CVEs from 2022
Total
6,001
critical
critical 88
high
high 1,239
medium
medium 887
low
low 24
% Critical
1.5%
% with KEV
2.2%
% with exploit
2.2%
Top products
- jdk 116
- jre 109
- openjdk 100
- zulu 82
- graalvm 74
- cloud_secure_agent 35
- oncommand_insight 34
- cloud_insights_acquisition_unit 34
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2022-50027 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix possible memory leak when failing to issue CMF WQE There is no corresponding free routine if lpfc_sli4_issue_wqe … | |
| CVE-2022-50030 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed user input Malformed user input to debugfs results in buffe… | |
| CVE-2022-50048 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: possible module reference underflow in error path dst->ops is set on when nft_expr_clone() fails, but modul… | |
| CVE-2022-50084 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: dm raid: fix address sanitizer warning in raid_status There is this warning when using a kernel with the address sanitizer and ru… | |
| CVE-2022-50085 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: dm raid: fix address sanitizer warning in raid_resume There is a KASAN warning in raid_resume when running the lvm test lvconvert… | |
| CVE-2022-50115 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc3-topology: Prevent double freeing of ipc_control_data via load_bytes We have sanity checks for byte controls and i… | |
| CVE-2022-50178 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: 8852a: rfk: fix div 0 exception The DPK is a kind of RF calibration whose algorithm is to fine tune parameters and c… | |
| CVE-2022-50179 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: ath9k: fix use-after-free in ath9k_hif_usb_rx_cb Syzbot reported use-after-free Read in ath9k_hif_usb_rx_cb() [0]. The problem wa… | |
| CVE-2022-50187 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: ath11k: fix netdev open race Make sure to allocate resources needed before registering the device. This specifically avoids havi… | |
| CVE-2022-50213 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: do not allow SET_ID to refer to another table When doing lookups for sets on the same batch by using its ID… | |
| CVE-2022-50212 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: do not allow CHAIN_ID to refer to another table When doing lookups for chains on the same batch by using it… | |
| CVE-2022-48918 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: iwlwifi: mvm: check debugfs_dir ptr before use When "debugfs=off" is used on the kernel command line, iwiwifi's mvm module uses a… | |
| CVE-2022-50000 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: fix stuck flows on cleanup due to pending work To clear the flow table on flow table free, the following se… | |
| CVE-2022-25255 | medium | — | 5.5 | 4y ago | Moderate: qt5 security and bug fix update | |
| CVE-2022-22719 | medium | — | 5.5 | 4y ago | Moderate: httpd security, bug fix, and enhancement update | |
| CVE-2022-22721 | medium | — | 5.5 | 4y ago | Moderate: httpd security, bug fix, and enhancement update | |
| CVE-2022-23943 | medium | — | 5.5 | 4y ago | Moderate: httpd security, bug fix, and enhancement update | |
| CVE-2022-26377 | medium | — | 5.5 | 4y ago | Moderate: httpd security, bug fix, and enhancement update | |
| CVE-2022-29404 | medium | — | 5.5 | 4y ago | Moderate: httpd security, bug fix, and enhancement update | |
| CVE-2022-28614 | medium | — | 5.5 | 4y ago | Moderate: httpd security, bug fix, and enhancement update | |
| CVE-2022-28615 | medium | — | 5.5 | 4y ago | Moderate: httpd security, bug fix, and enhancement update | |
| CVE-2022-30522 | medium | — | 5.5 | 4y ago | Moderate: httpd security, bug fix, and enhancement update | |
| CVE-2022-30556 | medium | — | 5.5 | 4y ago | Moderate: httpd security, bug fix, and enhancement update | |
| CVE-2022-31813 | medium | — | 5.5 | 4y ago | Moderate: httpd security, bug fix, and enhancement update | |
| CVE-2022-0561 | medium | — | 5.5 | 4y ago | Moderate: libtiff security update | |
| CVE-2022-27337 | medium | — | 5.5 | 4y ago | Moderate: poppler security and bug fix update | |
| CVE-2022-0562 | medium | — | 5.5 | 4y ago | Moderate: libtiff security update | |
| CVE-2022-0865 | medium | — | 5.5 | 4y ago | Moderate: libtiff security update | |
| CVE-2022-0891 | medium | — | 5.5 | 4y ago | Moderate: libtiff security update | |
| CVE-2022-0908 | medium | — | 5.5 | 4y ago | Moderate: libtiff security update | |
| CVE-2022-0924 | medium | — | 5.5 | 4y ago | Moderate: libtiff security update | |
| CVE-2022-0909 | medium | — | 5.5 | 4y ago | Moderate: libtiff security update | |
| CVE-2022-22844 | medium | — | 5.5 | 4y ago | Moderate: libtiff security update | |
| CVE-2022-1354 | medium | — | 5.5 | 4y ago | Moderate: libtiff security update | |
| CVE-2022-1355 | medium | — | 5.5 | 4y ago | Moderate: libtiff security update | |
| CVE-2022-30550 | medium | — | 5.5 | 4y ago | Moderate: dovecot security and enhancement update | |
| CVE-2022-23825 | medium | — | 5.5 | 4y ago | Moderate: kernel security, bug fix, and enhancement update | |
| CVE-2022-23816 | medium | — | 5.5 | 4y ago | Moderate: kernel security, bug fix, and enhancement update | |
| CVE-2022-32742 | medium | — | 5.5 | 4y ago | Moderate: samba security, bug fix, and enhancement update | |
| CVE-2022-1304 | medium | — | 5.5 | 4y ago | Moderate: e2fsprogs security update | |
| CVE-2022-49465 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: blk-throttle: Set BIO_THROTTLED when bio has been throttled 1.In current process, all bio will set the BIO_THROTTLED flag after _… | |
| CVE-2022-32189 | medium | — | 5.5 | 4y ago | Moderate: toolbox security and bug fix update | |
| CVE-2022-49557 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: x86/fpu: KVM: Set the base guest FPU uABI size to sizeof(struct kvm_xsave) Set the starting uABI size of KVM's guest FPU to 'stru… | |
| CVE-2022-26709 | medium | — | 5.5 | 4y ago | Moderate: webkit2gtk3 security and bug fix update | |
| CVE-2022-1706 | medium | — | 5.5 | 4y ago | Moderate: ignition security, bug fix, and enhancement update | |
| CVE-2022-2319 | medium | — | 5.5 | 4y ago | Moderate: xorg-x11-server security and bug fix update | |
| CVE-2022-29162 | medium | — | 5.5 | 4y ago | Moderate: container-tools:4.0 security and bug fix update | |
| CVE-2022-26716 | medium | — | 5.5 | 4y ago | Moderate: webkit2gtk3 security and bug fix update | |
| CVE-2022-2320 | medium | — | 5.5 | 4y ago | Moderate: xorg-x11-server security and bug fix update | |
| CVE-2022-27405 | medium | — | 5.5 | 4y ago | Moderate: freetype security update | |
| CVE-2022-32792 | medium | — | 5.5 | 4y ago | An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing malici… | |
| CVE-2022-26719 | medium | — | 5.5 | 4y ago | Moderate: webkit2gtk3 security and bug fix update | |
| CVE-2022-49130 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: ath11k: mhi: use mhi_sync_power_up() If amss.bin was missing ath11k would crash during 'rmmod ath11k_pci'. The reason for that wa… | |
| CVE-2022-25309 | medium | — | 5.5 | 4y ago | Moderate: fribidi security update | |
| CVE-2022-48912 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: fix use-after-free in __nf_register_net_hook() We must not dereference @new_hooks after nf_hook_mutex has been release… | |
| CVE-2022-1049 | medium | — | 5.5 | 4y ago | Moderate: pcs security, bug fix, and enhancement update | |
| CVE-2022-49228 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a btf decl_tag bug when tagging a function syzbot reported a btf decl_tag bug with stack trace below: general protect… | |
| CVE-2022-49605 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: igc: Reinstate IGC_REMOVED logic and implement it properly The initially merged version of the igc driver code (via commit 146740… | |
| CVE-2022-1328 | medium | — | 5.5 | 4y ago | Moderate: mutt security update | |
| CVE-2022-26125 | medium | — | 5.5 | 4y ago | Moderate: frr security, bug fix, and enhancement update | |
| CVE-2022-0918 | medium | — | 5.5 | 4y ago | Moderate: 389-ds-base security, bug fix, and enhancement update | |
| CVE-2022-1348 | medium | — | 5.5 | 4y ago | Moderate: logrotate security update | |
| CVE-2022-32816 | medium | — | 5.5 | 4y ago | The issue was addressed with improved UI handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. Visiting a website that frames malicious content may l… | |
| CVE-2022-31625 | medium | — | 5.5 | 4y ago | Moderate: php security, bug fix, and enhancement update | |
| CVE-2022-28693 | medium | — | 5.5 | 4y ago | RHSA-2022:8267: kernel security, bug fix, and enhancement update (Moderate) | |
| CVE-2022-49297 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: nbd: fix io hung while disconnecting device In our tests, "qemu-nbd" triggers a io hung: INFO: task qemu-nbd:11445 blocked for m… | |
| CVE-2022-22629 | medium | — | 5.5 | 4y ago | Moderate: webkit2gtk3 security and bug fix update | |
| CVE-2022-48936 | medium | — | 5.5 | 4y ago | Moderate: kernel-rt security update | |
| CVE-2022-30699 | medium | — | 5.5 | 4y ago | Moderate: unbound security, bug fix, and enhancement update | |
| CVE-2022-32990 | medium | — | 5.5 | 4y ago | Moderate: gimp security and enhancement update | |
| CVE-2022-0396 | medium | — | 5.5 | 4y ago | Moderate: bind security update | |
| CVE-2022-49543 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: ath11k: fix the warning of dev_wake in mhi_pm_disable_transition() When test device recovery with below command, it has warning i… | |
| CVE-2022-25310 | medium | — | 5.5 | 4y ago | Moderate: fribidi security update | |
| CVE-2022-27406 | medium | — | 5.5 | 4y ago | Moderate: freetype security update | |
| CVE-2022-22662 | medium | — | 5.5 | 4y ago | Moderate: webkit2gtk3 security and bug fix update | |
| CVE-2022-2309 | medium | — | 5.5 | 4y ago | Moderate: python-lxml security update | |
| CVE-2022-3500 | medium | — | 5.5 | 4y ago | Moderate: keylime security update | |
| CVE-2022-22624 | medium | — | 5.5 | 4y ago | Moderate: webkit2gtk3 security and bug fix update | |
| CVE-2022-30698 | medium | — | 5.5 | 4y ago | Moderate: unbound security, bug fix, and enhancement update | |
| CVE-2022-0996 | medium | — | 5.5 | 4y ago | Moderate: 389-ds-base security, bug fix, and enhancement update | |
| CVE-2022-32891 | medium | — | 5.5 | 4y ago | The issue was addressed with improved UI handling. This issue is fixed in Safari 16, tvOS 16, watchOS 9, iOS 16. Visiting a website that frames malicious content may lead to UI spoofing. | |
| CVE-2022-0934 | medium | — | 5.5 | 4y ago | Moderate: dnsmasq security and bug fix update | |
| CVE-2022-32746 | medium | — | 5.5 | 4y ago | Moderate: libldb security, bug fix, and enhancement update | |
| CVE-2022-27191 | medium | — | 5.5 | 4y ago | Moderate: buildah security and bug fix update | |
| CVE-2022-2990 | medium | — | 5.5 | 4y ago | Moderate: buildah security and bug fix update | |
| CVE-2022-26717 | medium | — | 5.5 | 4y ago | Moderate: webkit2gtk3 security and bug fix update | |
| CVE-2022-25308 | medium | — | 5.5 | 4y ago | Moderate: fribidi security update | |
| CVE-2022-49123 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: ath11k: Fix frames flush failure caused by deadlock We are seeing below warnings: kernel: [25393.301506] ath11k_pci 0000:01:00.0… | |
| CVE-2022-30067 | medium | — | 5.5 | 4y ago | Moderate: gimp security and enhancement update | |
| CVE-2022-27404 | medium | — | 5.5 | 4y ago | Moderate: freetype security update | |
| CVE-2022-26700 | medium | — | 5.5 | 4y ago | Moderate: webkit2gtk3 security and bug fix update | |
| CVE-2022-30293 | medium | — | 5.5 | 4y ago | Moderate: webkit2gtk3 security and bug fix update | |
| CVE-2022-2850 | medium | — | 5.5 | 4y ago | Moderate: 389-ds-base security, bug fix, and enhancement update | |
| CVE-2022-41105 | medium | 5.5 | 5.5 | 4y ago | Microsoft Excel Information Disclosure Vulnerability | |
| CVE-2022-41104 | medium | 5.5 | 5.5 | 4y ago | Microsoft Excel Security Feature Bypass Vulnerability | |
| CVE-2022-41103 | medium | 5.5 | 5.5 | 4y ago | Microsoft Word Information Disclosure Vulnerability | |
| CVE-2022-41060 | medium | 5.5 | 5.5 | 4y ago | Microsoft Word Information Disclosure Vulnerability | |
| CVE-2022-27950 | medium | — | 5.5 | 4y ago | In drivers/hid/hid-elo.c in the Linux kernel before 5.16.11, a memory leak exists for a certain hid_parse error condition. | |
| CVE-2022-21824 | medium | — | 5.5 | 4y ago | Moderate: nodejs:16 security, bug fix, and enhancement update | |
| CVE-2022-23960 | medium | — | 5.5 | 4y ago | Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buf… |