CVEs from 2022
Total
5,244
critical
critical 92
high
high 1,233
medium
medium 961
low
low 24
% Critical
1.8%
% with KEV
2.5%
% with exploit
3.4%
Top vendors
- oracle 616
- netapp 438
- microsoft 165
- omron 109
- azul 82
- schneider-electric 33
- mitsubishielectric 32
- siemens 10
Top products
- jdk 116
- jre 109
- openjdk 100
- zulu 82
- graalvm 74
- cloud_secure_agent 35
- oncommand_insight 34
- cloud_insights_acquisition_unit 34
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-0729 | unknown | — | — | — | Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440. | |||
| CVE-2022-1381 | unknown | — | — | — | global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible … | |||
| CVE-2022-1616 | unknown | — | — | — | Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote ex… | |||
| CVE-2022-1619 | unknown | — | — | — | Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899. This vulnerabilities are capable of crashing software, modify memory, and possible remote ex… | |||
| CVE-2022-1620 | unknown | — | — | — | NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allow… | |||
| CVE-2022-1720 | unknown | — | — | — | Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution. | |||
| CVE-2022-1674 | unknown | — | — | — | NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in GitHub repository vim/vim prior to 8.2.4938. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 allow… | |||
| CVE-2022-1725 | unknown | — | — | — | NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4959. | |||
| CVE-2022-1733 | unknown | — | — | — | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968. | |||
| CVE-2022-1735 | unknown | — | — | — | Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969. | |||
| CVE-2022-1769 | unknown | — | — | — | Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974. | |||
| CVE-2022-1796 | unknown | — | — | — | Use After Free in GitHub repository vim/vim prior to 8.2.4979. | |||
| CVE-2022-1851 | unknown | — | — | — | Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. | |||
| CVE-2022-1886 | unknown | — | — | — | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | |||
| CVE-2022-1898 | unknown | — | — | — | Use After Free in GitHub repository vim/vim prior to 8.2. | |||
| CVE-2022-2208 | unknown | — | — | — | NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163. | |||
| CVE-2022-1942 | unknown | — | — | — | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | |||
| CVE-2022-1968 | unknown | — | — | — | Use After Free in GitHub repository vim/vim prior to 8.2. | |||
| CVE-2022-2124 | unknown | — | — | — | Buffer Over-read in GitHub repository vim/vim prior to 8.2. | |||
| CVE-2022-2042 | unknown | — | — | — | Use After Free in GitHub repository vim/vim prior to 8.2. | |||
| CVE-2022-2125 | unknown | — | — | — | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | |||
| CVE-2022-2129 | unknown | — | — | — | Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. | |||
| CVE-2022-2183 | unknown | — | — | — | Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. | |||
| CVE-2022-2175 | unknown | — | — | — | Buffer Over-read in GitHub repository vim/vim prior to 8.2. | |||
| CVE-2022-2182 | unknown | — | — | — | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | |||
| CVE-2022-2206 | unknown | — | — | — | Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. | |||
| CVE-2022-2207 | unknown | — | — | — | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | |||
| CVE-2022-2231 | unknown | — | — | — | NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2. | |||
| CVE-2022-2210 | unknown | — | — | — | Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. | |||
| CVE-2022-2257 | unknown | — | — | — | Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. | |||
| CVE-2022-2285 | unknown | — | — | — | Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0. | |||
| CVE-2022-2264 | unknown | — | — | — | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. | |||
| CVE-2022-2284 | unknown | — | — | — | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. | |||
| CVE-2022-2286 | unknown | — | — | — | Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. | |||
| CVE-2022-2287 | unknown | — | — | — | Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. | |||
| CVE-2022-2288 | unknown | — | — | — | Out-of-bounds Write in GitHub repository vim/vim prior to 9.0. | |||
| CVE-2022-2522 | unknown | — | — | — | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0061. | |||
| CVE-2022-2816 | unknown | — | — | — | Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0212. | |||
| CVE-2022-2289 | unknown | — | — | — | Use After Free in GitHub repository vim/vim prior to 9.0. | |||
| CVE-2022-2344 | unknown | — | — | — | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045. | |||
| CVE-2022-2304 | unknown | — | — | — | Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. | |||
| CVE-2022-2343 | unknown | — | — | — | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044. | |||
| CVE-2022-2345 | unknown | — | — | — | Use After Free in GitHub repository vim/vim prior to 9.0.0046. | |||
| CVE-2022-2571 | unknown | — | — | — | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0101. | |||
| CVE-2022-2845 | unknown | — | — | — | Improper Validation of Specified Quantity in Input in GitHub repository vim/vim prior to 9.0.0218. | |||
| CVE-2022-2580 | unknown | — | — | — | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0102. | |||
| CVE-2022-2581 | unknown | — | — | — | Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0104. | |||
| CVE-2022-2598 | unknown | — | — | — | Out-of-bounds Write to API in GitHub repository vim/vim prior to 9.0.0100. | |||
| CVE-2022-2817 | unknown | — | — | — | Use After Free in GitHub repository vim/vim prior to 9.0.0213. | |||
| CVE-2022-2819 | unknown | — | — | — | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0211. | |||
| CVE-2022-2849 | unknown | — | — | — | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0220. | |||
| CVE-2022-2862 | unknown | — | — | — | Use After Free in GitHub repository vim/vim prior to 9.0.0221. | |||
| CVE-2022-2874 | unknown | — | — | — | NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0224. | |||
| CVE-2022-2889 | unknown | — | — | — | Use After Free in GitHub repository vim/vim prior to 9.0.0225. | |||
| CVE-2022-2982 | unknown | — | — | — | Use After Free in GitHub repository vim/vim prior to 9.0.0260. | |||
| CVE-2022-2923 | unknown | — | — | — | NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0240. | |||
| CVE-2022-3134 | unknown | — | — | — | Use After Free in GitHub repository vim/vim prior to 9.0.0389. | |||
| CVE-2022-2946 | unknown | — | — | — | Use After Free in GitHub repository vim/vim prior to 9.0.0246. | |||
| CVE-2022-2980 | unknown | — | — | — | NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0259. | |||
| CVE-2022-3153 | unknown | — | — | — | NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0404. | |||
| CVE-2022-3016 | unknown | — | — | — | Use After Free in GitHub repository vim/vim prior to 9.0.0286. | |||
| CVE-2022-3037 | unknown | — | — | — | Use After Free in GitHub repository vim/vim prior to 9.0.0322. | |||
| CVE-2022-3099 | unknown | — | — | — | Use After Free in GitHub repository vim/vim prior to 9.0.0360. | |||
| CVE-2022-3234 | unknown | — | — | — | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0483. | |||
| CVE-2022-3235 | unknown | — | — | — | Use After Free in GitHub repository vim/vim prior to 9.0.0490. | |||
| CVE-2022-3352 | unknown | — | — | — | Use After Free in GitHub repository vim/vim prior to 9.0.0614. | |||
| CVE-2022-3491 | unknown | — | — | — | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0742. | |||
| CVE-2022-3256 | unknown | — | — | — | Use After Free in GitHub repository vim/vim prior to 9.0.0530. | |||
| CVE-2022-3278 | unknown | — | — | — | NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0552. | |||
| CVE-2022-3296 | unknown | — | — | — | Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0577. | |||
| CVE-2022-4141 | unknown | — | — | — | Heap based buffer overflow in vim/vim 9.0.0946 and below by allowing an attacker to CTRL-W gf in the expression used in the RHS of the substitute command. | |||
| CVE-2022-3297 | unknown | — | — | — | Use After Free in GitHub repository vim/vim prior to 9.0.0579. | |||
| CVE-2022-3520 | unknown | — | — | — | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0765. | |||
| CVE-2022-3591 | unknown | — | — | — | Use After Free in GitHub repository vim/vim prior to 9.0.0789. | |||
| CVE-2022-3705 | unknown | — | — | — | A vulnerability was found in vim and classified as problematic. Affected by this issue is the function qf_update_buffer of the file quickfix.c of the component autocmd Handler. The manipulation leads… | |||
| CVE-2022-4292 | unknown | — | — | — | Use After Free in GitHub repository vim/vim prior to 9.0.0882. | |||
| CVE-2022-4293 | unknown | — | — | — | Floating Point Comparison with Incorrect Operator in GitHub repository vim/vim prior to 9.0.0804. | |||
| CVE-2022-49729 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: nfc: nfcmrvl: Fix memory leak in nfcmrvl_play_deferred Similar to the handling of play_deferred in commit 19cfe912c37b ("Bluetoot… | |||
| CVE-2022-49733 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC There is a small race window at snd_pcm_oss_sync() that is called from OSS PCM SNDCTL… | |||
| CVE-2022-34474 | unknown | — | — | — | Even when an iframe was sandboxed with <code>allow-top-navigation-by-user-activation</code>, if it received a redirect header to an external protocol the browser would process the redirect and prompt… | |||
| CVE-2022-34480 | unknown | — | — | — | Within the <code>lg_init()</code> function, if several allocations succeed but then one fails, an uninitialized pointer would have been freed despite never being allocated. This vulnerability affects… | |||
| CVE-2022-49763 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ntfs: fix use-after-free in ntfs_attr_find() Patch series "ntfs: fix bugs about Attribute", v2. This patchset fixes three bugs r… | |||
| CVE-2022-34482 | unknown | — | — | — | An attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to contain an executable extension, and by extension potentially tr… | |||
| CVE-2022-34483 | unknown | — | — | — | An attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to contain an executable extension, and by extension potentially tr… | |||
| CVE-2022-36317 | unknown | — | — | — | When visiting a website with an overly long URL, the user interface would start to hang. Due to session restore, this could lead to a permanent Denial of Service.<br>*This bug only affects Firefox fo… | |||
| CVE-2022-49789 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: scsi: zfcp: Fix double free of FSF request when qdio send fails We used to use the wrong type of integer in 'zfcp_fsf_req_send()'… | |||
| CVE-2022-49217 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix abort all task initialization In pm80xx_send_abort_all(), the n_elem field of the ccb used is not initialized t… | |||
| CVE-2022-48655 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Harden accesses to the reset domains Accessing reset domains descriptors by the index upon the SCMI drivers r… | |||
| CVE-2022-48839 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net/packet: fix slab-out-of-bounds access in packet_recvmsg() syzbot found that when an AF_PACKET socket is using PACKET_COPY_THR… | |||
| CVE-2022-0465 | unknown | — | — | — | Use after free in Extensions in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via user interaction. | |||
| CVE-2022-48660 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Set lineevent_state::irq after IRQ register successfully When running gpio test on nxp-ls1028 platform with below … | |||
| CVE-2022-0789 | unknown | — | — | — | Heap buffer overflow in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2022-0800 | unknown | — | — | — | Heap buffer overflow in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via… | |||
| CVE-2022-48694 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix drain SQ hang with no completion SW generated completions for outstanding WRs posted on SQ after QP is in error t… | |||
| CVE-2022-0971 | unknown | — | — | — | Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafte… | |||
| CVE-2022-0979 | unknown | — | — | — | Use after free in Safe Browsing in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap cor… | |||
| CVE-2022-48702 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() The voice allocator sometimes begins allocating from n… | |||
| CVE-2022-48708 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: pinctrl: single: fix potential NULL dereference Added checking of pointer "function" in pcs_set_mux(). pinmux_generic_get_functio… | |||
| CVE-2022-48895 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: Don't unregister on shutdown Michael Walle says he noticed the following stack trace while performing a shutdown … | |||
| CVE-2022-48711 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: tipc: improve size validations for received domain records The function tipc_mon_rcv() allows a node to receive and process domai… |