CVEs from 2022
Total
5,738
critical
critical 88
high
high 1,220
medium
medium 938
low
low 24
% Critical
1.5%
% with KEV
2.3%
% with exploit
3.1%
Top vendors
Top products
- jdk 116
- jre 109
- openjdk 100
- zulu 82
- graalvm 74
- cloud_secure_agent 35
- oncommand_insight 34
- cloud_insights_acquisition_unit 34
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-49215 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: xsk: Fix race at socket teardown Fix a race in the xsk socket teardown code that can lead to a NULL pointer dereference splat. Th… | |||
| CVE-2022-49408 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: fix memory leak in parse_apply_sb_mount_options() If processing the on-disk mount options fails after any memory was alloca… | |||
| CVE-2022-49411 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: bfq: Make sure bfqg for which we are queueing requests is online Bios queued into BFQ IO scheduler can be associated with a cgrou… | |||
| CVE-2022-49394 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: blk-iolatency: Fix inflight count imbalances and IO hangs on offline iolatency needs to track the number of inflight IOs per cgro… | |||
| CVE-2022-0996 | medium | — | 5.5 | 4y ago | RHSA-2022:5823: 389-ds:1.4 security update (Moderate) | |||
| CVE-2022-0918 | medium | — | 5.5 | 4y ago | RHSA-2022:5823: 389-ds:1.4 security update (Moderate) | |||
| CVE-2022-49615 | medium | — | 5.5 | 4y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-49559 | medium | — | 5.5 | 4y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-49695 | medium | — | 5.5 | 4y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-49697 | medium | — | 5.5 | 4y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-28893 | medium | — | 5.5 | 4y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-49698 | medium | — | 5.5 | 4y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-49264 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: exec: Force single empty string when argv is empty Quoting[1] Ariadne Conill: "In several other operating systems, it is a hard … | |||
| CVE-2022-26700 | medium | — | 5.5 | 4y ago | RHSA-2022:7704: webkit2gtk3 security and bug fix update (Moderate) | |||
| CVE-2022-26717 | medium | — | 5.5 | 4y ago | RHSA-2022:7704: webkit2gtk3 security and bug fix update (Moderate) | |||
| CVE-2022-26710 | medium | — | 5.5 | 4y ago | RHSA-2022:7704: webkit2gtk3 security and bug fix update (Moderate) | |||
| CVE-2022-21702 | medium | — | 5.5 | 4y ago | RHSA-2022:7519: grafana security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-21703 | medium | — | 5.5 | 4y ago | RHSA-2022:7519: grafana security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-49537 | medium | — | 5.5 | 4y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-49426 | medium | — | 5.5 | 4y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-50213 | medium | — | 5.5 | 4y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-48905 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: ibmvnic: free reset-work-item when flushing Fix a tiny memory leak when flushing the reset work queue. | |||
| CVE-2022-27406 | medium | — | 5.5 | 4y ago | RHSA-2022:7745: freetype security update (Moderate) | |||
| CVE-2022-27405 | medium | — | 5.5 | 4y ago | RHSA-2022:7745: freetype security update (Moderate) | |||
| CVE-2022-49343 | medium | — | 5.5 | 4y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-50178 | medium | — | 5.5 | 4y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-49340 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: ip_gre: test csum_start instead of transport header GRE with TUNNEL_CSUM will apply local checksum offload on CHECKSUM_PARTIAL pa… | |||
| CVE-2022-49606 | medium | — | 5.5 | 4y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-49625 | medium | — | 5.5 | 4y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-49669 | medium | — | 5.5 | 4y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-1049 | medium | — | 5.5 | 4y ago | RHSA-2022:7447: pcs security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-30067 | medium | — | 5.5 | 4y ago | Moderate: gimp security and enhancement update | |||
| CVE-2022-49584 | medium | — | 5.5 | 4y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-49123 | medium | — | 5.5 | 4y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-49253 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: media: usb: go7007: s2250-board: fix leak in probe() Call i2c_unregister_device(audio) on this error path. | |||
| CVE-2022-26719 | medium | — | 5.5 | 4y ago | RHSA-2022:7704: webkit2gtk3 security and bug fix update (Moderate) | |||
| CVE-2022-49710 | medium | — | 5.5 | 4y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-50030 | medium | — | 5.5 | 4y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-49671 | medium | — | 5.5 | 4y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-48786 | medium | — | 5.5 | 4y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-49297 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: nbd: fix io hung while disconnecting device In our tests, "qemu-nbd" triggers a io hung: INFO: task qemu-nbd:11445 blocked for m… | |||
| CVE-2022-49306 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: host: Stop setting the ACPI companion It is no longer needed. The sysdev pointer is now used when assigning the ACPI c… | |||
| CVE-2022-49534 | medium | — | 5.5 | 4y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-49538 | medium | — | 5.5 | 4y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-30293 | medium | — | 5.5 | 4y ago | RHSA-2022:7704: webkit2gtk3 security and bug fix update (Moderate) | |||
| CVE-2022-30556 | medium | — | 5.5 | 4y ago | RHSA-2022:7647: httpd:2.4 security update (Moderate) | |||
| CVE-2022-32816 | medium | — | 5.5 | 4y ago | RHSA-2022:7704: webkit2gtk3 security and bug fix update (Moderate) | |||
| CVE-2022-49626 | medium | — | 5.5 | 4y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-49664 | medium | — | 5.5 | 4y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-1706 | medium | — | 5.5 | 4y ago | Moderate: ignition security, bug fix, and enhancement update | |||
| CVE-2022-32792 | medium | — | 5.5 | 4y ago | RHSA-2022:7704: webkit2gtk3 security and bug fix update (Moderate) | |||
| CVE-2022-22624 | medium | — | 5.5 | 4y ago | RHSA-2022:7704: webkit2gtk3 security and bug fix update (Moderate) | |||
| CVE-2022-39190 | medium | — | 5.5 | 4y ago | An issue was discovered in net/netfilter/nf_tables_api.c in the Linux kernel before 5.19.6. A denial of service can occur upon binding to an already bound chain. | |||
| CVE-2022-49673 | medium | — | 5.5 | 4y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-49440 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Keep MSR[RI] set when calling RTAS RTAS runs in real mode (MSR[DR] and MSR[IR] unset) and in 32-bit big endian mode… | |||
| CVE-2022-49708 | medium | — | 5.5 | 4y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-26716 | medium | — | 5.5 | 4y ago | RHSA-2022:7704: webkit2gtk3 security and bug fix update (Moderate) | |||
| CVE-2022-49160 | medium | — | 5.5 | 4y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-49158 | medium | — | 5.5 | 4y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-49605 | medium | — | 5.5 | 4y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-49228 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a btf decl_tag bug when tagging a function syzbot reported a btf decl_tag bug with stack trace below: general protect… | |||
| CVE-2022-49378 | medium | — | 5.5 | 4y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-32891 | medium | — | 5.5 | 4y ago | RHSA-2022:7704: webkit2gtk3 security and bug fix update (Moderate) | |||
| CVE-2022-48912 | medium | — | 5.5 | 4y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-49334 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: mm/huge_memory: Fix xarray node memory leak If xas_split_alloc() fails to allocate the necessary nodes to complete the xarray ent… | |||
| CVE-2022-22719 | medium | — | 5.5 | 4y ago | RHSA-2022:7647: httpd:2.4 security update (Moderate) | |||
| CVE-2022-27404 | medium | — | 5.5 | 4y ago | RHSA-2022:7745: freetype security update (Moderate) | |||
| CVE-2022-2989 | medium | — | 5.5 | 4y ago | RHSA-2023:2802: container-tools:4.0 security and bug fix update (Moderate) | |||
| CVE-2022-49332 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Address NULL pointer dereference after starget_to_rport() Calls to starget_to_rport() may return NULL. Add check for… | |||
| CVE-2022-49093 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: skbuff: fix coalescing for page_pool fragment recycling Fix a use-after-free when using page_pool with page fragments. We encount… | |||
| CVE-2022-49188 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: remoteproc: qcom_q6v5_mss: Fix some leaks in q6v5_alloc_memory_region The device_node pointer is returned by of_parse_phandle() o… | |||
| CVE-2022-22721 | medium | — | 5.5 | 4y ago | RHSA-2022:7647: httpd:2.4 security update (Moderate) | |||
| CVE-2022-23943 | medium | — | 5.5 | 4y ago | RHSA-2022:7647: httpd:2.4 security update (Moderate) | |||
| CVE-2022-26377 | medium | — | 5.5 | 4y ago | RHSA-2022:7647: httpd:2.4 security update (Moderate) | |||
| CVE-2022-26373 | medium | — | 5.5 | 4y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-49153 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: wireguard: socket: free skb in send6 when ipv6 is disabled I got a memory leak report: unreferenced object 0xffff8881191fc040 (s… | |||
| CVE-2022-28614 | medium | — | 5.5 | 4y ago | RHSA-2022:7647: httpd:2.4 security update (Moderate) | |||
| CVE-2022-2639 | medium | — | 5.5 | 4y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-28615 | medium | — | 5.5 | 4y ago | RHSA-2022:7647: httpd:2.4 security update (Moderate) | |||
| CVE-2022-30522 | medium | — | 5.5 | 4y ago | RHSA-2022:7647: httpd:2.4 security update (Moderate) | |||
| CVE-2022-3500 | medium | — | 5.5 | 4y ago | Moderate: keylime security update | |||
| CVE-2022-2309 | medium | — | 5.5 | 4y ago | Moderate: python-lxml security update | |||
| CVE-2022-50084 | medium | — | 5.5 | 4y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-50085 | medium | — | 5.5 | 4y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-31813 | medium | — | 5.5 | 4y ago | RHSA-2022:7647: httpd:2.4 security update (Moderate) | |||
| CVE-2022-22662 | medium | — | 5.5 | 4y ago | RHSA-2022:7704: webkit2gtk3 security and bug fix update (Moderate) | |||
| CVE-2022-49272 | medium | — | 5.5 | 4y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-25310 | medium | — | 5.5 | 4y ago | RHSA-2022:7514: fribidi security update (Moderate) | |||
| CVE-2022-49543 | medium | — | 5.5 | 4y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-50212 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: do not allow CHAIN_ID to refer to another table When doing lookups for chains on the same batch by using it… | |||
| CVE-2022-32189 | medium | — | 5.5 | 4y ago | RHSA-2023:2802: container-tools:4.0 security and bug fix update (Moderate) | |||
| CVE-2022-48936 | medium | — | 5.5 | 4y ago | RHSA-2024:8870: kernel-rt security update (Moderate) | |||
| CVE-2022-49130 | medium | — | 5.5 | 4y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-49247 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: media: stk1160: If start stream fails, return buffers with VB2_BUF_STATE_QUEUED If the callback 'start_streaming' fails, then all… | |||
| CVE-2022-1304 | medium | — | 5.5 | 4y ago | RHSA-2022:7720: e2fsprogs security and bug fix update (Moderate) | |||
| CVE-2022-49090 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: arch/arm64: Fix topology initialization for core scheduling Arm64 systems rely on store_cpu_topology() to call update_siblings_ma… | |||
| CVE-2022-49179 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: block, bfq: don't move oom_bfqq Our test report a UAF: [ 2073.019181] ==========================================================… | |||
| CVE-2022-41105 | medium | 5.5 | 5.5 | 4y ago | Microsoft Excel Information Disclosure Vulnerability | |||
| CVE-2022-41104 | medium | 5.5 | 5.5 | 4y ago | Microsoft Excel Security Feature Bypass Vulnerability | |||
| CVE-2022-41103 | medium | 5.5 | 5.5 | 4y ago | Microsoft Word Information Disclosure Vulnerability |