CVSSv2 04/06/2022

VulDB

≤10
≤20
≤32
≤48
≤56
≤66
≤715
≤817
≤95
≤100

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDVDBNVDVendResVulnerabilityCTICVE
1966084.0
 
 
 
OrangeHRM Share Video cross site scripting0.03CVE-2022-27107
1966075.2
 
 
 
Async mapValues access control0.41CVE-2021-43138
1966066.5
 
 
 
OrangeHRM Host Header injection0.03CVE-2022-27110
1966055.2
 
 
 
OrangeHRM Referer Header injection0.03CVE-2022-27109
1966047.5
 
 
 
PJSIP RTCP Feedback RPSI Packet pjmedia_rtcp_fb_parse_rpsi out-of-bounds write0.00CVE-2022-24786
1966035.0
 
 
 
PJSIP DNS Resolution buffer overflow0.00CVE-2022-24793
1966025.0
 
 
 
Fortinet FortiWAN HTTP Request cross site scripting0.00CVE-2021-32585
1966014.0
 
 
 
Fortinet FortiWeb path traversal0.06CVE-2021-41026
1966009.0
 
 
 
Fortinet FortiAuthenticator Command Line Interpreter os command injection0.03CVE-2021-26116
1965992.1
 
 
 
Fortinet FortiWan Password File inadequate encryption0.03CVE-2021-26113
1965989.0
 
 
 
Fortinet FortiManager/FortiAnalyzer/FortiPortal Command Line Interface os command injection0.13CVE-2021-26104
1965976.8
 
 
 
Fortinet FortiClient input validation0.00CVE-2021-22127
1965964.0
 
 
 
IBM Watson Query information disclosure0.03CVE-2022-22410
1965954.9
 
 
 
OrangeHRM createTimesheet authorization0.03CVE-2022-27108
1965946.5
 
 
 
libde265 heap-based overflow0.00CVE-2022-1253
1965936.8
 
 
 
Fortinet FortiEDR hard-coded key0.00CVE-2022-23440
1965929.0
 
 
 
Fortinet FortiWan HTTP sql injection0.23CVE-2021-26114
1965917.6
 
 
 
Fortinet FortiWan Network Daemon stack-based overflow0.05CVE-2021-26112
1965908.3
 
 
 
Fortinet FortiWan Web GUI os command injection0.07CVE-2021-24009
1965897.5
 
 
 
radare2 mach0.c r_str_ncpy heap-based overflow0.00CVE-2022-1240
1965887.5
 
 
 
radare2 ne.c heap-based overflow0.06CVE-2022-1238
1965877.5
 
 
 
radare2 array index0.00CVE-2022-1237
1965869.0
 
 
 
Fortinet FortiClient initialization0.39CVE-2021-44169
1965853.3
 
 
 
Fortinet FortiClient information disclosure0.03CVE-2021-43205
1965846.4
 
 
 
Fortinet FortiWan Dynamic Tunnel Protocol risky encryption0.00CVE-2021-32593
1965837.5
 
 
 
Google Chrome V8 type confusion0.54CVE-2022-1232
1965827.5
 
 
 
Fortinet FortiEDR hard-coded key0.03CVE-2022-23441
1965814.0
 
 
 
Fortinet FortiSandbox Sniffer Interface denial of service0.05CVE-2020-29013
1965803.3
 
 
 
Fortinet FortiEDR permission0.03CVE-2022-23446
1965795.0
 
 
 
livehelperchat cross site scripting0.03CVE-2022-1234
1965787.5
 
 
 
Digi Passport Location Header improper authentication0.03CVE-2022-26952
1965774.0
 
 
 
Apperta OpenEyes cross site scripting0.06CVE-2021-40374
1965766.5
 
 
 
Digi Passport reboot.asp buffer overflow0.03CVE-2022-26953
1965755.2
 
 
 
Synametrics Synaman HTTP Interface access control0.03CVE-2022-26251
1965745.2
 
 
 
Synametrics Synaman permission0.03CVE-2022-26250
1965735.2
 
 
 
HTCondor CLAIMTOBE Method improper authentication0.08CVE-2022-26110
1965724.6
 
 
 
HTCondor Network Data channel accessible0.03CVE-2021-45104
1965715.2
 
 
 
HTCondor S3 Cloud Storage access control0.03CVE-2021-45103
1965705.0
 
 
 
Ivanti Avalanche image information disclosure0.03CVE-2021-30497
1965694.0
 
 
 
Apperta OpenEyes Server Response information exposure0.05CVE-2021-40375
1965686.5
 
 
 
Payroll Management System sql injection0.03CVE-2022-28468
1965676.5
 
 
 
Online Student Admission sql injection0.03CVE-2022-28467
1965666.5
 
 
 
Online Banking System sql injection0.05CVE-2022-28116
1965656.5
 
 
 
Online Sports Complex Booking sql injection0.06CVE-2022-28115
1965646.5
 
 
 
Student Grading System sql injection0.03CVE-2022-27304
1965636.5
 
 
 
Insurance Management System sql injection0.05CVE-2022-27124
1965626.5
 
 
 
Employee Performance Evaluation sql injection0.03CVE-2022-27123
1965616.5
 
 
 
Matrimony sql injection0.03CVE-2022-26628
1965602.7
 
 
 
Apache Pinot Pinot Table recursion0.03CVE-2022-23974
1965597.5
 
 
 
Microsoft Edge Remote Code Execution0.10CVE-2022-26912

9 more entries are not shown

Might our Artificial Intelligence support you?

Check our Alexa App!