VIR Vulnerability Intelligence Relay

CVEs from 2022

5,236 normalized CVEs published or assigned in this year.

Total
5,236
critical
critical 92
high
high 1,236
medium
medium 953
low
low 24
% Critical
1.8%
% with KEV
2.5%
% with exploit
3.4%

Top vendors

Top products

  • jdk 116
  • jre 109
  • openjdk 100
  • zulu 82
  • graalvm 74
  • cloud_secure_agent 35
  • oncommand_insight 34
  • cloud_insights_acquisition_unit 34

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2022-2205 unknown
CVE-2022-0351 unknown Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.
CVE-2022-0368 unknown Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
CVE-2022-0393 unknown Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
CVE-2022-0407 unknown Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVE-2022-0408 unknown Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVE-2022-22736 unknown If Firefox was installed to a world-writable directory, a local privilege escalation could occur when Firefox searched the current directory for system libraries. However the install directory is not…
CVE-2022-0417 unknown Heap-based Buffer Overflow GitHub repository vim/vim prior to 8.2.
CVE-2022-0443 unknown Use After Free in GitHub repository vim/vim prior to 8.2.
CVE-2022-0572 unknown Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVE-2022-0629 unknown Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVE-2022-0696 unknown NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4428.
CVE-2022-0714 unknown Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436.
CVE-2022-0729 unknown Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440.
CVE-2022-1381 unknown global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible …
CVE-2022-1616 unknown Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote ex…
CVE-2022-1619 unknown Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899. This vulnerabilities are capable of crashing software, modify memory, and possible remote ex…
CVE-2022-1620 unknown NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allow…
CVE-2022-1720 unknown Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.
CVE-2022-1674 unknown NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in GitHub repository vim/vim prior to 8.2.4938. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 allow…
CVE-2022-1725 unknown NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4959.
CVE-2022-1733 unknown Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968.
CVE-2022-1735 unknown Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969.
CVE-2022-1769 unknown Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974.
CVE-2022-1796 unknown Use After Free in GitHub repository vim/vim prior to 8.2.4979.
CVE-2022-1851 unknown Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
CVE-2022-1898 unknown Use After Free in GitHub repository vim/vim prior to 8.2.
CVE-2022-2208 unknown NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163.
CVE-2022-1942 unknown Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVE-2022-1968 unknown Use After Free in GitHub repository vim/vim prior to 8.2.
CVE-2022-2124 unknown Buffer Over-read in GitHub repository vim/vim prior to 8.2.
CVE-2022-2042 unknown Use After Free in GitHub repository vim/vim prior to 8.2.
CVE-2022-2125 unknown Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVE-2022-2129 unknown Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.
CVE-2022-2175 unknown Buffer Over-read in GitHub repository vim/vim prior to 8.2.
CVE-2022-2206 unknown Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
CVE-2022-2207 unknown Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVE-2022-2210 unknown Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.
CVE-2022-2257 unknown Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
CVE-2022-2264 unknown Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.
CVE-2022-2284 unknown Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.
CVE-2022-2286 unknown Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
CVE-2022-2287 unknown Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
CVE-2022-2288 unknown Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.
CVE-2022-2522 unknown Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0061.
CVE-2022-2289 unknown Use After Free in GitHub repository vim/vim prior to 9.0.
CVE-2022-2344 unknown Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045.
CVE-2022-2304 unknown Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.
CVE-2022-2343 unknown Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044.
CVE-2022-2345 unknown Use After Free in GitHub repository vim/vim prior to 9.0.0046.
CVE-2022-2571 unknown Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0101.
CVE-2022-2580 unknown Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0102.
CVE-2022-2581 unknown Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0104.
CVE-2022-2598 unknown Out-of-bounds Write to API in GitHub repository vim/vim prior to 9.0.0100.
CVE-2022-2817 unknown Use After Free in GitHub repository vim/vim prior to 9.0.0213.
CVE-2022-2819 unknown Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0211.
CVE-2022-2849 unknown Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0220.
CVE-2022-2862 unknown Use After Free in GitHub repository vim/vim prior to 9.0.0221.
CVE-2022-2874 unknown NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0224.
CVE-2022-2889 unknown Use After Free in GitHub repository vim/vim prior to 9.0.0225.
CVE-2022-2982 unknown Use After Free in GitHub repository vim/vim prior to 9.0.0260.
CVE-2022-2923 unknown NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0240.
CVE-2022-3134 unknown Use After Free in GitHub repository vim/vim prior to 9.0.0389.
CVE-2022-2946 unknown Use After Free in GitHub repository vim/vim prior to 9.0.0246.
CVE-2022-2980 unknown NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0259.
CVE-2022-3153 unknown NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0404.
CVE-2022-3016 unknown Use After Free in GitHub repository vim/vim prior to 9.0.0286.
CVE-2022-3037 unknown Use After Free in GitHub repository vim/vim prior to 9.0.0322.
CVE-2022-3234 unknown Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0483.
CVE-2022-3235 unknown Use After Free in GitHub repository vim/vim prior to 9.0.0490.
CVE-2022-3352 unknown Use After Free in GitHub repository vim/vim prior to 9.0.0614.
CVE-2022-3256 unknown Use After Free in GitHub repository vim/vim prior to 9.0.0530.
CVE-2022-3278 unknown NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0552.
CVE-2022-3296 unknown Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0577.
CVE-2022-4141 unknown Heap based buffer overflow in vim/vim 9.0.0946 and below by allowing an attacker to CTRL-W gf in the expression used in the RHS of the substitute command.
CVE-2022-3297 unknown Use After Free in GitHub repository vim/vim prior to 9.0.0579.
CVE-2022-3520 unknown Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0765.
CVE-2022-3591 unknown Use After Free in GitHub repository vim/vim prior to 9.0.0789.
CVE-2022-3705 unknown A vulnerability was found in vim and classified as problematic. Affected by this issue is the function qf_update_buffer of the file quickfix.c of the component autocmd Handler. The manipulation leads…
CVE-2022-4292 unknown Use After Free in GitHub repository vim/vim prior to 9.0.0882.
CVE-2022-4293 unknown Floating Point Comparison with Incorrect Operator in GitHub repository vim/vim prior to 9.0.0804.
CVE-2022-49729 unknown In the Linux kernel, the following vulnerability has been resolved: nfc: nfcmrvl: Fix memory leak in nfcmrvl_play_deferred Similar to the handling of play_deferred in commit 19cfe912c37b ("Bluetoot…
CVE-2022-49733 unknown In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC There is a small race window at snd_pcm_oss_sync() that is called from OSS PCM SNDCTL…
CVE-2022-34474 unknown Even when an iframe was sandboxed with <code>allow-top-navigation-by-user-activation</code>, if it received a redirect header to an external protocol the browser would process the redirect and prompt…
CVE-2022-34480 unknown Within the <code>lg_init()</code> function, if several allocations succeed but then one fails, an uninitialized pointer would have been freed despite never being allocated. This vulnerability affects…
CVE-2022-49763 unknown In the Linux kernel, the following vulnerability has been resolved: ntfs: fix use-after-free in ntfs_attr_find() Patch series "ntfs: fix bugs about Attribute", v2. This patchset fixes three bugs r…
CVE-2022-34482 unknown An attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to contain an executable extension, and by extension potentially tr…
CVE-2022-34483 unknown An attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to contain an executable extension, and by extension potentially tr…
CVE-2022-36317 unknown When visiting a website with an overly long URL, the user interface would start to hang. Due to session restore, this could lead to a permanent Denial of Service.<br>*This bug only affects Firefox fo…
CVE-2022-49999 unknown In the Linux kernel, the following vulnerability has been resolved: btrfs: fix space cache corruption and potential double allocations When testing space_cache v2 on a large set of machines, we enc…
CVE-2022-50098 unknown In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash due to stale SRB access around I/O timeouts Ensure SRB is returned during I/O timeout error escalation. …
CVE-2022-29021 unknown A buffer overflow vulnerability exists in the razerkbd driver of OpenRazer up to version v3.3.0 allows attackers to cause a Denial of Service (DoS) and possibly escalate their privileges via a crafte…
CVE-2022-29023 unknown A buffer overflow vulnerability exists in the razermouse driver of OpenRazer up to version v3.3.0 allows attackers to cause a Denial of Service (DoS) and possibly escalate their privileges via a craf…
CVE-2022-50144 unknown In the Linux kernel, the following vulnerability has been resolved: soundwire: revisit driver bind/unbind and callbacks In the SoundWire probe, we store a pointer from the driver ops into the 'slav…
CVE-2022-50248 unknown In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix double free on tx path. We see kernel crashes and lockups and KASAN errors related to ax210 firmware cras…
CVE-2022-50262 unknown In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Validate BOOT record_size When the NTFS BOOT record_size field < 0, it represents a shift value. However, there is no s…
CVE-2022-50378 unknown In the Linux kernel, the following vulnerability has been resolved: drm/meson: reorder driver deinit sequence to fix use-after-free bug Unloading the driver triggers the following KASAN warning: […
CVE-2022-40983 unknown An integer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an integer overflow during memory allocation, which ca…
CVE-2022-43591 unknown A buffer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an out-of-bounds memory access, which can lead to arbitr…
CVE-2022-50432 unknown In the Linux kernel, the following vulnerability has been resolved: kernfs: fix use-after-free in __kernfs_remove Syzkaller managed to trigger concurrent calls to kernfs_remove_by_name_ns() for the…