CVEs from 2022
Total
5,250
critical
critical 92
high
high 1,233
medium
medium 961
low
low 24
% Critical
1.8%
% with KEV
2.5%
% with exploit
3.4%
Top vendors
- oracle 616
- netapp 438
- microsoft 165
- omron 109
- azul 82
- schneider-electric 33
- mitsubishielectric 32
- siemens 10
Top products
- jdk 116
- jre 109
- openjdk 100
- zulu 82
- graalvm 74
- cloud_secure_agent 35
- oncommand_insight 34
- cloud_insights_acquisition_unit 34
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-38096 | medium | 5.5 | 5.5 | 2y ago | Important: kernel security, bug fix, and enhancement update | |||
| CVE-2022-50638 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug_on in __es_tree_search caused by bad boot loader inode We got a issue as fllows: ==================================… | |||
| CVE-2022-50782 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug_on in __es_tree_search caused by bad quota inode We got a issue as fllows: ========================================… | |||
| CVE-2022-48564 | medium | — | 5.5 | 2y ago | read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format. | |||
| CVE-2022-48560 | medium | — | 5.5 | 2y ago | RHSA-2024:2987: python27:2.7 security update (Moderate) | |||
| CVE-2022-44638 | medium | — | 5.5 | 3y ago | RHSA-2024:0131: pixman security update (Moderate) | |||
| CVE-2022-24963 | medium | — | 5.5 | 3y ago | Moderate: apr security update | |||
| CVE-2022-50327 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value The return value of acpi_fetch_acpi_dev() could be NULL, which wo… | |||
| CVE-2022-50341 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: cifs: fix oops during encryption When running xfstests against Azure the following oops occurred on an arm64 system Unable to … | |||
| CVE-2022-39307 | medium | — | 5.5 | 3y ago | Moderate: grafana security and enhancement update | |||
| CVE-2022-50269 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix memory leak in vkms_init() A memory leak was reported after the vkms module install failed. unreferenced object 0x… | |||
| CVE-2022-3565 | medium | — | 5.5 | 3y ago | A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Blueto… | |||
| CVE-2022-2127 | medium | — | 5.5 | 3y ago | RHSA-2023:7139: samba security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-40318 | medium | — | 5.5 | 3y ago | Moderate: frr security and bug fix update | |||
| CVE-2022-40302 | medium | — | 5.5 | 3y ago | Moderate: frr security and bug fix update | |||
| CVE-2022-36440 | medium | — | 5.5 | 3y ago | Moderate: frr security and bug fix update | |||
| CVE-2022-43681 | medium | — | 5.5 | 3y ago | Moderate: frr security and bug fix update | |||
| CVE-2022-31130 | medium | — | 5.5 | 3y ago | Moderate: grafana security and enhancement update | |||
| CVE-2022-48468 | medium | — | 5.5 | 3y ago | RHSA-2023:6944: protobuf-c security update (Moderate) | |||
| CVE-2022-39201 | medium | — | 5.5 | 3y ago | Moderate: grafana security and enhancement update | |||
| CVE-2022-50042 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: net: genl: fix error path memory leak in policy dumping If construction of the array of policies fails when recording non-first p… | |||
| CVE-2022-50472 | medium | 5.5 | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: IB/mad: Don't call to function that might sleep while in atomic context Tracepoints are not allowed to sleep, as such the followi… | |||
| CVE-2022-37601 | medium | — | 5.5 | 3y ago | RHSA-2023:6972: grafana security and enhancement update (Moderate) | |||
| CVE-2022-50543 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix mr->map double free rxe_mr_cleanup() which tries to free mr->map again will be called when rxe_mr_init_user() fails… | |||
| CVE-2022-50110 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: watchdog: sp5100_tco: Fix a memory leak of EFCH MMIO resource Unlike release_mem_region(), a call to release_resource() does not … | |||
| CVE-2022-50369 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix null-ptr-deref in vkms_release() A null-ptr-deref is triggered when it tries to destroy the workqueue in vkms->outp… | |||
| CVE-2022-40898 | medium | — | 5.5 | 3y ago | Moderate: python-wheel security update | |||
| CVE-2022-23552 | medium | — | 5.5 | 3y ago | Moderate: grafana security and enhancement update | |||
| CVE-2022-39306 | medium | — | 5.5 | 3y ago | Moderate: grafana security and enhancement update | |||
| CVE-2022-50087 | medium | — | 5.5 | 3y ago | Moderate: kernel security update | |||
| CVE-2022-23527 | medium | — | 5.5 | 3y ago | RHSA-2023:6940: mod_auth_openidc:2.3 security and bug fix update (Moderate) | |||
| CVE-2022-50865 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: tcp: fix a signed-integer-overflow bug in tcp_add_backlog() The type of sk_rcvbuf and sk_sndbuf in struct sock is int, and in tcp… | |||
| CVE-2022-50423 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: ACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage() There is an use-after-free reported by KASAN: BUG: KASAN: us… | |||
| CVE-2022-39324 | medium | — | 5.5 | 3y ago | Moderate: grafana security and enhancement update | |||
| CVE-2022-38745 | medium | — | 5.5 | 3y ago | Moderate: libreoffice security update | |||
| CVE-2022-31123 | medium | — | 5.5 | 3y ago | Moderate: grafana security and enhancement update | |||
| CVE-2022-49759 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: VMCI: Use threaded irqs instead of tasklets The vmci_dispatch_dgs() tasklet function calls vmci_read_data() which uses wait_event… | |||
| CVE-2022-49885 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init() Change num_ghes from int to unsigned int, preventing an overflow and… | |||
| CVE-2022-50856 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifs_ses_add_channel() Before return, should free the xid, otherwise, the xid will be leaked. | |||
| CVE-2022-3064 | medium | — | 5.5 | 3y ago | RHSA-2024:10784: rhc security update (Moderate) | |||
| CVE-2022-4285 | medium | — | 5.5 | 3y ago | RHSA-2023:6236: binutils security update (Moderate) | |||
| CVE-2022-40433 | medium | — | 5.5 | 3y ago | RHSA-2023:5731: java-1.8.0-openjdk security update (Moderate) | |||
| CVE-2022-46663 | medium | — | 5.5 | 3y ago | Moderate: less security update | |||
| CVE-2022-48281 | medium | — | 5.5 | 3y ago | RHSA-2023:3827: libtiff security update (Moderate) | |||
| CVE-2022-4515 | medium | — | 5.5 | 3y ago | RHSA-2023:2863: ctags security update (Moderate) | |||
| CVE-2022-27239 | medium | — | 5.5 | 3y ago | RHBA-2023:3052: cifs-utils bug fix and enhancement update (Moderate) | |||
| CVE-2022-50493 | medium | 5.5 | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash when I/O abort times out While performing CPU hotplug, a crash with the following stack was seen: Call … | |||
| CVE-2022-50081 | medium | — | 5.5 | 3y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-39253 | medium | — | 5.5 | 3y ago | RHSA-2023:2859: git security and bug fix update (Moderate) | |||
| CVE-2022-39320 | medium | — | 5.5 | 3y ago | RHSA-2023:2851: freerdp security update (Moderate) | |||
| CVE-2022-39316 | medium | — | 5.5 | 3y ago | RHSA-2023:2851: freerdp security update (Moderate) | |||
| CVE-2022-39282 | medium | — | 5.5 | 3y ago | RHSA-2023:2851: freerdp security update (Moderate) | |||
| CVE-2022-39377 | medium | — | 5.5 | 3y ago | RHSA-2023:2800: sysstat security and bug fix update (Moderate) | |||
| CVE-2022-39229 | medium | — | 5.5 | 3y ago | RHSA-2023:2784: grafana security update (Moderate) | |||
| CVE-2022-50403 | medium | — | 5.5 | 3y ago | RHSA-2024:3138: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-4645 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2022-3190 | medium | — | 5.5 | 3y ago | Moderate: wireshark security and bug fix update | |||
| CVE-2022-3627 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2022-50344 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: fix null-ptr-deref in ext4_write_info I caught a null-ptr-deref bug as follows: ===========================================… | |||
| CVE-2022-50069 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: BPF: Fix potential bad pointer dereference in bpf_sys_bpf() The bpf_sys_bpf() helper function allows an eBPF program to load anot… | |||
| CVE-2022-49058 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: cifs: potential buffer overflow in handling symlinks Smatch printed a warning: arch/x86/crypto/poly1305_glue.c:198 poly1305_upda… | |||
| CVE-2022-50228 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0 Don't BUG/WARN on interrupt injection due to GIF being cleared, … | |||
| CVE-2022-41877 | medium | — | 5.5 | 3y ago | RHSA-2023:2851: freerdp security update (Moderate) | |||
| CVE-2022-41946 | medium | — | 5.5 | 3y ago | Moderate: postgresql-jdbc security update | |||
| CVE-2022-3970 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2022-3736 | medium | — | 5.5 | 3y ago | RHSA-2023:2792: bind9.16 security and bug fix update (Moderate) | |||
| CVE-2022-2122 | medium | — | 5.5 | 3y ago | DOS / potential heap overwrite in qtdemux using zlib decompression. Integer overflow in qtdemux element in qtdemux_inflate function which causes a segfault, or could cause a heap overwrite, depending… | |||
| CVE-2022-3626 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2022-41723 | medium | — | 5.5 | 3y ago | A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. | |||
| CVE-2022-39260 | medium | — | 5.5 | 3y ago | RHSA-2023:2859: git security and bug fix update (Moderate) | |||
| CVE-2022-24765 | medium | — | 5.5 | 3y ago | RHSA-2023:2859: git security and bug fix update (Moderate) | |||
| CVE-2022-3287 | medium | — | 5.5 | 3y ago | When creating an OPERATOR user account on the BMC, the redfish plugin saved the auto-generated password to /etc/fwupd/redfish.conf without proper restriction, allowing any user on the system to read … | |||
| CVE-2022-4283 | medium | — | 5.5 | 3y ago | A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetK… | |||
| CVE-2022-50717 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: add bounds check on Transfer Tag ttag is used as an index to get cmd in nvmet_tcp_handle_h2c_data_pdu(), add a bounds … | |||
| CVE-2022-50635 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: powerpc/kprobes: Fix null pointer reference in arch_prepare_kprobe() I found a null pointer reference in arch_prepare_kprobe(): … | |||
| CVE-2022-41861 | medium | — | 5.5 | 3y ago | RHSA-2023:2870: freeradius:3.0 security update (Moderate) | |||
| CVE-2022-46343 | medium | — | 5.5 | 3y ago | A vulnerability was found in X.Org. This security flaw occurs because the handler for the ScreenSaverSetAttributes request may write to memory after it has been freed. This issue can lead to local pr… | |||
| CVE-2022-46342 | medium | — | 5.5 | 3y ago | A vulnerability was found in X.Org. This security flaw occurs because the handler for the XvdiSelectVideoNotify request may write to memory after it has been freed. This issue can lead to local privi… | |||
| CVE-2022-50219 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix KASAN use-after-free Read in compute_effective_progs Syzbot found a Use After Free bug in compute_effective_progs(). The… | |||
| CVE-2022-49700 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: mm/slub: add missing TID updates on slab deactivation The fastpath in slab_alloc_node() assumes that c->slab is stable as long as… | |||
| CVE-2022-46341 | medium | — | 5.5 | 3y ago | A vulnerability was found in X.Org. This security flaw occurs because the handler for the XIPassiveUngrab request accesses out-of-bounds memory when invoked with a high keycode or button code. This i… | |||
| CVE-2022-39283 | medium | — | 5.5 | 3y ago | RHSA-2023:2851: freerdp security update (Moderate) | |||
| CVE-2022-41725 | medium | — | 5.5 | 3y ago | RHSA-2023:6939: container-tools:rhel8 security and bug fix update (Moderate) | |||
| CVE-2022-3550 | medium | — | 5.5 | 3y ago | A vulnerability classified as critical was found in X.org Server. Affected by this vulnerability is the function _GetCountedString of the file xkb/xkb.c. The manipulation leads to buffer overflow. It… | |||
| CVE-2022-2393 | medium | — | 5.5 | 3y ago | Moderate: pki-core security, bug fix, and enhancement update | |||
| CVE-2022-44793 | medium | — | 5.5 | 3y ago | RHSA-2023:2969: net-snmp security and bug fix update (Moderate) | |||
| CVE-2022-39318 | medium | — | 5.5 | 3y ago | RHSA-2023:2851: freerdp security update (Moderate) | |||
| CVE-2022-50730 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: silence the warning when evicting inode with dioread_nolock When evicting an inode with default dioread_nolock, it could be… | |||
| CVE-2022-48915 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: thermal: core: Fix TZ_GET_TRIP NULL pointer dereference Do not call get_trip_hyst() from thermal_genl_cmd_tz_get_trip() if the th… | |||
| CVE-2022-49541 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential double free during failed mount RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=2088799 | |||
| CVE-2022-39347 | medium | — | 5.5 | 3y ago | RHSA-2023:2851: freerdp security update (Moderate) | |||
| CVE-2022-39319 | medium | — | 5.5 | 3y ago | RHSA-2023:2851: freerdp security update (Moderate) | |||
| CVE-2022-39317 | medium | — | 5.5 | 3y ago | RHSA-2023:2851: freerdp security update (Moderate) | |||
| CVE-2022-40023 | medium | — | 5.5 | 3y ago | RHSA-2023:2893: python-mako security update (Moderate) | |||
| CVE-2022-3551 | medium | — | 5.5 | 3y ago | A vulnerability, which was classified as problematic, has been found in X.org Server. Affected by this issue is the function ProcXkbGetKbdByName of the file xkb/xkb.c. The manipulation leads to memor… | |||
| CVE-2022-46344 | medium | — | 5.5 | 3y ago | A vulnerability was found in X.Org. This security flaw occurs because the handler for the XIChangeProperty request has a length-validation issues, resulting in out-of-bounds memory reads and potentia… | |||
| CVE-2022-46340 | medium | — | 5.5 | 3y ago | A vulnerability was found in X.Org. This security flaw occurs becuase the swap handler for the XTestFakeInput request of the XTest extension may corrupt the stack if GenericEvents with lengths larger… | |||
| CVE-2022-34301 | medium | — | 5.5 | 3y ago | Moderate: fwupd security and bug fix update | |||
| CVE-2022-50126 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted Following process will fail assertion 'jh->b_frozen_… | |||
| CVE-2022-48337 | medium | — | 5.5 | 3y ago | RHSA-2023:7083: emacs security update (Moderate) |