VIR Vulnerability Intelligence Relay

CVEs from 2022

6,001 normalized CVEs published or assigned in this year.

Total
6,001
critical
critical 88
high
high 1,239
medium
medium 887
low
low 24
% Critical
1.5%
% with KEV
2.2%
% with exploit
2.2%

Top vendors

Top products

  • jdk 116
  • jre 109
  • openjdk 100
  • zulu 82
  • graalvm 74
  • cloud_secure_agent 35
  • oncommand_insight 34
  • cloud_insights_acquisition_unit 34

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2022-2625 medium 5.5 3y ago Moderate: postgresql security update redhatrockylinuxsusedebian
CVE-2022-41862 medium 5.5 3y ago Moderate: postgresql security update redhatrockylinuxsusedebian
CVE-2022-4899 medium 5.5 3y ago Moderate: mysql security update redhatrockylinuxsusedebian+1
CVE-2022-45061 medium 5.5 3y ago Moderate: python39:3.9 and python39-devel:3.9 security update rockylinuxredhatsusedebian
CVE-2022-40897 medium 5.5 3y ago Moderate: python-setuptools security update redhatrockylinuxsusedebian+1
CVE-2022-48303 medium 5.5 3y ago Moderate: tar security update redhatrockylinuxsusedebian
CVE-2022-4415 medium 5.5 3y ago Moderate: systemd security update redhatrockylinuxsusedebian+1
CVE-2022-45873 medium 5.5 3y ago Moderate: systemd security update redhatsuserockylinuxdebian+1
CVE-2022-47024 medium 5.5 3y ago Moderate: vim security update archredhatsuserockylinux+2
CVE-2022-31630 medium 5.5 3y ago Moderate: php:8.1 security update rockylinuxredhatsusedebian+1
CVE-2022-31628 medium 5.5 3y ago Moderate: php:8.1 security update rockylinuxredhatsusedebian+1
CVE-2022-31629 medium 5.5 3y ago Moderate: php:8.1 security update rockylinuxredhatdebianalmalinux
CVE-2022-37436 medium 5.5 3y ago Moderate: httpd security and bug fix update archdebianredhatrockylinux+2
CVE-2022-36760 medium 5.5 3y ago Moderate: httpd security and bug fix update archdebianredhatrockylinux+2
CVE-2022-31631 medium 5.5 3y ago Moderate: php:8.1 security update rockylinuxredhatsusedebian+1
CVE-2022-4304 medium 5.5 3y ago Moderate: openssl security and bug fix update redhatrockylinuxsusedebian+2
CVE-2022-4203 medium 5.5 3y ago Moderate: openssl security and bug fix update redhatsuserockylinuxdebian+2
CVE-2022-4450 medium 5.5 3y ago Moderate: openssl security and bug fix update redhatrockylinuxsusedebian+2
CVE-2022-2879 medium 5.5 3y ago Moderate: Image Builder security, bug fix, and enhancement update redhatrockylinuxsusedebian+1
CVE-2022-42011 medium 5.5 3y ago Moderate: dbus security update archredhatdebianrockylinux+1
CVE-2022-40304 medium 5.5 3y ago Moderate: libxml2 security update redhatrockylinuxsusedebian
CVE-2022-2520 medium 5.5 3y ago Moderate: libtiff security update archredhatalmalinuxrockylinux+2
CVE-2022-32221 medium 5.5 3y ago Moderate: curl security update redhatdebiansuserockylinux+1
CVE-2022-2521 medium 5.5 3y ago Moderate: libtiff security update archredhatalmalinuxrockylinux+2
CVE-2022-42010 medium 5.5 3y ago Moderate: dbus security update archredhatdebianrockylinux+1
CVE-2022-26306 medium 5.5 3y ago Moderate: libreoffice security update archredhatrockylinuxsuse+2
CVE-2022-2953 medium 5.5 3y ago Moderate: libtiff security update archredhatalmalinuxrockylinux+2
CVE-2022-3140 medium 5.5 3y ago Moderate: libreoffice security update archredhatrockylinuxdebian+1
CVE-2022-26305 medium 5.5 3y ago Moderate: libreoffice security update archredhatrockylinuxsuse+2
CVE-2022-2056 medium 5.5 3y ago Moderate: libtiff security update archredhatrockylinuxsuse+2
CVE-2022-2880 medium 5.5 3y ago Moderate: git-lfs security and bug fix update redhatrockylinuxsusedebian+1
CVE-2022-2058 medium 5.5 3y ago Moderate: libtiff security update archredhatalmalinuxrockylinux+2
CVE-2022-26307 medium 5.5 3y ago Moderate: libreoffice security update archredhatrockylinuxsuse+2
CVE-2022-41715 medium 5.5 3y ago Moderate: golang-github-cpuguy83-md2man security, bug fix, and enhancement update redhatalmalinuxrockylinuxsuse+2
CVE-2022-2519 medium 5.5 3y ago Moderate: libtiff security update archredhatalmalinuxrockylinux+2
CVE-2022-2057 medium 5.5 3y ago Moderate: libtiff security update archredhatrockylinuxsuse+2
CVE-2022-42012 medium 5.5 3y ago Moderate: dbus security update archredhatdebianrockylinux+1
CVE-2022-43680 medium 5.5 3y ago In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. redhatdebianrockylinuxsuse
CVE-2022-31197 medium 5.5 3y ago Moderate: postgresql-jdbc security update redhatsusedebianrockylinux+2
CVE-2022-27664 medium 5.5 3y ago Moderate: toolbox security and bug fix update rockylinuxredhatsusedebian+2
CVE-2022-41717 medium 5.5 3y ago Moderate: podman security and bug fix update rockylinuxredhatsusedebian+2
CVE-2022-3821 medium 5.5 3y ago Moderate: systemd security update redhatsuserockylinuxdebian
CVE-2022-3715 medium 5.5 3y ago Moderate: bash security update redhatdebianrockylinux
CVE-2022-40303 medium 5.5 3y ago Moderate: libxml2 security update redhatrockylinuxsusedebian
CVE-2022-2867 medium 5.5 3y ago Moderate: libtiff security update archrockylinuxsusedebian
CVE-2022-2868 medium 5.5 3y ago Moderate: libtiff security update archrockylinuxsusedebian
CVE-2022-2869 medium 5.5 3y ago Moderate: libtiff security update archrockylinuxsusedebian
CVE-2022-4144 medium 5.5 3y ago Moderate: virt:rhel and virt-devel:rhel security and bug fix update rockylinuxsusedebian
CVE-2022-43548 medium 5.5 4y ago Moderate: nodejs:18 security, bug fix, and enhancement update redhatrockylinuxsusedebian+1
CVE-2022-3517 medium 5.5 4y ago Moderate: nodejs:18 security, bug fix, and enhancement update redhatrockylinuxdebianalmalinux+1
CVE-2022-45442 medium 5.5 4y ago Moderate: pcs security update redhatrockylinuxsusedebian+1
CVE-2022-24999 medium 5.5 4y ago Moderate: nodejs:14 security, bug fix, and enhancement update rockylinuxdebiannpm
CVE-2022-49123 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: ath11k: Fix frames flush failure caused by deadlock We are seeing below warnings: kernel: [25393.301506] ath11k_pci 0000:01:00.0… redhatsusedebian
CVE-2022-21123 medium 5.5 4y ago Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. almalinuxredhatsuserockylinux+1
CVE-2022-21166 medium 5.5 4y ago Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. redhatalmalinuxsuserockylinux+1
CVE-2022-30293 medium 5.5 4y ago Moderate: webkit2gtk3 security and bug fix update redhatarchrockylinuxsuse+1
CVE-2022-49109 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: ceph: fix inode reference leakage in ceph_get_snapdir() The ceph_get_inode() will search for or insert a new inode into the hash … redhatsusedebian
CVE-2022-21499 medium 5.5 4y ago KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that t… archalmalinuxredhatrockylinux+2
CVE-2022-49732 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: sock: redo the psock vs ULP protection check Commit 8a59f9d1e3d4 ("sock: Introduce sk->sk_prot->psock_update_sk_prot()") has move… redhatsusedebian
CVE-2022-49695 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: igb: fix a use-after-free issue in igb_clean_tx_ring Fix the following use-after-free bug in igb_clean_tx_ring routine when the N… redhatsusedebian
CVE-2022-49584 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: ixgbe: Add locking to prevent panic when setting sriov_numvfs to zero It is possible to disable VFs while the PF driver is proces… redhatsusedebian
CVE-2022-49253 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: media: usb: go7007: s2250-board: fix leak in probe() Call i2c_unregister_device(audio) on this error path. redhatsusedebian
CVE-2022-25308 medium 5.5 4y ago Moderate: fribidi security update redhatsuserockylinuxdebian
CVE-2022-49247 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: media: stk1160: If start stream fails, return buffers with VB2_BUF_STATE_QUEUED If the callback 'start_streaming' fails, then all… redhatsusedebian
CVE-2022-2850 medium 5.5 4y ago Moderate: 389-ds-base security, bug fix, and enhancement update debianredhatsuserockylinux
CVE-2022-49227 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: igc: avoid kernel warning when changing RX ring parameters Calling ethtool changing the RX ring parameters like this: $ ethtoo… redhatsusedebian
CVE-2022-21125 medium 5.5 4y ago Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. almalinuxredhatsuserockylinux+1
CVE-2022-49708 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug_on ext4_mb_use_inode_pa Hulk Robot reported a BUG_ON: =============================================================… redhatsusedebian
CVE-2022-20572 medium 5.5 4y ago In verity_target of dm-verity-target.c, there is a possible way to modify read-only files due to a missing permission check. This could lead to local escalation of privilege with System execution pri… redhatsusedebian
CVE-2022-26717 medium 5.5 4y ago Moderate: webkit2gtk3 security and bug fix update redhatarchrockylinuxsuse+1
CVE-2022-49215 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: xsk: Fix race at socket teardown Fix a race in the xsk socket teardown code that can lead to a NULL pointer dereference splat. Th… redhatsusedebian
CVE-2022-49265 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: PM: domains: Fix sleep-in-atomic bug caused by genpd_debug_remove() When a genpd with GENPD_FLAG_IRQ_SAFE gets removed, the follo… redhatsusedebian
CVE-2022-49199 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/nldev: Prevent underflow in nldev_stat_set_counter_dynamic_doit() This code checks "index" for an upper bound but it does no… redhatsusedebian
CVE-2022-32891 medium 5.5 4y ago The issue was addressed with improved UI handling. This issue is fixed in Safari 16, tvOS 16, watchOS 9, iOS 16. Visiting a website that frames malicious content may lead to UI spoofing. archredhatsusedebian
CVE-2022-22628 medium 5.5 4y ago Moderate: webkit2gtk3 security and bug fix update redhatrockylinuxsusedebian
CVE-2022-22624 medium 5.5 4y ago Moderate: webkit2gtk3 security and bug fix update redhatrockylinuxsusedebian
CVE-2022-25310 medium 5.5 4y ago Moderate: fribidi security update redhatsuserockylinuxdebian
CVE-2022-20368 medium 5.5 4y ago Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel almalinuxredhatrockylinuxsuse+1
CVE-2022-49710 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: dm mirror log: round up region bitmap size to BITS_PER_LONG The code in dm-log rounds up bitset_size to 32 bits. It then uses fin… redhatsusedebian
CVE-2022-30698 medium 5.5 4y ago Moderate: unbound security, bug fix, and enhancement update redhatrockylinuxsusedebian
CVE-2022-1355 medium 5.5 4y ago Moderate: libtiff security update archredhatrockylinuxdebian+1
CVE-2022-49270 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: dm: fix use-after-free in dm_cleanup_zoned_dev() dm_cleanup_zoned_dev() uses queue, so it must be called before blk_cleanup_disk(… redhatsusedebian
CVE-2022-31625 medium 5.5 4y ago Moderate: php security, bug fix, and enhancement update archredhatrockylinuxsuse+1
CVE-2022-49107 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: ceph: fix memory leak in ceph_readdir when note_last_dentry returns error Reset the last_readdir at the same time, and add a comm… redhatsusedebian
CVE-2022-49188 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: remoteproc: qcom_q6v5_mss: Fix some leaks in q6v5_alloc_memory_region The device_node pointer is returned by of_parse_phandle() o… redhatsusedebian
CVE-2022-49066 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: veth: Ensure eth header is in skb's linear part After feeding a decapsulated packet to a veth device with act_mirred, skb_headlen… redhatsusedebian
CVE-2022-49671 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/cm: Fix memory leak in ib_cm_insert_listen cm_alloc_id_priv() allocates resource for the cm_id_priv. When cm_init_listen() f… redhatsusedebian
CVE-2022-32816 medium 5.5 4y ago The issue was addressed with improved UI handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. Visiting a website that frames malicious content may l… archredhatsusedebian
CVE-2022-49098 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fix potential crash on module unload The vmbus driver relies on the panic notifier infrastructure to perform … redhatsusedebian
CVE-2022-26125 medium 5.5 4y ago Moderate: frr security, bug fix, and enhancement update redhatsusedebianrockylinux
CVE-2022-1998 medium 5.5 4y ago A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user(). A local user could use this … redhatalmalinuxsusedebian
CVE-2022-1348 medium 5.5 4y ago Moderate: logrotate security update redhatsuserockylinuxdebian
CVE-2022-49297 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: nbd: fix io hung while disconnecting device In our tests, "qemu-nbd" triggers a io hung: INFO: task qemu-nbd:11445 blocked for m… redhatsusedebian
CVE-2022-49691 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: erspan: do not assume transport header is always set Rewrite tests in ip6erspan_tunnel_xmit() and erspan_fb_xmit() to not assume … redhatsusedebian
CVE-2022-30550 medium 5.5 4y ago Moderate: dovecot security and enhancement update archredhatdebianrockylinux+2
CVE-2022-1354 medium 5.5 4y ago Moderate: libtiff security update archredhatdebianalmalinux
CVE-2022-49673 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: dm raid: fix KASAN warning in raid5_add_disks There's a KASAN warning in raid5_add_disk when running the LVM testsuite. The warni… redhatsusedebian
CVE-2022-27337 medium 5.5 4y ago Moderate: poppler security and bug fix update archredhatrockylinuxsuse+2
CVE-2022-49175 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: PM: core: keep irq flags in device_pm_check_callbacks() The function device_pm_check_callbacks() can be called under the spin loc… redhatsusedebian
CVE-2022-48912 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: netfilter: fix use-after-free in __nf_register_net_hook() We must not dereference @new_hooks after nf_hook_mutex has been release… redhatsusedebian