VIR Vulnerability Intelligence Relay

CVEs from 2022

5,315 normalized CVEs published or assigned in this year.

Total
5,315
critical
critical 94
high
high 1,236
medium
medium 950
low
low 24
% Critical
1.8%
% with KEV
2.5%
% with exploit
3.3%

Top vendors

Top products

  • jdk 116
  • jre 109
  • openjdk 100
  • zulu 82
  • graalvm 74
  • cloud_secure_agent 35
  • oncommand_insight 34
  • cloud_insights_acquisition_unit 34

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2022-45809 low 3.7 3.7 3y ago Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Ricard Torres Thumbs Rating.This issue affects Thumbs Rating: from n/a through 5.0.0.
CVE-2022-21624 low 3.7 3.7 4y ago RHSA-2023:0128: java-1.8.0-ibm security update (Moderate)
CVE-2022-39399 low 3.7 3.7 4y ago RHSA-2022:7012: java-11-openjdk security and bug fix update (Moderate)
CVE-2022-21619 low 3.7 3.7 4y ago RHSA-2023:0128: java-1.8.0-ibm security update (Moderate)
CVE-2022-45819 low 3.5 3.5 2y ago Missing Authorization vulnerability in Popup Maker Popup Maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup Maker: from n/a through 1.17.1.
CVE-2022-3358 low 3.5 4y ago Low: openssl security and bug fix update
CVE-2022-24101 low 3.3 3.3 4y ago Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensit…
CVE-2022-27227 low 2.5 In PowerDNS Authoritative Server before 4.4.3, 4.5.x before 4.5.4, and 4.6.x before 4.6.1 and PowerDNS Recursor before 4.4.8, 4.5.x before 4.5.8, and 4.6.x before 4.6.1, insufficient validation of an…
CVE-2022-29458 low 2.5 10mo ago ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.
CVE-2022-45063 low 2.5 1y ago Low: xterm security update
CVE-2022-48554 low 2.5 2y ago File before 5.43 has an stack-based buffer over-read in file_copystr in funcs.c. NOTE: "File" is the name of an Open Source project.
CVE-2022-1615 low 2.5 3y ago RHSA-2023:2987: samba security, bug fix, and enhancement update (Low)
CVE-2022-36227 low 2.5 3y ago RHSA-2023:3018: libarchive security update (Low)
CVE-2022-35252 low 2.5 3y ago When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. …
CVE-2022-43552 low 2.5 3y ago A use after free vulnerability exists in curl <7.87.0. Curl can be asked to *tunnel* virtually all protocols it supports through an HTTP proxy. HTTP proxies can (and often do) deny such tunnel operat…
CVE-2022-28805 low 2.5 3y ago Low: lua security update
CVE-2022-41862 low 2.5 3y ago RHSA-2023:7016: libpq security update (Low)
CVE-2022-2211 low 2.5 4y ago RHSA-2022:7472: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update (Low)
CVE-2022-24735 low 2.5 4y ago RHSA-2022:7541: redis:6 security, bug fix, and enhancement update (Low)
CVE-2022-1122 low 2.5 4y ago RHSA-2022:7645: openjpeg2 security update (Low)
CVE-2022-23645 low 2.5 4y ago RHSA-2022:7472: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update (Low)
CVE-2022-0897 low 2.5 4y ago RHSA-2022:7472: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update (Low)
CVE-2022-2990 low 2.5 4y ago RHSA-2022:7822: container-tools:rhel8 security, bug fix, and enhancement update (Low)
CVE-2022-24736 low 2.5 4y ago RHSA-2022:7541: redis:6 security, bug fix, and enhancement update (Low)