CVSSv3 01/14/2022

CVSSv3 Base

≤10
≤20
≤30
≤418
≤515
≤627
≤719
≤870
≤916
≤102

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤30
≤418
≤515
≤629
≤719
≤873
≤911
≤102

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤20
≤30
≤410
≤544
≤611
≤779
≤87
≤914
≤102

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤415
≤50
≤66
≤74
≤862
≤90
≤101

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤30
≤420
≤53
≤65
≤721
≤875
≤921
≤105

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTICVE
1904627.36.3
 
8.3
 
 
Dolibarr ERP SQL Command sql injection0.00CVE-2022-0224
1904617.37.3
 
 
 
 
Imperva Web Application Firewall HTTP POST Request encoding error0.40CVE-2021-45468
1904605.55.5
 
 
 
 
Ray-Ban Stories Device Software Video Capture access control0.00CVE-2021-24046
1904595.44.3
 
6.5
 
 
Parity Frontier Debug Build integer underflow0.00CVE-2022-21685
1904586.45.3
 
7.5
 
 
Marked Regular Expression resource consumption0.00CVE-2022-21681
1904576.45.3
 
7.5
 
 
marked Regular Expression resource consumption0.05CVE-2022-21680
1904564.34.3
 
4.3
 
 
Discourse Group Member information disclosure0.00CVE-2022-21677
1904556.36.3
 
 
 
 
NUUO NVRMini2 TAR Archive handle_import_user.php improper authentication0.17CVE-2022-23227
1904544.24.3
 
4.0
 
 
IBM Sterling Gentran:Server log file0.00CVE-2021-39032
1904538.07.2
 
8.8
 
 
October CMS Theme Import injection0.07CVE-2021-32650
1904528.07.2
 
8.8
 
 
October CMS Twig Code injection0.00CVE-2021-32649
1904516.56.3
 
6.8
 
 
vim heap-based overflow0.00CVE-2022-0213
1904507.06.3
 
7.8
 
 
TeamViewer TVS File Parser out-of-bounds read0.23CVE-2021-34858
1904497.36.37.87.8
 
 
Bentley View JT File Parser out-of-bounds write0.00CVE-2021-34873
1904487.36.37.87.8
 
 
Bentley View JT File Parser use after free0.00CVE-2021-34922
1904473.64.33.33.3
 
 
Bentley View JP2 File Parser use after free0.00CVE-2021-34884
1904464.63.5
 
5.7
 
 
livehelperchat cross-site request forgery0.00CVE-2022-0231
1904455.24.3
 
6.1
 
 
AlCoda NetBiblio WebOPAC Search cross site scripting0.00CVE-2021-42551
1904445.55.5
 
 
 
 
China Mobile An Lianbao WF-1 Web Interface pop_usb_device os command injection0.00CVE-2021-33962
1904436.16.3
 
5.9
 
 
parsec default permission0.00CVE-2021-36781
1904426.24.36.18.1
 
 
Adobe AEM Form Field cross site scripting0.00CVE-2021-44177
1904416.24.36.18.1
 
 
Adobe AEM Form Field cross site scripting0.00CVE-2021-44176
1904406.24.36.18.1
 
 
Adobe AEM Form Field cross site scripting0.00CVE-2021-43765
1904395.63.55.48.0
 
 
Adobe AEM Form Field cross site scripting0.00CVE-2021-43764
1904385.73.5
 
8.0
 
 
Adobe AEM Form Field cross site scripting0.06CVE-2021-43761
1904376.46.3
 
6.5
 
 
Asus RT-AX56U URL Parameter path traversal0.08CVE-2022-22054
1904364.64.6
 
 
 
 
eyouCMS denial of service0.00CVE-2021-46255
1904357.98.8
 
7.0
 
 
Panda Free Antivirus Named Pipe unnecessary privileges0.00CVE-2021-34998
1904344.34.3
 
 
 
 
Reprise License Manager activate_process cross site scripting0.00CVE-2021-45422
1904336.36.3
 
6.3
 
 
Snipe-IT access control0.05CVE-2022-0178
1904327.06.3
 
7.8
 
 
Western Digital My Cloud OS DNS os command injection0.00CVE-2022-22991
1904317.15.3
 
9.0
 
 
Western Digital My Cloud OS FTP Service issues.c stack-based overflow0.06CVE-2022-22989
1904305.34.36.15.4
 
 
Adobe AEM URL cross site scripting0.05CVE-2021-44178
1904296.56.5
 
6.5
 
 
Adobe AEM Dispatcher input validation0.00CVE-2021-43762
1904287.56.3
 
8.8
 
 
Netgear R7000 SOAP Request authentication bypass0.00CVE-2021-34977
1904275.55.5
 
 
 
 
Dahua IP Camera/PTZ Dome Camera password recovery0.23CVE-2021-33046
1904265.55.5
 
 
 
 
jpress doUploadAndInstall Privilege Escalation0.00CVE-2021-45807
1904254.53.55.5
 
 
 
GPAC MP4Box hint_track.c gf_isom_get_payt_count null pointer dereference0.05CVE-2021-40576
1904244.53.55.5
 
 
 
GPAC MP4Box reframe_mpgvid.c mpgviddmx_process null pointer dereference0.07CVE-2021-40575
1904234.53.55.5
 
 
 
GPAC MP4Box list.c gf_list_del denial of service0.00CVE-2021-40573
1904224.53.55.5
 
 
 
GPAC MP4Box reframe_av1.c av1dmx_finalize denial of service0.00CVE-2021-40572
1904218.57.3
 
9.8
 
 
Adobe AEM Forms Cloud Service xml external entity reference0.00CVE-2021-40722
1904208.18.1
 
8.1
 
 
QNAP QVR Elite/QVR Pro/QVR Guard stack-based overflow0.06CVE-2021-38692
1904198.18.1
 
8.1
 
 
QNAP QVR Elite/QVR Pro/QVR Guard stack-based overflow0.06CVE-2021-38691
1904188.18.1
 
8.1
 
 
QNAP QVR Elite/QVR Pro/QVR Guard stack-based overflow0.00CVE-2021-38690
1904178.18.1
 
8.1
 
 
QNAP QVR Elite/QVR Pro/QVR Guard buffer overflow0.00CVE-2021-38689
1904168.18.1
 
8.1
 
 
QNAP QVR Elite/QVR Pro/QVR Guard buffer overflow0.00CVE-2021-38682
1904155.75.4
 
6.1
 
 
QNAP QcalAgent redirect0.00CVE-2021-38678
1904144.23.1
 
5.3
 
 
QNAP QcalAgent cross site scripting0.00CVE-2021-38677
1904133.53.5
 
 
 
 
GPAC gf_list_last denial of service0.00CVE-2021-45760

117 more entries are not shown

Might our Artificial Intelligence support you?

Check our Alexa App!