CVEs from 2022
Total
8,251
critical
critical 88
high
high 1,240
medium
medium 887
low
low 23
% Critical
1.1%
% with KEV
1.6%
% with exploit
1.6%
Top products
- jdk 116
- jre 109
- openjdk 100
- zulu 82
- graalvm 74
- cloud_secure_agent 35
- oncommand_insight 34
- cloud_insights_acquisition_unit 34
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2022-39229 | medium | — | 5.5 | 3y ago | Moderate: grafana security and enhancement update | |
| CVE-2022-44793 | medium | — | 5.5 | 3y ago | Moderate: net-snmp security and bug fix update | |
| CVE-2022-3970 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |
| CVE-2022-39316 | medium | — | 5.5 | 3y ago | Moderate: freerdp security update | |
| CVE-2022-39253 | medium | — | 5.5 | 3y ago | Moderate: git security and bug fix update | |
| CVE-2022-39318 | medium | — | 5.5 | 3y ago | Moderate: freerdp security update | |
| CVE-2022-39317 | medium | — | 5.5 | 3y ago | Moderate: freerdp security update | |
| CVE-2022-41724 | medium | — | 5.5 | 3y ago | Moderate: container-tools:4.0 security and bug fix update | |
| CVE-2022-30788 | medium | — | 5.5 | 3y ago | Moderate: libguestfs-winsupport security update | |
| CVE-2022-1922 | medium | — | 5.5 | 3y ago | Moderate: gstreamer1-plugins-good security update | |
| CVE-2022-3551 | medium | — | 5.5 | 3y ago | Moderate: xorg-x11-server-Xwayland security update | |
| CVE-2022-4172 | medium | — | 5.5 | 3y ago | Moderate: qemu-kvm security, bug fix, and enhancement update | |
| CVE-2022-37454 | medium | — | 5.5 | 3y ago | Moderate: php security update | |
| CVE-2022-41862 | medium | — | 5.5 | 3y ago | Moderate: postgresql security update | |
| CVE-2022-2625 | medium | — | 5.5 | 3y ago | Moderate: postgresql security update | |
| CVE-2022-4899 | medium | — | 5.5 | 3y ago | Moderate: mysql security update | |
| CVE-2022-37436 | medium | — | 5.5 | 3y ago | Moderate: httpd security and bug fix update | |
| CVE-2022-47024 | medium | — | 5.5 | 3y ago | Moderate: vim security update | |
| CVE-2022-31631 | medium | — | 5.5 | 3y ago | Moderate: php security update | |
| CVE-2022-31630 | medium | — | 5.5 | 3y ago | Moderate: php security update | |
| CVE-2022-36760 | medium | — | 5.5 | 3y ago | Moderate: httpd security and bug fix update | |
| CVE-2022-45873 | medium | — | 5.5 | 3y ago | Moderate: systemd security update | |
| CVE-2022-4415 | medium | — | 5.5 | 3y ago | Moderate: systemd security update | |
| CVE-2022-45061 | medium | — | 5.5 | 3y ago | Moderate: python39:3.9 and python39-devel:3.9 security update | |
| CVE-2022-31629 | medium | — | 5.5 | 3y ago | Moderate: php security update | |
| CVE-2022-40897 | medium | — | 5.5 | 3y ago | Moderate: python-setuptools security update | |
| CVE-2022-31628 | medium | — | 5.5 | 3y ago | Moderate: php security update | |
| CVE-2022-48303 | medium | — | 5.5 | 3y ago | Moderate: tar security update | |
| CVE-2022-4203 | medium | — | 5.5 | 3y ago | Moderate: openssl security and bug fix update | |
| CVE-2022-31197 | medium | — | 5.5 | 3y ago | Moderate: postgresql-jdbc security update | |
| CVE-2022-32221 | medium | — | 5.5 | 3y ago | Moderate: curl security update | |
| CVE-2022-40304 | medium | — | 5.5 | 3y ago | Moderate: libxml2 security update | |
| CVE-2022-26306 | medium | — | 5.5 | 3y ago | Moderate: libreoffice security update | |
| CVE-2022-2953 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |
| CVE-2022-42011 | medium | — | 5.5 | 3y ago | Moderate: dbus security update | |
| CVE-2022-27664 | medium | — | 5.5 | 3y ago | Moderate: git-lfs security and bug fix update | |
| CVE-2022-3821 | medium | — | 5.5 | 3y ago | Moderate: systemd security update | |
| CVE-2022-42010 | medium | — | 5.5 | 3y ago | Moderate: dbus security update | |
| CVE-2022-26307 | medium | — | 5.5 | 3y ago | Moderate: libreoffice security update | |
| CVE-2022-3715 | medium | — | 5.5 | 3y ago | Moderate: bash security update | |
| CVE-2022-2057 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |
| CVE-2022-41717 | medium | — | 5.5 | 3y ago | Moderate: container-tools:4.0 security and bug fix update | |
| CVE-2022-2520 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |
| CVE-2022-2519 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |
| CVE-2022-2521 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |
| CVE-2022-41715 | medium | — | 5.5 | 3y ago | Moderate: git-lfs security and bug fix update | |
| CVE-2022-3140 | medium | — | 5.5 | 3y ago | Moderate: libreoffice security update | |
| CVE-2022-26305 | medium | — | 5.5 | 3y ago | Moderate: libreoffice security update | |
| CVE-2022-2880 | medium | — | 5.5 | 3y ago | Moderate: git-lfs security and bug fix update | |
| CVE-2022-2056 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |
| CVE-2022-40303 | medium | — | 5.5 | 3y ago | Moderate: libxml2 security update | |
| CVE-2022-2058 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |
| CVE-2022-42012 | medium | — | 5.5 | 3y ago | Moderate: dbus security update | |
| CVE-2022-2879 | medium | — | 5.5 | 3y ago | Moderate: Image Builder security, bug fix, and enhancement update | |
| CVE-2022-43680 | medium | — | 5.5 | 3y ago | In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. | |
| CVE-2022-4144 | medium | — | 5.5 | 3y ago | Moderate: virt:rhel and virt-devel:rhel security and bug fix update | |
| CVE-2022-2869 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |
| CVE-2022-2867 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |
| CVE-2022-2868 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |
| CVE-2022-3517 | medium | — | 5.5 | 4y ago | Moderate: nodejs:16 security, bug fix, and enhancement update | |
| CVE-2022-43548 | medium | — | 5.5 | 4y ago | Moderate: nodejs:16 security, bug fix, and enhancement update | |
| CVE-2022-45442 | medium | — | 5.5 | 4y ago | Moderate: pcs security update | |
| CVE-2022-24999 | medium | — | 5.5 | 4y ago | Moderate: nodejs:14 security, bug fix, and enhancement update | |
| CVE-2022-49199 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/nldev: Prevent underflow in nldev_stat_set_counter_dynamic_doit() This code checks "index" for an upper bound but it does no… | |
| CVE-2022-49130 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: ath11k: mhi: use mhi_sync_power_up() If amss.bin was missing ath11k would crash during 'rmmod ath11k_pci'. The reason for that wa… | |
| CVE-2022-49559 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Drop WARNs that assert a triple fault never "escapes" from L2 Remove WARNs that sanity check that KVM never lets a trip… | |
| CVE-2022-49122 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: dm ioctl: prevent potential spectre v1 gadget It appears like cmd could be a Spectre v1 gadget as it's supplied by a user and use… | |
| CVE-2022-49409 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug_on in __es_tree_search Hulk Robot reported a BUG_ON: ==============================================================… | |
| CVE-2022-49268 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: Fix NULL ptr dereference when ENOMEM Do not call snd_dma_free_pages() when snd_dma_alloc_pages() returns -ENOME… | |
| CVE-2022-22719 | medium | — | 5.5 | 4y ago | Moderate: httpd security, bug fix, and enhancement update | |
| CVE-2022-30698 | medium | — | 5.5 | 4y ago | Moderate: unbound security, bug fix, and enhancement update | |
| CVE-2022-50179 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: ath9k: fix use-after-free in ath9k_hif_usb_rx_cb Syzbot reported use-after-free Read in ath9k_hif_usb_rx_cb() [0]. The problem wa… | |
| CVE-2022-36946 | medium | — | 5.5 | 4y ago | Moderate: kernel security, bug fix, and enhancement update | |
| CVE-2022-49270 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: dm: fix use-after-free in dm_cleanup_zoned_dev() dm_cleanup_zoned_dev() uses queue, so it must be called before blk_cleanup_disk(… | |
| CVE-2022-50000 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: fix stuck flows on cleanup due to pending work To clear the flow table on flow table free, the following se… | |
| CVE-2022-22624 | medium | — | 5.5 | 4y ago | Moderate: webkit2gtk3 security and bug fix update | |
| CVE-2022-0934 | medium | — | 5.5 | 4y ago | Moderate: dnsmasq security and bug fix update | |
| CVE-2022-49215 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: xsk: Fix race at socket teardown Fix a race in the xsk socket teardown code that can lead to a NULL pointer dereference splat. Th… | |
| CVE-2022-50084 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: dm raid: fix address sanitizer warning in raid_status There is this warning when using a kernel with the address sanitizer and ru… | |
| CVE-2022-0996 | medium | — | 5.5 | 4y ago | Moderate: 389-ds-base security, bug fix, and enhancement update | |
| CVE-2022-48735 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix UAF of leds class devs at unbinding The LED class devices that are created by HD-audio codec drivers are registere… | |
| CVE-2022-49606 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix sleep from invalid context BUG Taking the qos_mutex to process RoCEv2 QP's on netdev events causes a kernel splat… | |
| CVE-2022-49160 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash during module load unload test During purex packet handling the driver was incorrectly freeing a pre-all… | |
| CVE-2022-49129 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: fix crash when startup fails. If the nic fails to start, it is possible that the reset_work has already been schedu… | |
| CVE-2022-48765 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: KVM: LAPIC: Also cancel preemption timer during SET_LAPIC The below warning is splatting during guest reboot. ------------[ cu… | |
| CVE-2022-39190 | medium | — | 5.5 | 4y ago | Moderate: kernel-rt security and bug fix update | |
| CVE-2022-32891 | medium | — | 5.5 | 4y ago | The issue was addressed with improved UI handling. This issue is fixed in Safari 16, tvOS 16, watchOS 9, iOS 16. Visiting a website that frames malicious content may lead to UI spoofing. | |
| CVE-2022-26719 | medium | — | 5.5 | 4y ago | Moderate: webkit2gtk3 security and bug fix update | |
| CVE-2022-48738 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Reject out of bounds values in snd_soc_put_volsw() We don't currently validate that the values being set are within th… | |
| CVE-2022-49098 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fix potential crash on module unload The vmbus driver relies on the panic notifier infrastructure to perform … | |
| CVE-2022-1048 | medium | — | 5.5 | 4y ago | Moderate: kernel-rt security and bug fix update | |
| CVE-2022-50085 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: dm raid: fix address sanitizer warning in raid_resume There is a KASAN warning in raid_resume when running the lvm test lvconvert… | |
| CVE-2022-49272 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix potential AB/BA lock with buffer_mutex and mmap_lock syzbot caught a potential deadlock between the PCM runtime->b… | |
| CVE-2022-49086 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix leak of nested actions While parsing user-provided actions, openvswitch module may dynamically allocate mem… | |
| CVE-2022-49265 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: PM: domains: Fix sleep-in-atomic bug caused by genpd_debug_remove() When a genpd with GENPD_FLAG_IRQ_SAFE gets removed, the follo… | |
| CVE-2022-21166 | medium | — | 5.5 | 4y ago | Moderate: kernel security, bug fix, and enhancement update | |
| CVE-2022-32792 | medium | — | 5.5 | 4y ago | An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing malici… | |
| CVE-2022-2989 | medium | — | 5.5 | 4y ago | Moderate: buildah security and bug fix update | |
| CVE-2022-49695 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: igb: fix a use-after-free issue in igb_clean_tx_ring Fix the following use-after-free bug in igb_clean_tx_ring routine when the N… | |
| CVE-2022-49561 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: re-fetch conntrack after insertion In case the conntrack is clashing, insertion can free skb->_nfct and set… |