | Moderate: php:8.1 security update | |||
| CVE-2022-36760 | medium | — | 5.5 | 3y ago | Moderate: httpd security and bug fix update | |||
| CVE-2022-31631 | medium | — | 5.5 | 3y ago | Moderate: php:8.1 security update | |||
| CVE-2022-31629 | medium | — | 5.5 | 3y ago | Moderate: php:8.1 security update | |||
| CVE-2022-4415 | medium | — | 5.5 | 3y ago | Moderate: systemd security update | |||
| CVE-2022-40897 | medium | — | 5.5 | 3y ago | Moderate: python-setuptools security update | |||
| CVE-2022-47024 | medium | — | 5.5 | 3y ago | A null pointer dereference issue was discovered in function gui_x11_create_blank_mouse in gui_x11.c in vim 8.1.2269 thru 9.0.0339 allows attackers to cause denial of service or other unspecified impa… | |||
| CVE-2022-4304 | medium | — | 5.5 | 3y ago | Moderate: openssl security and bug fix update | |||
| CVE-2022-4203 | medium | — | 5.5 | 3y ago | Moderate: openssl security and bug fix update | |||
| CVE-2022-4450 | medium | — | 5.5 | 3y ago | Moderate: openssl security and bug fix update | |||
| CVE-2022-2058 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2022-2056 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2022-2953 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2022-2520 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2022-26306 | medium | — | 5.5 | 3y ago | Moderate: libreoffice security update | |||
| CVE-2022-2057 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2022-42012 | medium | — | 5.5 | 3y ago | Moderate: dbus security update | |||
| CVE-2022-2880 | medium | — | 5.5 | 3y ago | Moderate: git-lfs security and bug fix update | |||
| CVE-2022-26307 | medium | — | 5.5 | 3y ago | Moderate: libreoffice security update | |||
| CVE-2022-3140 | medium | — | 5.5 | 3y ago | Moderate: libreoffice security update | |||
| CVE-2022-2519 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2022-26305 | medium | — | 5.5 | 3y ago | Moderate: libreoffice security update | |||
| CVE-2022-2521 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2022-32221 | medium | — | 5.5 | 3y ago | Moderate: curl security update | |||
| CVE-2022-43680 | medium | — | 5.5 | 3y ago | In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. | |||
| CVE-2022-31197 | medium | — | 5.5 | 3y ago | Moderate: postgresql-jdbc security update | |||
| CVE-2022-3715 | medium | — | 5.5 | 3y ago | Moderate: bash security update | |||
| CVE-2022-42011 | medium | — | 5.5 | 3y ago | Moderate: dbus security update | |||
| CVE-2022-3821 | medium | — | 5.5 | 3y ago | Moderate: systemd security update | |||
| CVE-2022-40303 | medium | — | 5.5 | 3y ago | Moderate: libxml2 security update | |||
| CVE-2022-27664 | medium | — | 5.5 | 3y ago | Moderate: git-lfs security and bug fix update | |||
| CVE-2022-2879 | medium | — | 5.5 | 3y ago | Moderate: Image Builder security, bug fix, and enhancement update | |||
| CVE-2022-42010 | medium | — | 5.5 | 3y ago | Moderate: dbus security update | |||
| CVE-2022-41717 | medium | — | 5.5 | 3y ago | Moderate: git-lfs security and bug fix update | |||
| CVE-2022-40304 | medium | — | 5.5 | 3y ago | Moderate: libxml2 security update | |||
| CVE-2022-41715 | medium | — | 5.5 | 3y ago | Moderate: git-lfs security and bug fix update | |||
| CVE-2022-2869 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2022-4144 | medium | — | 5.5 | 3y ago | Moderate: virt:rhel and virt-devel:rhel security and bug fix update | |||
| CVE-2022-2868 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2022-2867 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2022-43548 | medium | — | 5.5 | 4y ago | Moderate: nodejs:18 security, bug fix, and enhancement update | |||
| CVE-2022-3517 | medium | — | 5.5 | 4y ago | Moderate: nodejs:18 security, bug fix, and enhancement update | |||
| CVE-2022-45442 | medium | — | 5.5 | 4y ago | Moderate: pcs security update | |||
| CVE-2022-24999 | medium | — | 5.5 | 4y ago | Moderate: nodejs:14 security, bug fix, and enhancement update | |||
| CVE-2022-49394 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: blk-iolatency: Fix inflight count imbalances and IO hangs on offline iolatency needs to track the number of inflight IOs per cgro… | |||
| CVE-2022-22844 | medium | — | 5.5 | 4y ago | Moderate: libtiff security update | |||
| CVE-2022-27337 | medium | — | 5.5 | 4y ago | Moderate: poppler security and bug fix update | |||
| CVE-2022-23825 | medium | — | 5.5 | 4y ago | Moderate: kernel security, bug fix, and enhancement update | |||
| CVE-2022-1355 | medium | — | 5.5 | 4y ago | Moderate: libtiff security update | |||
| CVE-2022-48921 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix fault in reweight_entity Syzbot found a GPF in reweight_entity. This has been bisected to commit 4ef0c5c6b5ba ("k… | |||
| CVE-2022-49265 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: PM: domains: Fix sleep-in-atomic bug caused by genpd_debug_remove() When a genpd with GENPD_FLAG_IRQ_SAFE gets removed, the follo… | |||
| CVE-2022-49188 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: remoteproc: qcom_q6v5_mss: Fix some leaks in q6v5_alloc_memory_region The device_node pointer is returned by of_parse_phandle() o… | |||
| CVE-2022-1706 | medium | — | 5.5 | 4y ago | Moderate: ignition security, bug fix, and enhancement update | |||
| CVE-2022-31813 | medium | — | 5.5 | 4y ago | Moderate: httpd security, bug fix, and enhancement update | |||
| CVE-2022-49259 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: block: don't delete queue kobject before its children kobjects aren't supposed to be deleted before their child kobjects are dele… | |||
| CVE-2022-25308 | medium | — | 5.5 | 4y ago | Moderate: fribidi security update | |||
| CVE-2022-3500 | medium | — | 5.5 | 4y ago | Moderate: keylime security update | |||
| CVE-2022-26717 | medium | — | 5.5 | 4y ago | Moderate: webkit2gtk3 security and bug fix update | |||
| CVE-2022-49330 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd syzbot got a new report [1] finally pointing to a very old bug, added in initia… | |||
| CVE-2022-2990 | medium | — | 5.5 | 4y ago | Moderate: buildah security and bug fix update | |||
| CVE-2022-42432 | medium | — | 5.5 | 4y ago | This vulnerability allows local attackers to disclose sensitive information on affected installations of the Linux Kernel 6.0-rc2. An attacker must first obtain the ability to execute high-privileged… | |||
| CVE-2022-49347 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug_on in ext4_writepages we got issue as follows: EXT4-fs error (device loop0): ext4_mb_generate_buddy:1141: group 0, … | |||
| CVE-2022-27191 | medium | — | 5.5 | 4y ago | Moderate: buildah security and bug fix update | |||
| CVE-2022-39190 | medium | — | 5.5 | 4y ago | An issue was discovered in net/netfilter/nf_tables_api.c in the Linux kernel before 5.19.6. A denial of service can occur upon binding to an already bound chain. | |||
| CVE-2022-36946 | medium | — | 5.5 | 4y ago | nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one… | |||
| CVE-2022-0934 | medium | — | 5.5 | 4y ago | Moderate: dnsmasq security and bug fix update | |||
| CVE-2022-32189 | medium | — | 5.5 | 4y ago | Moderate: git-lfs security and bug fix update | |||
| CVE-2022-49465 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: blk-throttle: Set BIO_THROTTLED when bio has been throttled 1.In current process, all bio will set the BIO_THROTTLED flag after _… | |||
| CVE-2022-49272 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix potential AB/BA lock with buffer_mutex and mmap_lock syzbot caught a potential deadlock between the PCM runtime->b… | |||
| CVE-2022-49264 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: exec: Force single empty string when argv is empty Quoting[1] Ariadne Conill: "In several other operating systems, it is a hard … | |||
| CVE-2022-23816 | medium | — | 5.5 | 4y ago | Moderate: kernel security, bug fix, and enhancement update | |||
| CVE-2022-30550 | medium | — | 5.5 | 4y ago | Moderate: dovecot security and enhancement update | |||
| CVE-2022-1354 | medium | — | 5.5 | 4y ago | Moderate: libtiff security update | |||
| CVE-2022-0908 | medium | — | 5.5 | 4y ago | Moderate: libtiff security update | |||
| CVE-2022-0924 | medium | — | 5.5 | 4y ago | Moderate: libtiff security update | |||
| CVE-2022-26700 | medium | — | 5.5 | 4y ago | Moderate: webkit2gtk3 security and bug fix update | |||
| CVE-2022-0562 | medium | — | 5.5 | 4y ago | Moderate: libtiff security update | |||
| CVE-2022-0865 | medium | — | 5.5 | 4y ago | Moderate: libtiff security update | |||
| CVE-2022-49235 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: ath9k_htc: fix uninit value bugs Syzbot reported 2 KMSAN bugs in ath9k. All of them are caused by missing field initialization. … | |||
| CVE-2022-0561 | medium | — | 5.5 | 4y ago | Moderate: libtiff security update |