VIR Vulnerability Intelligence Relay

CVEs from 2022

6,001 normalized CVEs published or assigned in this year.

Total
6,001
critical
critical 88
high
high 1,239
medium
medium 887
low
low 24
% Critical
1.5%
% with KEV
2.2%
% with exploit
2.2%

Top vendors

Top products

  • jdk 116
  • jre 109
  • openjdk 100
  • zulu 82
  • graalvm 74
  • cloud_secure_agent 35
  • oncommand_insight 34
  • cloud_insights_acquisition_unit 34

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2022-2625 medium 5.5 3y ago Moderate: postgresql security update redhatrockylinuxsusedebian
CVE-2022-41862 medium 5.5 3y ago Moderate: postgresql security update redhatrockylinuxsusedebian
CVE-2022-4899 medium 5.5 3y ago Moderate: mysql security update redhatrockylinuxsusedebian+1
CVE-2022-31629 medium 5.5 3y ago Moderate: php:8.1 security update rockylinuxredhatdebianalmalinux
CVE-2022-31628 medium 5.5 3y ago Moderate: php:8.1 security update rockylinuxredhatsusedebian+1
CVE-2022-31630 medium 5.5 3y ago Moderate: php:8.1 security update rockylinuxredhatsusedebian+1
CVE-2022-48303 medium 5.5 3y ago Moderate: tar security update redhatrockylinuxsusedebian
CVE-2022-31631 medium 5.5 3y ago Moderate: php:8.1 security update rockylinuxredhatsusedebian+1
CVE-2022-45061 medium 5.5 3y ago Moderate: python39:3.9 and python39-devel:3.9 security update rockylinuxredhatsusedebian
CVE-2022-36760 medium 5.5 3y ago Moderate: httpd security and bug fix update archdebianredhatrockylinux+2
CVE-2022-45873 medium 5.5 3y ago Moderate: systemd security update redhatsuserockylinuxdebian+1
CVE-2022-37436 medium 5.5 3y ago Moderate: httpd security and bug fix update archdebianredhatrockylinux+2
CVE-2022-4415 medium 5.5 3y ago Moderate: systemd security update redhatrockylinuxsusedebian+1
CVE-2022-47024 medium 5.5 3y ago Moderate: vim security update archredhatsuserockylinux+2
CVE-2022-40897 medium 5.5 3y ago Moderate: python-setuptools security update redhatrockylinuxsusedebian+1
CVE-2022-4450 medium 5.5 3y ago Moderate: openssl security and bug fix update redhatrockylinuxsusedebian+2
CVE-2022-4203 medium 5.5 3y ago Moderate: openssl security and bug fix update redhatsuserockylinuxdebian+2
CVE-2022-4304 medium 5.5 3y ago Moderate: openssl security and bug fix update redhatrockylinuxsusedebian+2
CVE-2022-2880 medium 5.5 3y ago Moderate: git-lfs security and bug fix update redhatrockylinuxsusedebian+1
CVE-2022-3821 medium 5.5 3y ago Moderate: systemd security update redhatsuserockylinuxdebian
CVE-2022-43680 medium 5.5 3y ago In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. redhatdebianrockylinuxsuse
CVE-2022-40303 medium 5.5 3y ago Moderate: libxml2 security update redhatrockylinuxsusedebian
CVE-2022-3715 medium 5.5 3y ago Moderate: bash security update redhatdebianrockylinux
CVE-2022-2879 medium 5.5 3y ago Moderate: Image Builder security, bug fix, and enhancement update redhatrockylinuxsusedebian+1
CVE-2022-41715 medium 5.5 3y ago Moderate: golang-github-cpuguy83-md2man security, bug fix, and enhancement update redhatalmalinuxrockylinuxsuse+2
CVE-2022-31197 medium 5.5 3y ago Moderate: postgresql-jdbc security update redhatsusedebianrockylinux+2
CVE-2022-42012 medium 5.5 3y ago Moderate: dbus security update archredhatdebianrockylinux+1
CVE-2022-2057 medium 5.5 3y ago Moderate: libtiff security update archredhatrockylinuxsuse+2
CVE-2022-40304 medium 5.5 3y ago Moderate: libxml2 security update redhatrockylinuxsusedebian
CVE-2022-2058 medium 5.5 3y ago Moderate: libtiff security update archredhatalmalinuxrockylinux+2
CVE-2022-42010 medium 5.5 3y ago Moderate: dbus security update archredhatdebianrockylinux+1
CVE-2022-32221 medium 5.5 3y ago Moderate: curl security update redhatdebiansuserockylinux+1
CVE-2022-26307 medium 5.5 3y ago Moderate: libreoffice security update archredhatrockylinuxsuse+2
CVE-2022-26305 medium 5.5 3y ago Moderate: libreoffice security update archredhatrockylinuxsuse+2
CVE-2022-26306 medium 5.5 3y ago Moderate: libreoffice security update archredhatrockylinuxsuse+2
CVE-2022-2520 medium 5.5 3y ago Moderate: libtiff security update archredhatalmalinuxrockylinux+2
CVE-2022-2056 medium 5.5 3y ago Moderate: libtiff security update archredhatrockylinuxsuse+2
CVE-2022-2521 medium 5.5 3y ago Moderate: libtiff security update archredhatalmalinuxrockylinux+2
CVE-2022-2953 medium 5.5 3y ago Moderate: libtiff security update archredhatalmalinuxrockylinux+2
CVE-2022-3140 medium 5.5 3y ago Moderate: libreoffice security update archredhatrockylinuxdebian+1
CVE-2022-41717 medium 5.5 3y ago Moderate: podman security and bug fix update rockylinuxredhatsusedebian+2
CVE-2022-2519 medium 5.5 3y ago Moderate: libtiff security update archredhatalmalinuxrockylinux+2
CVE-2022-42011 medium 5.5 3y ago Moderate: dbus security update archredhatdebianrockylinux+1
CVE-2022-27664 medium 5.5 3y ago Moderate: toolbox security and bug fix update rockylinuxredhatsusedebian+2
CVE-2022-4144 medium 5.5 3y ago Moderate: virt:rhel and virt-devel:rhel security and bug fix update rockylinuxsusedebian
CVE-2022-2869 medium 5.5 3y ago Moderate: libtiff security update archrockylinuxsusedebian
CVE-2022-2867 medium 5.5 3y ago Moderate: libtiff security update archrockylinuxsusedebian
CVE-2022-2868 medium 5.5 3y ago Moderate: libtiff security update archrockylinuxsusedebian
CVE-2022-43548 medium 5.5 4y ago Moderate: nodejs:18 security, bug fix, and enhancement update redhatrockylinuxsusedebian+1
CVE-2022-3517 medium 5.5 4y ago Moderate: nodejs:18 security, bug fix, and enhancement update redhatrockylinuxdebianalmalinux+1
CVE-2022-45442 medium 5.5 4y ago Moderate: pcs security update redhatrockylinuxsusedebian+1
CVE-2022-24999 medium 5.5 4y ago Moderate: nodejs:14 security, bug fix, and enhancement update rockylinuxdebiannpm
CVE-2022-1184 medium 5.5 4y ago A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel’s filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of servi… almalinuxredhatrockylinuxsuse+1
CVE-2022-1852 medium 5.5 4y ago A NULL pointer dereference flaw was found in the Linux kernel’s KVM module, which can lead to a denial of service in the x86_emulate_insn in arch/x86/kvm/emulate.c. This flaw occurs while executing a… almalinuxredhatrockylinuxsuse+1
CVE-2022-1679 medium 5.5 4y ago A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allow… redhatalmalinuxsusedebian
CVE-2022-30699 medium 5.5 4y ago Moderate: unbound security, bug fix, and enhancement update redhatrockylinuxsusedebian
CVE-2022-48912 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: netfilter: fix use-after-free in __nf_register_net_hook() We must not dereference @new_hooks after nf_hook_mutex has been release… redhatsusedebian
CVE-2022-28693 medium 5.5 4y ago RHSA-2022:8267: kernel security, bug fix, and enhancement update (Moderate) redhatsuse
CVE-2022-22624 medium 5.5 4y ago Moderate: webkit2gtk3 security and bug fix update redhatrockylinuxsusedebian
CVE-2022-32990 medium 5.5 4y ago Moderate: gimp security and enhancement update redhatsusedebianrockylinux
CVE-2022-49188 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: remoteproc: qcom_q6v5_mss: Fix some leaks in q6v5_alloc_memory_region The device_node pointer is returned by of_parse_phandle() o… redhatsusedebian
CVE-2022-39190 medium 5.5 4y ago An issue was discovered in net/netfilter/nf_tables_api.c in the Linux kernel before 5.19.6. A denial of service can occur upon binding to an already bound chain. redhatalmalinuxsusedebian
CVE-2022-30698 medium 5.5 4y ago Moderate: unbound security, bug fix, and enhancement update redhatrockylinuxsusedebian
CVE-2022-0396 medium 5.5 4y ago Moderate: bind security update redhatdebianarchsuse+1
CVE-2022-50092 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: dm thin: fix use-after-free crash in dm_sm_register_threshold_callback Fault inject on pool metadata device reports: BUG: KASAN… redhatsusedebian
CVE-2022-42432 medium 5.5 4y ago This vulnerability allows local attackers to disclose sensitive information on affected installations of the Linux Kernel 6.0-rc2. An attacker must first obtain the ability to execute high-privileged… redhatsusedebian
CVE-2022-1048 medium 5.5 4y ago A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PC… almalinuxredhatarchrockylinux+2
CVE-2022-49708 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug_on ext4_mb_use_inode_pa Hulk Robot reported a BUG_ON: =============================================================… redhatsusedebian
CVE-2022-22629 medium 5.5 4y ago Moderate: webkit2gtk3 security and bug fix update redhatrockylinuxsusedebian
CVE-2022-49297 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: nbd: fix io hung while disconnecting device In our tests, "qemu-nbd" triggers a io hung: INFO: task qemu-nbd:11445 blocked for m… redhatsusedebian
CVE-2022-49465 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: blk-throttle: Set BIO_THROTTLED when bio has been throttled 1.In current process, all bio will set the BIO_THROTTLED flag after _… redhatsusedebian
CVE-2022-1998 medium 5.5 4y ago A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user(). A local user could use this … redhatalmalinuxsusedebian
CVE-2022-1049 medium 5.5 4y ago Moderate: pcs security, bug fix, and enhancement update redhatrockylinuxdebian
CVE-2022-49215 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: xsk: Fix race at socket teardown Fix a race in the xsk socket teardown code that can lead to a NULL pointer dereference splat. Th… redhatsusedebian
CVE-2022-50027 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix possible memory leak when failing to issue CMF WQE There is no corresponding free routine if lpfc_sli4_issue_wqe … redhatsusedebian
CVE-2022-49130 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: ath11k: mhi: use mhi_sync_power_up() If amss.bin was missing ath11k would crash during 'rmmod ath11k_pci'. The reason for that wa… redhatsusedebian
CVE-2022-1280 medium 5.5 4y ago A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the Linux kernel due to a race problem. This flaw allows a local user privilege attacker to cause a denial… redhatalmalinuxsusedebian
CVE-2022-50179 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: ath9k: fix use-after-free in ath9k_hif_usb_rx_cb Syzbot reported use-after-free Read in ath9k_hif_usb_rx_cb() [0]. The problem wa… redhatsusedebian
CVE-2022-1263 medium 5.5 4y ago A NULL pointer dereference issue was found in KVM when releasing a vCPU with dirty ring support enabled. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, cau… redhatsusedebian
CVE-2022-48936 medium 5.5 4y ago Moderate: kernel-rt security update redhatrockylinuxsuse
CVE-2022-50178 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: 8852a: rfk: fix div 0 exception The DPK is a kind of RF calibration whose algorithm is to fine tune parameters and c… redhatsusedebian
CVE-2022-1016 medium 5.5 4y ago A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to… archalmalinuxredhatrockylinux+2
CVE-2022-3500 medium 5.5 4y ago Moderate: keylime security update redhatsuserockylinuxalmalinux+1
CVE-2022-48786 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: vsock: remove vsock from connected table when connect is interrupted by a signal vsock_connect() expects that the socket could al… redhatsusedebian
CVE-2022-2309 medium 5.5 4y ago Moderate: python-lxml security update redhatsusedebianrockylinux+1
CVE-2022-49270 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: dm: fix use-after-free in dm_cleanup_zoned_dev() dm_cleanup_zoned_dev() uses queue, so it must be called before blk_cleanup_disk(… redhatsusedebian
CVE-2022-49710 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: dm mirror log: round up region bitmap size to BITS_PER_LONG The code in dm-log rounds up bitset_size to 32 bits. It then uses fin… redhatsusedebian
CVE-2022-2319 medium 5.5 4y ago Moderate: xorg-x11-server security and bug fix update redhatarchsuserockylinux+1
CVE-2022-0168 medium 5.5 4y ago A denial of service (DOS) issue was found in the Linux kernel’s smb2_ioctl_query_info function in the fs/cifs/smb2ops.c Common Internet File System (CIFS) due to an incorrect return from the memdup_u… almalinuxredhatarchrockylinux+2
CVE-2022-1353 medium 5.5 4y ago A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system cras… archalmalinuxredhatsuse+2
CVE-2022-49199 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/nldev: Prevent underflow in nldev_stat_set_counter_dynamic_doit() This code checks "index" for an upper bound but it does no… redhatsusedebian
CVE-2022-25255 medium 5.5 4y ago Moderate: qt5 security and bug fix update redhatsuserockylinuxdebian+1
CVE-2022-26709 medium 5.5 4y ago Moderate: webkit2gtk3 security and bug fix update redhatarchrockylinuxsuse+1
CVE-2022-49259 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: block: don't delete queue kobject before its children kobjects aren't supposed to be deleted before their child kobjects are dele… redhatsusedebian
CVE-2022-1354 medium 5.5 4y ago Moderate: libtiff security update archredhatdebianalmalinux
CVE-2022-29162 medium 5.5 4y ago Moderate: container-tools:4.0 security and bug fix update redhatarchsuserockylinux+2
CVE-2022-49123 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: ath11k: Fix frames flush failure caused by deadlock We are seeing below warnings: kernel: [25393.301506] ath11k_pci 0000:01:00.0… redhatsusedebian
CVE-2022-49265 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: PM: domains: Fix sleep-in-atomic bug caused by genpd_debug_remove() When a genpd with GENPD_FLAG_IRQ_SAFE gets removed, the follo… redhatsusedebian
CVE-2022-49235 medium 5.5 4y ago In the Linux kernel, the following vulnerability has been resolved: ath9k_htc: fix uninit value bugs Syzbot reported 2 KMSAN bugs in ath9k. All of them are caused by missing field initialization. … redhatsusedebian
CVE-2022-23816 medium 5.5 4y ago Moderate: kernel security, bug fix, and enhancement update redhatalmalinuxsuserockylinux