VIR Vulnerability Intelligence Relay

CVEs from 2022

6,002 normalized CVEs published or assigned in this year.

Total
6,002
critical
critical 88
high
high 1,240
medium
medium 887
low
low 23
% Critical
1.5%
% with KEV
2.2%
% with exploit
2.2%

Top vendors

Top products

  • jdk 116
  • jre 109
  • openjdk 100
  • zulu 82
  • graalvm 74
  • cloud_secure_agent 35
  • oncommand_insight 34
  • cloud_insights_acquisition_unit 34

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2022-39320 medium 5.5 3y ago Moderate: freerdp security update redhatsusedebian
CVE-2022-41723 medium 5.5 3y ago Moderate: toolbox security and bug fix update rockylinuxredhatsusedebian+1
CVE-2022-34301 medium 5.5 3y ago Moderate: fwupd security and bug fix update redhatsuse
CVE-2022-2929 medium 5.5 3y ago Moderate: dhcp security and enhancement update redhatsusedebian
CVE-2022-3287 medium 5.5 3y ago When creating an OPERATOR user account on the BMC, the redfish plugin saved the auto-generated password to /etc/fwupd/redfish.conf without proper restriction, allowing any user on the system to read … redhatrockylinuxsusedebian
CVE-2022-3599 medium 5.5 3y ago Moderate: libtiff security update archredhatsusedebian
CVE-2022-46340 medium 5.5 3y ago Moderate: xorg-x11-server-Xwayland security update redhatsusedebian
CVE-2022-2928 medium 5.5 3y ago Moderate: dhcp security and enhancement update redhatsusedebian
CVE-2022-41973 medium 5.5 3y ago Moderate: device-mapper-multipath security and bug fix update redhatsusedebian
CVE-2022-46343 medium 5.5 3y ago Moderate: xorg-x11-server-Xwayland security update redhatsusedebian
CVE-2022-41877 medium 5.5 3y ago Moderate: freerdp security update redhatsusedebian
CVE-2022-3598 medium 5.5 3y ago Moderate: libtiff security update redhatsusedebian
CVE-2022-37454 medium 5.5 3y ago Moderate: php security update rockylinuxredhatsusedebian+2
CVE-2022-41862 medium 5.5 3y ago Moderate: postgresql security update redhatrockylinuxsusedebian
CVE-2022-2625 medium 5.5 3y ago Moderate: postgresql security update redhatrockylinuxsusedebian
CVE-2022-4899 medium 5.5 3y ago Moderate: mysql security update redhatrockylinuxsusedebian+1
CVE-2022-31628 medium 5.5 3y ago Moderate: php security update rockylinuxredhatsusedebian
CVE-2022-40897 medium 5.5 3y ago Moderate: python-setuptools security update redhatrockylinuxsusedebian+1
CVE-2022-31631 medium 5.5 3y ago Moderate: php security update rockylinuxredhatsusedebian
CVE-2022-45061 medium 5.5 3y ago Moderate: python39:3.9 and python39-devel:3.9 security update rockylinuxredhatsusedebian
CVE-2022-37436 medium 5.5 3y ago Moderate: httpd security and bug fix update archdebianredhatrockylinux+1
CVE-2022-45873 medium 5.5 3y ago Moderate: systemd security update redhatsuserockylinuxdebian
CVE-2022-47024 medium 5.5 3y ago Moderate: vim security update archredhatsuserockylinux+1
CVE-2022-36760 medium 5.5 3y ago Moderate: httpd security and bug fix update archdebianredhatrockylinux+1
CVE-2022-4415 medium 5.5 3y ago Moderate: systemd security update redhatrockylinuxsusedebian
CVE-2022-48303 medium 5.5 3y ago Moderate: tar security update redhatrockylinuxsusedebian
CVE-2022-31630 medium 5.5 3y ago Moderate: php security update rockylinuxredhatsusedebian
CVE-2022-31629 medium 5.5 3y ago Moderate: php security update rockylinuxredhatdebian
CVE-2022-4203 medium 5.5 3y ago Moderate: openssl security and bug fix update redhatsuserockylinuxdebian+1
CVE-2022-2057 medium 5.5 3y ago Moderate: libtiff security update archredhatrockylinuxsuse+1
CVE-2022-3140 medium 5.5 3y ago Moderate: libreoffice security update archredhatrockylinuxdebian
CVE-2022-2880 medium 5.5 3y ago Moderate: git-lfs security and bug fix update redhatrockylinuxsusedebian+1
CVE-2022-2519 medium 5.5 3y ago Moderate: libtiff security update archredhatalmalinuxrockylinux+2
CVE-2022-2879 medium 5.5 3y ago Moderate: Image Builder security, bug fix, and enhancement update redhatrockylinuxsusedebian+1
CVE-2022-2953 medium 5.5 3y ago Moderate: libtiff security update archredhatalmalinuxrockylinux+2
CVE-2022-2058 medium 5.5 3y ago Moderate: libtiff security update archredhatalmalinuxrockylinux+2
CVE-2022-42012 medium 5.5 3y ago Moderate: dbus security update archredhatdebianrockylinux+1
CVE-2022-3821 medium 5.5 3y ago Moderate: systemd security update redhatsuserockylinuxdebian
CVE-2022-31197 medium 5.5 3y ago PostgreSQL JDBC Driver SQL Injection in ResultSet.refreshRow() with malicious column names redhatsusedebianrockylinux+1
CVE-2022-41715 medium 5.5 3y ago Moderate: git-lfs security and bug fix update redhatalmalinuxrockylinuxsuse+2
CVE-2022-26305 medium 5.5 3y ago Moderate: libreoffice security update archredhatrockylinuxsuse+1
CVE-2022-2521 medium 5.5 3y ago Moderate: libtiff security update archredhatalmalinuxrockylinux+2
CVE-2022-40303 medium 5.5 3y ago Moderate: libxml2 security update redhatrockylinuxsusedebian
CVE-2022-42011 medium 5.5 3y ago Moderate: dbus security update archredhatdebianrockylinux+1
CVE-2022-26306 medium 5.5 3y ago Moderate: libreoffice security update archredhatrockylinuxsuse+1
CVE-2022-42010 medium 5.5 3y ago Moderate: dbus security update archredhatdebianrockylinux+1
CVE-2022-27664 medium 5.5 3y ago Moderate: git-lfs security and bug fix update rockylinuxredhatsusedebian+1
CVE-2022-43680 medium 5.5 3y ago In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. redhatdebianrockylinuxsuse
CVE-2022-2520 medium 5.5 3y ago Moderate: libtiff security update archredhatalmalinuxrockylinux+2
CVE-2022-3715 medium 5.5 3y ago Moderate: bash security update redhatdebianrockylinux
CVE-2022-2056 medium 5.5 3y ago Moderate: libtiff security update archredhatrockylinuxsuse+1
CVE-2022-26307 medium 5.5 3y ago Moderate: libreoffice security update archredhatrockylinuxsuse+1
CVE-2022-41717 medium 5.5 3y ago Moderate: container-tools:4.0 security and bug fix update rockylinuxredhatsusedebian+1
CVE-2022-32221 medium 5.5 3y ago Moderate: curl security update redhatdebiansuserockylinux
CVE-2022-40304 medium 5.5 3y ago Moderate: libxml2 security update redhatrockylinuxsusedebian
CVE-2022-4144 medium 5.5 3y ago Moderate: virt:rhel and virt-devel:rhel security and bug fix update rockylinuxsusedebian
CVE-2022-2869 medium 5.5 3y ago Moderate: libtiff security update archrockylinuxsusedebian
CVE-2022-2868 medium 5.5 3y ago Moderate: libtiff security update archrockylinuxsusedebian
CVE-2022-2867 medium 5.5 3y ago Moderate: libtiff security update archrockylinuxsusedebian
CVE-2022-43548 medium 5.5 4y ago Moderate: nodejs:16 security, bug fix, and enhancement update redhatrockylinuxsusedebian
CVE-2022-3517 medium 5.5 4y ago Moderate: nodejs:16 security, bug fix, and enhancement update redhatrockylinuxdebiannpm
CVE-2022-45442 medium 5.5 4y ago Moderate: pcs security update redhatrockylinuxsusedebian+1
CVE-2022-24999 medium 5.5 4y ago Moderate: nodejs:14 security, bug fix, and enhancement update rockylinuxdebiannpm
CVE-2022-21125 medium 5.5 4y ago Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. almalinuxredhatsuserockylinux+1
CVE-2022-21499 medium 5.5 4y ago KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that t… archalmalinuxredhatrockylinux+2
CVE-2022-48735 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix UAF of leds class devs at unbinding The LED class devices that are created by HD-audio codec drivers are registere… redhatsusedebian
CVE-2022-49561 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: re-fetch conntrack after insertion In case the conntrack is clashing, insertion can free skb->_nfct and set… redhatsusedebian
CVE-2022-2850 medium 5.5 4y ago Moderate: 389-ds-base security, bug fix, and enhancement update debianredhatsuserockylinux
CVE-2022-50027 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix possible memory leak when failing to issue CMF WQE There is no corresponding free routine if lpfc_sli4_issue_wqe … redhatsusedebian
CVE-2022-1048 medium 5.5 4y ago A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PC… almalinuxredhatarchrockylinux+2
CVE-2022-26377 medium 5.5 4y ago Moderate: httpd security, bug fix, and enhancement update debianredhatarchsuse+1
CVE-2022-50084 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: dm raid: fix address sanitizer warning in raid_status There is this warning when using a kernel with the address sanitizer and ru… redhatsusedebian
CVE-2022-32189 medium 5.5 4y ago Moderate: container-tools:4.0 security and bug fix update rockylinuxredhatsusedebian+1
CVE-2022-22844 medium 5.5 4y ago Moderate: libtiff security update redhatarchrockylinuxsuse+1
CVE-2022-26719 medium 5.5 4y ago Moderate: webkit2gtk3 security and bug fix update redhatarchrockylinuxsuse+1
CVE-2022-49538 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: ALSA: jack: Access input_dev under mutex It is possible when using ASoC that input_dev is unregistered while calling snd_jack_rep… redhatsusedebian
CVE-2022-30293 medium 5.5 4y ago Moderate: webkit2gtk3 security and bug fix update redhatarchrockylinuxsuse+1
CVE-2022-22721 medium 5.5 4y ago Moderate: httpd security, bug fix, and enhancement update debianredhatrockylinuxsuse
CVE-2022-1016 medium 5.5 4y ago A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to… archalmalinuxredhatrockylinux+2
CVE-2022-49228 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a btf decl_tag bug when tagging a function syzbot reported a btf decl_tag bug with stack trace below: general protect… redhatsusedebian
CVE-2022-1049 medium 5.5 4y ago Moderate: pcs security, bug fix, and enhancement update redhatrockylinuxdebian
CVE-2022-48912 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: netfilter: fix use-after-free in __nf_register_net_hook() We must not dereference @new_hooks after nf_hook_mutex has been release… redhatsusedebian
CVE-2022-0562 medium 5.5 4y ago Moderate: libtiff security update redhatarchsuserockylinux+1
CVE-2022-48918 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: iwlwifi: mvm: check debugfs_dir ptr before use When "debugfs=off" is used on the kernel command line, iwiwifi's mvm module uses a… redhatsusedebian
CVE-2022-0854 medium 5.5 4y ago A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls DMA_FROM_DEVICE. This flaw allows a local user to read random memory from the kernel space. redhatalmalinuxrockylinuxsuse+1
CVE-2022-49504 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Inhibit aborts if external loopback plug is inserted After running a short external loopback test, when the external … redhatsusedebian
CVE-2022-30699 medium 5.5 4y ago Moderate: unbound security, bug fix, and enhancement update redhatrockylinuxsusedebian
CVE-2022-48936 medium 5.5 4y ago Moderate: kernel-rt security update redhatrockylinuxsuse
CVE-2022-49707 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: ext4: add reserved GDT blocks check We capture a NULL pointer issue when resizing a corrupt ext4 image which is freshly clear res… redhatsusedebian
CVE-2022-49515 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: ASoC: cs35l41: Fix an out-of-bounds access in otp_packed_element_t The CS35L41_NUM_OTP_ELEM is 100, but only 99 entries are defin… redhatsusedebian
CVE-2022-49129 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: fix crash when startup fails. If the nic fails to start, it is possible that the reset_work has already been schedu… redhatsusedebian
CVE-2022-49710 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: dm mirror log: round up region bitmap size to BITS_PER_LONG The code in dm-log rounds up bitset_size to 32 bits. It then uses fin… redhatsusedebian
CVE-2022-3500 medium 5.5 4y ago Moderate: keylime security update redhatsuserockylinuxpython
CVE-2022-2309 medium 5.5 4y ago Moderate: python-lxml security update redhatsusedebianrockylinux+1
CVE-2022-0865 medium 5.5 4y ago Moderate: libtiff security update redhatarchsuserockylinux+1
CVE-2022-25310 medium 5.5 4y ago Moderate: fribidi security update redhatsuserockylinuxdebian
CVE-2022-32990 medium 5.5 4y ago Moderate: gimp security and enhancement update redhatsusedebianrockylinux
CVE-2022-49543 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: ath11k: fix the warning of dev_wake in mhi_pm_disable_transition() When test device recovery with below command, it has warning i… redhatsusedebian
CVE-2022-49708 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug_on ext4_mb_use_inode_pa Hulk Robot reported a BUG_ON: =============================================================… redhatsusedebian
CVE-2022-27191 medium 5.5 4y ago Moderate: buildah security and bug fix update redhatalmalinuxsuserockylinux+2