VIR Vulnerability Intelligence Relay

CVEs from 2022

5,243 normalized CVEs published or assigned in this year.

Total
5,243
critical
critical 92
high
high 1,233
medium
medium 961
low
low 24
% Critical
1.8%
% with KEV
2.5%
% with exploit
3.4%

Top vendors

Top products

  • jdk 116
  • jre 109
  • openjdk 100
  • zulu 82
  • graalvm 74
  • cloud_secure_agent 35
  • oncommand_insight 34
  • cloud_insights_acquisition_unit 34

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2022-49003 unknown In the Linux kernel, the following vulnerability has been resolved: nvme: fix SRCU protection of nvme_ns_head list Walking the nvme_ns_head siblings list is protected by the head's srcu in nvme_ns_…
CVE-2022-0466 unknown Inappropriate implementation in Extensions Platform in Google Chrome prior to 98.0.4758.80 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox e…
CVE-2022-1125 unknown Use after free in Portals in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user…
CVE-2022-1144 unknown Use after free in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specif…
CVE-2022-1138 unknown Inappropriate implementation in Web Cursor in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who had compromised the renderer process to obscure the contents of the Omnibox (URL bar) …
CVE-2022-1143 unknown Heap buffer overflow in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via …
CVE-2022-1142 unknown Heap buffer overflow in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via …
CVE-2022-1232 unknown Type confusion in V8 in Google Chrome prior to 100.0.4896.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-1305 unknown Use after free in storage in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-0511 unknown Mozilla developers and community members Gabriele Svelto, Sebastian Hengst, Randell Jesup, Luan Herrera, Lars T Hansen, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 96.…
CVE-2022-1307 unknown Inappropriate implementation in full screen in Google Chrome on Android prior to 100.0.4896.88 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2022-49529 unknown In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/pm: fix the null pointer while the smu is disabled It needs to check if the pp_funcs is initialized while release the …
CVE-2022-28959 unknown Multiple cross-site scripting (XSS) vulnerabilities in the component /spip.php of Spip Web Framework v3.1.13 and below allows attackers to execute arbitrary web scripts or HTML.
CVE-2022-28960 unknown A PHP injection vulnerability in Spip before v3.2.8 allows attackers to execute arbitrary PHP code via the _oups parameter at /ecrire.
CVE-2022-28961 unknown Spip Web Framework v3.1.13 and below was discovered to contain multiple SQL injection vulnerabilities at /ecrire via the lier_trad and where parameters.
CVE-2022-37155 unknown RCE in SPIP 3.1.13 through 4.1.2 allows remote authenticated users to execute arbitrary code via the _oups parameter.
CVE-2022-3304 unknown Use after free in CSS in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2022-3305 unknown Use after free in survey in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Hig…
CVE-2022-49082 unknown In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix use after free in _scsih_expander_node_remove() The function mpt3sas_transport_port_remove() called in _scsih_…
CVE-2022-3314 unknown Use after free in logging in Google Chrome prior to 106.0.5249.62 allowed a remote attacker who had compromised a WebUI process to potentially perform a sandbox escape via a crafted HTML page. (Chrom…
CVE-2022-3318 unknown Use after free in ChromeOS Notifications in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker who convinced a user to reboot Chrome OS to potentially exploit heap corruption …
CVE-2022-1887 unknown The search term could have been specified externally to trigger SQL injection. This vulnerability affects Firefox for iOS < 101.
CVE-2022-0213 unknown vim is vulnerable to Heap-based Buffer Overflow
CVE-2022-0156 unknown vim is vulnerable to Use After Free
CVE-2022-0319 unknown Out-of-bounds Read in vim/vim prior to 8.2.
CVE-2022-0158 unknown vim is vulnerable to Heap-based Buffer Overflow
CVE-2022-2205 unknown
CVE-2022-0351 unknown Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.
CVE-2022-0368 unknown Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
CVE-2022-0393 unknown Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
CVE-2022-0407 unknown Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVE-2022-0408 unknown Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVE-2022-22736 unknown If Firefox was installed to a world-writable directory, a local privilege escalation could occur when Firefox searched the current directory for system libraries. However the install directory is not…
CVE-2022-0417 unknown Heap-based Buffer Overflow GitHub repository vim/vim prior to 8.2.
CVE-2022-0443 unknown Use After Free in GitHub repository vim/vim prior to 8.2.
CVE-2022-0572 unknown Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVE-2022-0629 unknown Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVE-2022-0696 unknown NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4428.
CVE-2022-0714 unknown Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436.
CVE-2022-0729 unknown Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440.
CVE-2022-1381 unknown global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible …
CVE-2022-1616 unknown Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote ex…
CVE-2022-1619 unknown Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899. This vulnerabilities are capable of crashing software, modify memory, and possible remote ex…
CVE-2022-1620 unknown NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allow…
CVE-2022-1720 unknown Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.
CVE-2022-1674 unknown NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in GitHub repository vim/vim prior to 8.2.4938. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 allow…
CVE-2022-1725 unknown NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4959.
CVE-2022-1733 unknown Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968.
CVE-2022-1735 unknown Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969.
CVE-2022-1769 unknown Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974.
CVE-2022-1796 unknown Use After Free in GitHub repository vim/vim prior to 8.2.4979.
CVE-2022-1851 unknown Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
CVE-2022-1886 unknown Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVE-2022-1898 unknown Use After Free in GitHub repository vim/vim prior to 8.2.
CVE-2022-2208 unknown NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163.
CVE-2022-1942 unknown Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVE-2022-1968 unknown Use After Free in GitHub repository vim/vim prior to 8.2.
CVE-2022-2124 unknown Buffer Over-read in GitHub repository vim/vim prior to 8.2.
CVE-2022-2042 unknown Use After Free in GitHub repository vim/vim prior to 8.2.
CVE-2022-2125 unknown Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVE-2022-2129 unknown Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.
CVE-2022-2183 unknown Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
CVE-2022-2175 unknown Buffer Over-read in GitHub repository vim/vim prior to 8.2.
CVE-2022-2182 unknown Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVE-2022-2206 unknown Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
CVE-2022-2207 unknown Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVE-2022-2231 unknown NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.
CVE-2022-2210 unknown Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.
CVE-2022-2257 unknown Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
CVE-2022-2285 unknown Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.
CVE-2022-2264 unknown Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.
CVE-2022-2284 unknown Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.
CVE-2022-2286 unknown Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
CVE-2022-2287 unknown Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
CVE-2022-2288 unknown Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.
CVE-2022-2522 unknown Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0061.
CVE-2022-2816 unknown Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0212.
CVE-2022-2344 unknown Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045.
CVE-2022-2289 unknown Use After Free in GitHub repository vim/vim prior to 9.0.
CVE-2022-2304 unknown Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.
CVE-2022-2343 unknown Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044.
CVE-2022-2345 unknown Use After Free in GitHub repository vim/vim prior to 9.0.0046.
CVE-2022-2571 unknown Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0101.
CVE-2022-2845 unknown Improper Validation of Specified Quantity in Input in GitHub repository vim/vim prior to 9.0.0218.
CVE-2022-2580 unknown Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0102.
CVE-2022-2581 unknown Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0104.
CVE-2022-2598 unknown Out-of-bounds Write to API in GitHub repository vim/vim prior to 9.0.0100.
CVE-2022-2817 unknown Use After Free in GitHub repository vim/vim prior to 9.0.0213.
CVE-2022-2819 unknown Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0211.
CVE-2022-2849 unknown Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0220.
CVE-2022-2862 unknown Use After Free in GitHub repository vim/vim prior to 9.0.0221.
CVE-2022-2874 unknown NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0224.
CVE-2022-2889 unknown Use After Free in GitHub repository vim/vim prior to 9.0.0225.
CVE-2022-2982 unknown Use After Free in GitHub repository vim/vim prior to 9.0.0260.
CVE-2022-2923 unknown NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0240.
CVE-2022-3134 unknown Use After Free in GitHub repository vim/vim prior to 9.0.0389.
CVE-2022-2946 unknown Use After Free in GitHub repository vim/vim prior to 9.0.0246.
CVE-2022-2980 unknown NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0259.
CVE-2022-3153 unknown NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0404.
CVE-2022-3016 unknown Use After Free in GitHub repository vim/vim prior to 9.0.0286.