CVEs from 2022
Total
5,252
critical
critical 90
high
high 1,231
medium
medium 959
low
low 24
% Critical
1.7%
% with KEV
2.5%
% with exploit
3.4%
Top vendors
- oracle 616
- netapp 438
- microsoft 165
- omron 109
- azul 82
- schneider-electric 33
- mitsubishielectric 32
- siemens 10
Top products
- jdk 116
- jre 109
- openjdk 100
- zulu 82
- graalvm 74
- cloud_secure_agent 35
- oncommand_insight 34
- cloud_insights_acquisition_unit 34
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-21413 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-32214 | medium | — | 5.5 | 4y ago | The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not strictly use the CRLF sequence to delimit HTTP requests. This can lead to HTTP Request Smuggling (HRS). | |||
| CVE-2022-21414 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-21457 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-28739 | medium | — | 5.5 | 4y ago | Moderate: ruby security, bug fix, and enhancement update | |||
| CVE-2022-21527 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-28738 | medium | — | 5.5 | 4y ago | Moderate: ruby security, bug fix, and enhancement update | |||
| CVE-2022-21435 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-21605 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-21452 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-31213 | medium | — | 5.5 | 4y ago | Moderate: dbus-broker security update | |||
| CVE-2022-32215 | medium | — | 5.5 | 4y ago | The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly handle multi-line Transfer-Encoding headers. This can lead to HTTP Request Smuggling (HRS). | |||
| CVE-2022-32213 | medium | — | 5.5 | 4y ago | The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly parse and validate Transfer-Encoding headers and can lead to HTTP Request Smuggling (HRS). | |||
| CVE-2022-34903 | medium | — | 5.5 | 4y ago | RHSA-2022:6463: gnupg2 security update (Moderate) | |||
| CVE-2022-21531 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-21537 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-49063 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: ice: arfs: fix use-after-free when freeing @rx_cpu_rmap The CI testing bots triggered the following splat: [ 718.203054] BUG: K… | |||
| CVE-2022-21415 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-21539 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-21556 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-31212 | medium | — | 5.5 | 4y ago | Moderate: dbus-broker security update | |||
| CVE-2022-21412 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-21638 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-32212 | medium | — | 5.5 | 4y ago | RHSA-2022:6449: nodejs:16 security and bug fix update (Moderate) | |||
| CVE-2022-21437 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-29244 | medium | — | 5.5 | 4y ago | Moderate: nodejs and nodejs-nodemon security and bug fix update | |||
| CVE-2022-21455 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-21460 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-21530 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-21423 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-21427 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-21436 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-21444 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-21553 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-21418 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-21592 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-49722 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: ice: Fix memory corruption in VF driver Disable VF's RX/TX queues, when it's disabled. VF can have queues enabled, when it reques… | |||
| CVE-2022-21641 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-21417 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-21425 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-21438 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-36087 | medium | — | 5.5 | 4y ago | Moderate: fence-agents security and bug fix update | |||
| CVE-2022-0391 | medium | — | 5.5 | 4y ago | A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method doe… | |||
| CVE-2022-25857 | medium | — | 5.5 | 4y ago | RHSA-2022:6820: prometheus-jmx-exporter security update (Moderate) | |||
| CVE-2022-2068 | medium | — | 5.5 | 4y ago | RHSA-2022:5818: openssl security update (Moderate) | |||
| CVE-2022-1292 | medium | — | 5.5 | 4y ago | RHSA-2022:5818: openssl security update (Moderate) | |||
| CVE-2022-2255 | medium | — | 5.5 | 4y ago | RHSA-2025:4791: python39:3.9 security update (Moderate) | |||
| CVE-2022-32207 | medium | — | 5.5 | 4y ago | When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In … | |||
| CVE-2022-32206 | medium | — | 5.5 | 4y ago | curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links… | |||
| CVE-2022-32208 | medium | — | 5.5 | 4y ago | When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it … | |||
| CVE-2022-34716 | medium | — | 5.5 | 4y ago | RHSA-2022:6058: .NET 6.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-32087 | medium | — | 5.5 | 4y ago | RHSA-2022:6443: mariadb:10.3 security and bug fix update (Moderate) | |||
| CVE-2022-27449 | medium | — | 5.5 | 4y ago | RHSA-2022:6443: mariadb:10.3 security and bug fix update (Moderate) | |||
| CVE-2022-27451 | medium | — | 5.5 | 4y ago | RHSA-2022:5826: mariadb:10.5 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-32086 | medium | — | 5.5 | 4y ago | RHSA-2022:5826: mariadb:10.5 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-27378 | medium | — | 5.5 | 4y ago | RHSA-2022:6443: mariadb:10.3 security and bug fix update (Moderate) | |||
| CVE-2022-27381 | medium | — | 5.5 | 4y ago | RHSA-2022:6443: mariadb:10.3 security and bug fix update (Moderate) | |||
| CVE-2022-27384 | medium | — | 5.5 | 4y ago | RHSA-2022:6443: mariadb:10.3 security and bug fix update (Moderate) | |||
| CVE-2022-27387 | medium | — | 5.5 | 4y ago | RHSA-2022:6443: mariadb:10.3 security and bug fix update (Moderate) | |||
| CVE-2022-27445 | medium | — | 5.5 | 4y ago | RHSA-2022:6443: mariadb:10.3 security and bug fix update (Moderate) | |||
| CVE-2022-27452 | medium | — | 5.5 | 4y ago | RHSA-2022:6443: mariadb:10.3 security and bug fix update (Moderate) | |||
| CVE-2022-27456 | medium | — | 5.5 | 4y ago | RHSA-2022:6443: mariadb:10.3 security and bug fix update (Moderate) | |||
| CVE-2022-32083 | medium | — | 5.5 | 4y ago | RHSA-2022:6443: mariadb:10.3 security and bug fix update (Moderate) | |||
| CVE-2022-32085 | medium | — | 5.5 | 4y ago | RHSA-2022:6443: mariadb:10.3 security and bug fix update (Moderate) | |||
| CVE-2022-48943 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: make apf token non-zero to fix bug In current async pagefault logic, when a page is ready, KVM relies on kvm_arch_c… | |||
| CVE-2022-24052 | medium | — | 5.5 | 4y ago | RHSA-2022:6443: mariadb:10.3 security and bug fix update (Moderate) | |||
| CVE-2022-1927 | medium | — | 5.5 | 4y ago | Moderate: vim security update | |||
| CVE-2022-1897 | medium | — | 5.5 | 4y ago | Moderate: vim security update | |||
| CVE-2022-21595 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-27386 | medium | — | 5.5 | 4y ago | RHSA-2022:6443: mariadb:10.3 security and bug fix update (Moderate) | |||
| CVE-2022-27379 | medium | — | 5.5 | 4y ago | RHSA-2022:6443: mariadb:10.3 security and bug fix update (Moderate) | |||
| CVE-2022-27448 | medium | — | 5.5 | 4y ago | RHSA-2022:6443: mariadb:10.3 security and bug fix update (Moderate) | |||
| CVE-2022-27446 | medium | — | 5.5 | 4y ago | RHSA-2022:5826: mariadb:10.5 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-27444 | medium | — | 5.5 | 4y ago | RHSA-2022:5826: mariadb:10.5 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-24050 | medium | — | 5.5 | 4y ago | RHSA-2022:6443: mariadb:10.3 security and bug fix update (Moderate) | |||
| CVE-2022-1785 | medium | — | 5.5 | 4y ago | Moderate: vim security update | |||
| CVE-2022-24051 | medium | — | 5.5 | 4y ago | RHSA-2022:6443: mariadb:10.3 security and bug fix update (Moderate) | |||
| CVE-2022-27376 | medium | — | 5.5 | 4y ago | RHSA-2022:6443: mariadb:10.3 security and bug fix update (Moderate) | |||
| CVE-2022-27382 | medium | — | 5.5 | 4y ago | RHSA-2022:5826: mariadb:10.5 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-1055 | medium | — | 5.5 | 4y ago | Moderate: kernel security, bug fix, and enhancement update | |||
| CVE-2022-0494 | medium | — | 5.5 | 4y ago | Moderate: kernel security, bug fix, and enhancement update | |||
| CVE-2022-31622 | medium | — | 5.5 | 4y ago | RHSA-2022:6443: mariadb:10.3 security and bug fix update (Moderate) | |||
| CVE-2022-27455 | medium | — | 5.5 | 4y ago | RHSA-2022:5826: mariadb:10.5 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-27380 | medium | — | 5.5 | 4y ago | RHSA-2022:6443: mariadb:10.3 security and bug fix update (Moderate) | |||
| CVE-2022-27377 | medium | — | 5.5 | 4y ago | RHSA-2022:6443: mariadb:10.3 security and bug fix update (Moderate) | |||
| CVE-2022-24048 | medium | — | 5.5 | 4y ago | RHSA-2022:6443: mariadb:10.3 security and bug fix update (Moderate) | |||
| CVE-2022-31623 | medium | — | 5.5 | 4y ago | RHSA-2022:6443: mariadb:10.3 security and bug fix update (Moderate) | |||
| CVE-2022-32088 | medium | — | 5.5 | 4y ago | RHSA-2022:6443: mariadb:10.3 security and bug fix update (Moderate) | |||
| CVE-2022-27458 | medium | — | 5.5 | 4y ago | RHSA-2022:6443: mariadb:10.3 security and bug fix update (Moderate) | |||
| CVE-2022-27457 | medium | — | 5.5 | 4y ago | RHSA-2022:5826: mariadb:10.5 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2022-27383 | medium | — | 5.5 | 4y ago | RHSA-2022:6443: mariadb:10.3 security and bug fix update (Moderate) | |||
| CVE-2022-27447 | medium | — | 5.5 | 4y ago | RHSA-2022:6443: mariadb:10.3 security and bug fix update (Moderate) | |||
| CVE-2022-49418 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix free of uninitialized nfs4_label on referral lookup. Send along the already-allocated fattr along with nfs4_fs_locatio… | |||
| CVE-2022-31618 | medium | 5.5 | 5.5 | 4y ago | NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can dereference a null pointer, which may lead to denial of service. | |||
| CVE-2022-35737 | medium | — | 5.5 | 4y ago | RHSA-2023:0110: sqlite security update (Moderate) | |||
| CVE-2022-23773 | medium | — | 5.5 | 4y ago | RHSA-2022:1819: go-toolset:rhel8 security and bug fix update (Moderate) | |||
| CVE-2022-28327 | medium | — | 5.5 | 4y ago | RHSA-2022:5337: go-toolset:rhel8 security and bug fix update (Moderate) | |||
| CVE-2022-28131 | medium | — | 5.5 | 4y ago | RHSA-2023:2802: container-tools:4.0 security and bug fix update (Moderate) | |||
| CVE-2022-24921 | medium | — | 5.5 | 4y ago | RHSA-2022:5337: go-toolset:rhel8 security and bug fix update (Moderate) | |||
| CVE-2022-32148 | medium | — | 5.5 | 4y ago | RHSA-2023:2802: container-tools:4.0 security and bug fix update (Moderate) |