CVEs from 2022
Total
5,301
critical
critical 90
high
high 1,233
medium
medium 957
low
low 24
% Critical
1.7%
% with KEV
2.5%
% with exploit
3.3%
Top vendors
- oracle 616
- netapp 438
- microsoft 165
- omron 109
- azul 82
- schneider-electric 33
- mitsubishielectric 32
- siemens 10
Top products
- jdk 116
- jre 109
- openjdk 100
- zulu 82
- graalvm 74
- cloud_secure_agent 35
- oncommand_insight 34
- cloud_insights_acquisition_unit 34
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-0847 | high | — | 10.0 | 4y ago | Linux kernel contains an improper initialization vulnerability where an unprivileged local user could escalate their privileges on the system. This vulnerability has the moniker of "Dirty Pipe." | |||
| CVE-2022-0492 | high | 7.8 | 10.0 | 4y ago | Linux Kernel contains an improper authentication vulnerability which could allow for privilege escalation via the cgroups v1 release_agent feature. | |||
| CVE-2022-1471 | high | — | 9.0 | 4y ago | RHSA-2022:9058: prometheus-jmx-exporter security update (Important) | |||
| CVE-2022-42889 | high | — | 9.0 | 4y ago | Arbitrary code execution in Apache Commons Text | |||
| CVE-2022-34918 | high | — | 9.0 | 4y ago | An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a differ… | |||
| CVE-2022-22942 | high | — | 9.0 | 4y ago | The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by other processes on the system through a dangling 'file' pointer. | |||
| CVE-2022-3358 | low | — | 3.5 | 4y ago | Low: openssl security and bug fix update |