CVEs from 2022
Total
5,250
critical
critical 90
high
high 1,231
medium
medium 959
low
low 24
% Critical
1.7%
% with KEV
2.5%
% with exploit
3.4%
Top vendors
- oracle 616
- netapp 438
- microsoft 165
- omron 109
- azul 82
- schneider-electric 33
- mitsubishielectric 32
- siemens 10
Top products
- jdk 116
- jre 109
- openjdk 100
- zulu 82
- graalvm 74
- cloud_secure_agent 35
- oncommand_insight 34
- cloud_insights_acquisition_unit 34
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-48564 | medium | — | 5.5 | 2y ago | read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format. | |||
| CVE-2022-48560 | medium | — | 5.5 | 2y ago | RHSA-2024:2987: python27:2.7 security update (Moderate) | |||
| CVE-2022-44638 | medium | — | 5.5 | 3y ago | RHSA-2024:0131: pixman security update (Moderate) | |||
| CVE-2022-24963 | medium | — | 5.5 | 3y ago | Moderate: apr security update | |||
| CVE-2022-50423 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: ACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage() There is an use-after-free reported by KASAN: BUG: KASAN: us… | |||
| CVE-2022-38745 | medium | — | 5.5 | 3y ago | Moderate: libreoffice security update | |||
| CVE-2022-3565 | medium | — | 5.5 | 3y ago | A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Blueto… | |||
| CVE-2022-50269 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix memory leak in vkms_init() A memory leak was reported after the vkms module install failed. unreferenced object 0x… | |||
| CVE-2022-4285 | medium | — | 5.5 | 3y ago | RHSA-2023:6236: binutils security update (Moderate) | |||
| CVE-2022-43681 | medium | — | 5.5 | 3y ago | Moderate: frr security and bug fix update | |||
| CVE-2022-39306 | medium | — | 5.5 | 3y ago | Moderate: grafana security and enhancement update | |||
| CVE-2022-40302 | medium | — | 5.5 | 3y ago | Moderate: frr security and bug fix update | |||
| CVE-2022-50472 | medium | 5.5 | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: IB/mad: Don't call to function that might sleep while in atomic context Tracepoints are not allowed to sleep, as such the followi… | |||
| CVE-2022-39307 | medium | — | 5.5 | 3y ago | Moderate: grafana security and enhancement update | |||
| CVE-2022-40318 | medium | — | 5.5 | 3y ago | Moderate: frr security and bug fix update | |||
| CVE-2022-48468 | medium | — | 5.5 | 3y ago | RHSA-2023:6944: protobuf-c security update (Moderate) | |||
| CVE-2022-3064 | medium | — | 5.5 | 3y ago | RHSA-2024:10784: rhc security update (Moderate) | |||
| CVE-2022-50543 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix mr->map double free rxe_mr_cleanup() which tries to free mr->map again will be called when rxe_mr_init_user() fails… | |||
| CVE-2022-49885 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init() Change num_ghes from int to unsigned int, preventing an overflow and… | |||
| CVE-2022-36440 | medium | — | 5.5 | 3y ago | Moderate: frr security and bug fix update | |||
| CVE-2022-50865 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: tcp: fix a signed-integer-overflow bug in tcp_add_backlog() The type of sk_rcvbuf and sk_sndbuf in struct sock is int, and in tcp… | |||
| CVE-2022-40898 | medium | — | 5.5 | 3y ago | Moderate: python-wheel security update | |||
| CVE-2022-49759 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: VMCI: Use threaded irqs instead of tasklets The vmci_dispatch_dgs() tasklet function calls vmci_read_data() which uses wait_event… | |||
| CVE-2022-37601 | medium | — | 5.5 | 3y ago | RHSA-2023:6972: grafana security and enhancement update (Moderate) | |||
| CVE-2022-50110 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: watchdog: sp5100_tco: Fix a memory leak of EFCH MMIO resource Unlike release_mem_region(), a call to release_resource() does not … | |||
| CVE-2022-2127 | medium | — | 5.5 | 3y ago | RHSA-2023:7139: samba security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-39201 | medium | — | 5.5 | 3y ago | Moderate: grafana security and enhancement update | |||
| CVE-2022-23527 | medium | — | 5.5 | 3y ago | RHSA-2023:6940: mod_auth_openidc:2.3 security and bug fix update (Moderate) | |||
| CVE-2022-50087 | medium | — | 5.5 | 3y ago | Moderate: kernel security update | |||
| CVE-2022-23552 | medium | — | 5.5 | 3y ago | Moderate: grafana security and enhancement update | |||
| CVE-2022-39324 | medium | — | 5.5 | 3y ago | Moderate: grafana security and enhancement update | |||
| CVE-2022-50042 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: net: genl: fix error path memory leak in policy dumping If construction of the array of policies fails when recording non-first p… | |||
| CVE-2022-50369 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix null-ptr-deref in vkms_release() A null-ptr-deref is triggered when it tries to destroy the workqueue in vkms->outp… | |||
| CVE-2022-50341 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: cifs: fix oops during encryption When running xfstests against Azure the following oops occurred on an arm64 system Unable to … | |||
| CVE-2022-31123 | medium | — | 5.5 | 3y ago | Moderate: grafana security and enhancement update | |||
| CVE-2022-50327 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value The return value of acpi_fetch_acpi_dev() could be NULL, which wo… | |||
| CVE-2022-31130 | medium | — | 5.5 | 3y ago | Moderate: grafana security and enhancement update | |||
| CVE-2022-50856 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifs_ses_add_channel() Before return, should free the xid, otherwise, the xid will be leaked. | |||
| CVE-2022-40433 | medium | — | 5.5 | 3y ago | RHSA-2023:5731: java-1.8.0-openjdk security update (Moderate) | |||
| CVE-2022-48281 | medium | — | 5.5 | 3y ago | RHSA-2023:3827: libtiff security update (Moderate) | |||
| CVE-2022-46663 | medium | — | 5.5 | 3y ago | Moderate: less security update | |||
| CVE-2022-27239 | medium | — | 5.5 | 3y ago | RHBA-2023:3052: cifs-utils bug fix and enhancement update (Moderate) | |||
| CVE-2022-50493 | medium | 5.5 | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash when I/O abort times out While performing CPU hotplug, a crash with the following stack was seen: Call … | |||
| CVE-2022-4515 | medium | — | 5.5 | 3y ago | RHSA-2023:2863: ctags security update (Moderate) | |||
| CVE-2022-3599 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2022-3598 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2022-3597 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2022-44793 | medium | — | 5.5 | 3y ago | RHSA-2023:2969: net-snmp security and bug fix update (Moderate) | |||
| CVE-2022-50228 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0 Don't BUG/WARN on interrupt injection due to GIF being cleared, … | |||
| CVE-2022-37032 | medium | — | 5.5 | 3y ago | An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation fault and denial of service. This occurs in bgp_capability_msg_parse in bgpd/bgp_packet.c. | |||
| CVE-2022-3626 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2022-3627 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2022-34303 | medium | — | 5.5 | 3y ago | Moderate: fwupd security and bug fix update | |||
| CVE-2022-1925 | medium | — | 5.5 | 3y ago | DOS / potential heap overwrite in mkv demuxing using HEADERSTRIP decompression. Integer overflow in matroskaparse element in gst_matroska_decompress_data function which causes a heap overflow. Due to… | |||
| CVE-2022-1924 | medium | — | 5.5 | 3y ago | DOS / potential heap overwrite in mkv demuxing using lzo decompression. Integer overflow in matroskademux element in lzo decompression function which causes a segfault, or could cause a heap overwrit… | |||
| CVE-2022-1923 | medium | — | 5.5 | 3y ago | DOS / potential heap overwrite in mkv demuxing using bzip decompression. Integer overflow in matroskademux element in bzip decompression function which causes a segfault, or could cause a heap overwr… | |||
| CVE-2022-1922 | medium | — | 5.5 | 3y ago | DOS / potential heap overwrite in mkv demuxing using zlib decompression. Integer overflow in matroskademux element in gst_matroska_decompress_data function which causes a segfault, or could cause a h… | |||
| CVE-2022-1921 | medium | — | 5.5 | 3y ago | Integer overflow in avidemux element in gst_avi_demux_invert function which allows a heap overwrite while parsing avi files. Potential for arbitrary code execution through heap overwrite. | |||
| CVE-2022-1920 | medium | — | 5.5 | 3y ago | Integer overflow in matroskademux element in gst_matroska_demux_add_wvpk_header function which allows a heap overwrite while parsing matroska files. Potential for arbitrary code execution through hea… | |||
| CVE-2022-41724 | medium | — | 5.5 | 3y ago | RHSA-2023:6939: container-tools:rhel8 security and bug fix update (Moderate) | |||
| CVE-2022-49081 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: highmem: fix checks in __kmap_local_sched_{in,out} When CONFIG_DEBUG_KMAP_LOCAL is enabled __kmap_local_sched_{in,out} check that… | |||
| CVE-2022-46341 | medium | — | 5.5 | 3y ago | A vulnerability was found in X.Org. This security flaw occurs because the handler for the XIPassiveUngrab request accesses out-of-bounds memory when invoked with a high keycode or button code. This i… | |||
| CVE-2022-39377 | medium | — | 5.5 | 3y ago | RHSA-2023:2800: sysstat security and bug fix update (Moderate) | |||
| CVE-2022-3551 | medium | — | 5.5 | 3y ago | A vulnerability, which was classified as problematic, has been found in X.org Server. Affected by this issue is the function ProcXkbGetKbdByName of the file xkb/xkb.c. The manipulation leads to memor… | |||
| CVE-2022-30784 | medium | — | 5.5 | 3y ago | RHSA-2023:2757: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-29187 | medium | — | 5.5 | 3y ago | RHSA-2023:2859: git security and bug fix update (Moderate) | |||
| CVE-2022-41723 | medium | — | 5.5 | 3y ago | A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. | |||
| CVE-2022-2929 | medium | — | 5.5 | 3y ago | RHSA-2023:3000: dhcp security and bug fix update (Moderate) | |||
| CVE-2022-39260 | medium | — | 5.5 | 3y ago | RHSA-2023:2859: git security and bug fix update (Moderate) | |||
| CVE-2022-39316 | medium | — | 5.5 | 3y ago | RHSA-2023:2851: freerdp security update (Moderate) | |||
| CVE-2022-41877 | medium | — | 5.5 | 3y ago | RHSA-2023:2851: freerdp security update (Moderate) | |||
| CVE-2022-49058 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: cifs: potential buffer overflow in handling symlinks Smatch printed a warning: arch/x86/crypto/poly1305_glue.c:198 poly1305_upda… | |||
| CVE-2022-30788 | medium | — | 5.5 | 3y ago | RHSA-2023:2757: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-39282 | medium | — | 5.5 | 3y ago | RHSA-2023:2851: freerdp security update (Moderate) | |||
| CVE-2022-30786 | medium | — | 5.5 | 3y ago | RHSA-2023:2757: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-2393 | medium | — | 5.5 | 3y ago | Moderate: pki-core security, bug fix, and enhancement update | |||
| CVE-2022-48339 | medium | — | 5.5 | 3y ago | RHSA-2023:7083: emacs security update (Moderate) | |||
| CVE-2022-4904 | medium | — | 5.5 | 3y ago | RHSA-2023:7116: c-ares security update (Moderate) | |||
| CVE-2022-3970 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2022-46342 | medium | — | 5.5 | 3y ago | A vulnerability was found in X.Org. This security flaw occurs because the handler for the XvdiSelectVideoNotify request may write to memory after it has been freed. This issue can lead to local privi… | |||
| CVE-2022-50717 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: add bounds check on Transfer Tag ttag is used as an index to get cmd in nvmet_tcp_handle_h2c_data_pdu(), add a bounds … | |||
| CVE-2022-40023 | medium | — | 5.5 | 3y ago | RHSA-2023:2893: python-mako security update (Moderate) | |||
| CVE-2022-50546 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: fix uninititialized value in 'ext4_evict_inode' Syzbot found the following issue: =========================================… | |||
| CVE-2022-50635 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: powerpc/kprobes: Fix null pointer reference in arch_prepare_kprobe() I found a null pointer reference in arch_prepare_kprobe(): … | |||
| CVE-2022-30789 | medium | — | 5.5 | 3y ago | RHSA-2023:2757: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-50055 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: iavf: Fix adminq error handling iavf_alloc_asq_bufs/iavf_alloc_arq_bufs allocates with dma_alloc_coherent memory for VF mailbox. … | |||
| CVE-2022-4283 | medium | — | 5.5 | 3y ago | A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetK… | |||
| CVE-2022-46340 | medium | — | 5.5 | 3y ago | A vulnerability was found in X.Org. This security flaw occurs becuase the swap handler for the XTestFakeInput request of the XTest extension may corrupt the stack if GenericEvents with lengths larger… | |||
| CVE-2022-44792 | medium | — | 5.5 | 3y ago | RHSA-2023:2969: net-snmp security and bug fix update (Moderate) | |||
| CVE-2022-3094 | medium | — | 5.5 | 3y ago | RHSA-2023:7177: bind security update (Moderate) | |||
| CVE-2022-3924 | medium | — | 5.5 | 3y ago | RHSA-2023:2792: bind9.16 security and bug fix update (Moderate) | |||
| CVE-2022-49700 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: mm/slub: add missing TID updates on slab deactivation The fastpath in slab_alloc_node() assumes that c->slab is stable as long as… | |||
| CVE-2022-41860 | medium | — | 5.5 | 3y ago | RHSA-2023:2870: freeradius:3.0 security update (Moderate) | |||
| CVE-2022-39253 | medium | — | 5.5 | 3y ago | RHSA-2023:2859: git security and bug fix update (Moderate) | |||
| CVE-2022-34302 | medium | — | 5.5 | 3y ago | Moderate: fwupd security and bug fix update | |||
| CVE-2022-35957 | medium | — | 5.5 | 3y ago | Moderate: grafana security and enhancement update | |||
| CVE-2022-50668 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: fix deadlock due to mbcache entry corruption When manipulating xattr blocks, we can deadlock infinitely looping inside ext4… | |||
| CVE-2022-24765 | medium | — | 5.5 | 3y ago | RHSA-2023:2859: git security and bug fix update (Moderate) | |||
| CVE-2022-45939 | medium | — | 5.5 | 3y ago | RHSA-2023:3042: emacs security and bug fix update (Moderate) | |||
| CVE-2022-2928 | medium | — | 5.5 | 3y ago | RHSA-2023:3000: dhcp security and bug fix update (Moderate) |