CVEs from 2022
Total
5,752
critical
critical 89
high
high 1,231
medium
medium 900
low
low 24
% Critical
1.5%
% with KEV
2.3%
% with exploit
2.5%
Top vendors
Top products
- jdk 116
- jre 109
- openjdk 100
- zulu 82
- graalvm 74
- cloud_secure_agent 35
- oncommand_insight 34
- cloud_insights_acquisition_unit 34
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-49710 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: dm mirror log: round up region bitmap size to BITS_PER_LONG The code in dm-log rounds up bitset_size to 32 bits. It then uses fin… | |||
| CVE-2022-49732 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: sock: redo the psock vs ULP protection check Commit 8a59f9d1e3d4 ("sock: Introduce sk->sk_prot->psock_update_sk_prot()") has move… | |||
| CVE-2022-50001 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_tproxy: restrict to prerouting hook TPROXY is only allowed from prerouting, but nft_tproxy doesn't check this. Thi… | |||
| CVE-2022-50027 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix possible memory leak when failing to issue CMF WQE There is no corresponding free routine if lpfc_sli4_issue_wqe … | |||
| CVE-2022-50030 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed user input Malformed user input to debugfs results in buffe… | |||
| CVE-2022-50048 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: possible module reference underflow in error path dst->ops is set on when nft_expr_clone() fails, but modul… | |||
| CVE-2022-50084 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: dm raid: fix address sanitizer warning in raid_status There is this warning when using a kernel with the address sanitizer and ru… | |||
| CVE-2022-50085 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: dm raid: fix address sanitizer warning in raid_resume There is a KASAN warning in raid_resume when running the lvm test lvconvert… | |||
| CVE-2022-50115 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc3-topology: Prevent double freeing of ipc_control_data via load_bytes We have sanity checks for byte controls and i… | |||
| CVE-2022-50178 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: 8852a: rfk: fix div 0 exception The DPK is a kind of RF calibration whose algorithm is to fine tune parameters and c… | |||
| CVE-2022-50179 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: ath9k: fix use-after-free in ath9k_hif_usb_rx_cb Syzbot reported use-after-free Read in ath9k_hif_usb_rx_cb() [0]. The problem wa… | |||
| CVE-2022-50187 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: ath11k: fix netdev open race Make sure to allocate resources needed before registering the device. This specifically avoids havi… | |||
| CVE-2022-50213 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: do not allow SET_ID to refer to another table When doing lookups for sets on the same batch by using its ID… | |||
| CVE-2022-50212 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: do not allow CHAIN_ID to refer to another table When doing lookups for chains on the same batch by using it… | |||
| CVE-2022-48918 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: iwlwifi: mvm: check debugfs_dir ptr before use When "debugfs=off" is used on the kernel command line, iwiwifi's mvm module uses a… | |||
| CVE-2022-1049 | medium | — | 5.5 | 4y ago | A flaw was found in the Pacemaker configuration tool (pcs). The pcs daemon was allowing expired accounts, and accounts with expired passwords to login when using PAM authentication. Therefore, unpriv… | |||
| CVE-2022-50000 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: fix stuck flows on cleanup due to pending work To clear the flow table on flow table free, the following se… | |||
| CVE-2022-25255 | medium | — | 5.5 | 4y ago | Moderate: qt5 security and bug fix update | |||
| CVE-2022-50092 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: dm thin: fix use-after-free crash in dm_sm_register_threshold_callback Fault inject on pool metadata device reports: BUG: KASAN… | |||
| CVE-2022-22721 | medium | — | 5.5 | 4y ago | Moderate: httpd security, bug fix, and enhancement update | |||
| CVE-2022-23943 | medium | — | 5.5 | 4y ago | Moderate: httpd security, bug fix, and enhancement update | |||
| CVE-2022-26377 | medium | — | 5.5 | 4y ago | Moderate: httpd security, bug fix, and enhancement update | |||
| CVE-2022-29404 | medium | — | 5.5 | 4y ago | Moderate: httpd security, bug fix, and enhancement update | |||
| CVE-2022-28614 | medium | — | 5.5 | 4y ago | Moderate: httpd security, bug fix, and enhancement update | |||
| CVE-2022-28615 | medium | — | 5.5 | 4y ago | Moderate: httpd security, bug fix, and enhancement update | |||
| CVE-2022-30522 | medium | — | 5.5 | 4y ago | Moderate: httpd security, bug fix, and enhancement update | |||
| CVE-2022-30556 | medium | — | 5.5 | 4y ago | Moderate: httpd security, bug fix, and enhancement update | |||
| CVE-2022-31813 | medium | — | 5.5 | 4y ago | Moderate: httpd security, bug fix, and enhancement update | |||
| CVE-2022-0561 | medium | — | 5.5 | 4y ago | Moderate: libtiff security update | |||
| CVE-2022-27337 | medium | — | 5.5 | 4y ago | Moderate: poppler security and bug fix update | |||
| CVE-2022-0562 | medium | — | 5.5 | 4y ago | Moderate: libtiff security update | |||
| CVE-2022-0865 | medium | — | 5.5 | 4y ago | Moderate: libtiff security update | |||
| CVE-2022-0891 | medium | — | 5.5 | 4y ago | Moderate: libtiff security update | |||
| CVE-2022-0908 | medium | — | 5.5 | 4y ago | Moderate: libtiff security update | |||
| CVE-2022-0924 | medium | — | 5.5 | 4y ago | Moderate: libtiff security update | |||
| CVE-2022-0909 | medium | — | 5.5 | 4y ago | Moderate: libtiff security update | |||
| CVE-2022-22844 | medium | — | 5.5 | 4y ago | Moderate: libtiff security update | |||
| CVE-2022-1354 | medium | — | 5.5 | 4y ago | Moderate: libtiff security update | |||
| CVE-2022-1355 | medium | — | 5.5 | 4y ago | Moderate: libtiff security update | |||
| CVE-2022-30550 | medium | — | 5.5 | 4y ago | Moderate: dovecot security and enhancement update | |||
| CVE-2022-23825 | medium | — | 5.5 | 4y ago | Moderate: kernel security, bug fix, and enhancement update | |||
| CVE-2022-23816 | medium | — | 5.5 | 4y ago | Moderate: kernel security, bug fix, and enhancement update | |||
| CVE-2022-49465 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: blk-throttle: Set BIO_THROTTLED when bio has been throttled 1.In current process, all bio will set the BIO_THROTTLED flag after _… | |||
| CVE-2022-32189 | medium | — | 5.5 | 4y ago | Moderate: git-lfs security and bug fix update | |||
| CVE-2022-49557 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: x86/fpu: KVM: Set the base guest FPU uABI size to sizeof(struct kvm_xsave) Set the starting uABI size of KVM's guest FPU to 'stru… | |||
| CVE-2022-26709 | medium | — | 5.5 | 4y ago | Moderate: webkit2gtk3 security and bug fix update | |||
| CVE-2022-1706 | medium | — | 5.5 | 4y ago | Moderate: ignition security, bug fix, and enhancement update | |||
| CVE-2022-2319 | medium | — | 5.5 | 4y ago | Moderate: xorg-x11-server security and bug fix update | |||
| CVE-2022-29162 | medium | — | 5.5 | 4y ago | Moderate: container-tools:4.0 security and bug fix update | |||
| CVE-2022-26716 | medium | — | 5.5 | 4y ago | Moderate: webkit2gtk3 security and bug fix update | |||
| CVE-2022-2320 | medium | — | 5.5 | 4y ago | Moderate: xorg-x11-server security and bug fix update | |||
| CVE-2022-27405 | medium | — | 5.5 | 4y ago | Moderate: freetype security update | |||
| CVE-2022-32792 | medium | — | 5.5 | 4y ago | An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing malici… | |||
| CVE-2022-26719 | medium | — | 5.5 | 4y ago | Moderate: webkit2gtk3 security and bug fix update | |||
| CVE-2022-49130 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: ath11k: mhi: use mhi_sync_power_up() If amss.bin was missing ath11k would crash during 'rmmod ath11k_pci'. The reason for that wa… | |||
| CVE-2022-25309 | medium | — | 5.5 | 4y ago | Moderate: fribidi security update | |||
| CVE-2022-48912 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: fix use-after-free in __nf_register_net_hook() We must not dereference @new_hooks after nf_hook_mutex has been release… | |||
| CVE-2022-49228 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a btf decl_tag bug when tagging a function syzbot reported a btf decl_tag bug with stack trace below: general protect… | |||
| CVE-2022-49605 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: igc: Reinstate IGC_REMOVED logic and implement it properly The initially merged version of the igc driver code (via commit 146740… | |||
| CVE-2022-1328 | medium | — | 5.5 | 4y ago | Moderate: mutt security update | |||
| CVE-2022-26125 | medium | — | 5.5 | 4y ago | Moderate: frr security, bug fix, and enhancement update | |||
| CVE-2022-0918 | medium | — | 5.5 | 4y ago | Moderate: 389-ds-base security, bug fix, and enhancement update | |||
| CVE-2022-1348 | medium | — | 5.5 | 4y ago | Moderate: logrotate security update | |||
| CVE-2022-32816 | medium | — | 5.5 | 4y ago | The issue was addressed with improved UI handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. Visiting a website that frames malicious content may l… | |||
| CVE-2022-31625 | medium | — | 5.5 | 4y ago | Moderate: php security, bug fix, and enhancement update | |||
| CVE-2022-28693 | medium | — | 5.5 | 4y ago | RHSA-2022:8267: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-49297 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: nbd: fix io hung while disconnecting device In our tests, "qemu-nbd" triggers a io hung: INFO: task qemu-nbd:11445 blocked for m… | |||
| CVE-2022-22629 | medium | — | 5.5 | 4y ago | Moderate: webkit2gtk3 security and bug fix update | |||
| CVE-2022-48936 | medium | — | 5.5 | 4y ago | Moderate: kernel-rt security update | |||
| CVE-2022-30699 | medium | — | 5.5 | 4y ago | Moderate: unbound security, bug fix, and enhancement update | |||
| CVE-2022-32990 | medium | — | 5.5 | 4y ago | Moderate: gimp security and enhancement update | |||
| CVE-2022-0396 | medium | — | 5.5 | 4y ago | Moderate: bind security update | |||
| CVE-2022-49543 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: ath11k: fix the warning of dev_wake in mhi_pm_disable_transition() When test device recovery with below command, it has warning i… | |||
| CVE-2022-25310 | medium | — | 5.5 | 4y ago | Moderate: fribidi security update | |||
| CVE-2022-27406 | medium | — | 5.5 | 4y ago | Moderate: freetype security update | |||
| CVE-2022-22662 | medium | — | 5.5 | 4y ago | Moderate: webkit2gtk3 security and bug fix update | |||
| CVE-2022-2309 | medium | — | 5.5 | 4y ago | Moderate: python-lxml security update | |||
| CVE-2022-3500 | medium | — | 5.5 | 4y ago | Moderate: keylime security update | |||
| CVE-2022-22624 | medium | — | 5.5 | 4y ago | Moderate: webkit2gtk3 security and bug fix update | |||
| CVE-2022-30698 | medium | — | 5.5 | 4y ago | Moderate: unbound security, bug fix, and enhancement update | |||
| CVE-2022-0996 | medium | — | 5.5 | 4y ago | Moderate: 389-ds-base security, bug fix, and enhancement update | |||
| CVE-2022-32891 | medium | — | 5.5 | 4y ago | The issue was addressed with improved UI handling. This issue is fixed in Safari 16, tvOS 16, watchOS 9, iOS 16. Visiting a website that frames malicious content may lead to UI spoofing. | |||
| CVE-2022-0934 | medium | — | 5.5 | 4y ago | Moderate: dnsmasq security and bug fix update | |||
| CVE-2022-27191 | medium | — | 5.5 | 4y ago | Moderate: buildah security and bug fix update | |||
| CVE-2022-2990 | medium | — | 5.5 | 4y ago | Moderate: buildah security and bug fix update | |||
| CVE-2022-26717 | medium | — | 5.5 | 4y ago | Moderate: webkit2gtk3 security and bug fix update | |||
| CVE-2022-25308 | medium | — | 5.5 | 4y ago | Moderate: fribidi security update | |||
| CVE-2022-49123 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: ath11k: Fix frames flush failure caused by deadlock We are seeing below warnings: kernel: [25393.301506] ath11k_pci 0000:01:00.0… | |||
| CVE-2022-30067 | medium | — | 5.5 | 4y ago | Moderate: gimp security and enhancement update | |||
| CVE-2022-27404 | medium | — | 5.5 | 4y ago | Moderate: freetype security update | |||
| CVE-2022-26700 | medium | — | 5.5 | 4y ago | Moderate: webkit2gtk3 security and bug fix update | |||
| CVE-2022-30293 | medium | — | 5.5 | 4y ago | Moderate: webkit2gtk3 security and bug fix update | |||
| CVE-2022-2850 | medium | — | 5.5 | 4y ago | Moderate: 389-ds-base security, bug fix, and enhancement update | |||
| CVE-2022-41105 | medium | 5.5 | 5.5 | 4y ago | Microsoft Excel Information Disclosure Vulnerability | |||
| CVE-2022-41104 | medium | 5.5 | 5.5 | 4y ago | Microsoft Excel Security Feature Bypass Vulnerability | |||
| CVE-2022-41103 | medium | 5.5 | 5.5 | 4y ago | Microsoft Word Information Disclosure Vulnerability | |||
| CVE-2022-41060 | medium | 5.5 | 5.5 | 4y ago | Microsoft Word Information Disclosure Vulnerability | |||
| CVE-2022-21682 | medium | — | 5.5 | 4y ago | Moderate: flatpak-builder security and bug fix update | |||
| CVE-2022-2938 | medium | — | 5.5 | 4y ago | A flaw was found in the Linux kernel's implementation of Pressure Stall Information. While the feature is disabled by default, it could allow an attacker to crash the system or have other memory-corr… | |||
| CVE-2022-21824 | medium | — | 5.5 | 4y ago | Moderate: nodejs:16 security, bug fix, and enhancement update |