CVSSv3 01/26/2022

CVSSv3 Base

≤10
≤20
≤31
≤414
≤536
≤621
≤749
≤819
≤93
≤100

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤33
≤412
≤536
≤653
≤717
≤820
≤92
≤100

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤20
≤32
≤418
≤539
≤616
≤749
≤815
≤94
≤100

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤31
≤40
≤53
≤65
≤78
≤87
≤98
≤101

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTICVE
1917494.34.3
 
 
 
 
Apple Safari WebKit Storage unknown vulnerability1.15CVE-2022-22594
1917486.36.3
 
 
 
 
Apple Safari WebKit Remote Code Execution0.80CVE-2022-22589
1917476.36.3
 
 
 
 
Apple Safari WebKit state issue0.71CVE-2022-22592
1917466.36.3
 
 
 
 
Apple Safari WebKit use after free0.80CVE-2022-22590
1917454.34.3
 
 
 
 
Apple macOS WebKit Storage unknown vulnerability0.62CVE-2022-22594
1917446.36.3
 
 
 
 
Apple macOS WebKit state issue0.44CVE-2022-22592
1917436.36.3
 
 
 
 
Apple macOS WebKit use after free0.44CVE-2022-22590
1917426.36.3
 
 
 
 
Apple macOS WebKit Remote Code Execution0.71CVE-2022-22589
1917415.35.3
 
 
 
 
Apple macOS PackageKit permission0.44CVE-2022-22583
1917406.36.3
 
 
 
 
Apple macOS Model I/O Remote Code Execution0.54CVE-2022-22579
1917397.87.8
 
 
 
 
Apple macOS Kernel buffer overflow0.36CVE-2022-22593
1917387.87.8
 
 
 
 
Apple macOS IOMobileFrameBuffer memory corruption0.36CVE-2022-22587
1917377.87.8
 
 
 
 
Apple macOS Intel Graphics Driver memory corruption0.54CVE-2022-22591
1917365.35.3
 
 
 
 
Apple macOS iCloud symlink0.36CVE-2022-22585
1917357.87.8
 
 
 
 
Apple macOS Crash Reporter Local Privilege Escalation0.09CVE-2022-22578
1917346.36.3
 
 
 
 
Apple macOS ColorSync memory corruption0.07CVE-2022-22584
1917337.87.8
 
 
 
 
Apple macOS AMD Kernel out-of-bounds write0.89CVE-2022-22586
1917324.34.3
 
 
 
 
Apple tvOS WebKit Storage unknown vulnerability0.54CVE-2022-22594
1917316.36.3
 
 
 
 
Apple tvOS WebKit Remote Code Execution0.49CVE-2022-22589
1917306.36.3
 
 
 
 
Apple tvOS WebKit state issue0.25CVE-2022-22592
1917296.36.3
 
 
 
 
Apple tvOS WebKit use after free0.54CVE-2022-22590
1917286.36.3
 
 
 
 
Apple tvOS Model I/O Remote Code Execution0.27CVE-2022-22579
1917277.87.8
 
 
 
 
Apple tvOS Kernel buffer overflow0.54CVE-2022-22593
1917265.35.3
 
 
 
 
Apple tvOS iCloud symlink0.33CVE-2022-22585
1917257.87.8
 
 
 
 
Apple tvOS Crash Reporter Local Privilege Escalation0.72CVE-2022-22578
1917246.36.3
 
 
 
 
Apple tvOS ColorSync memory corruption0.81CVE-2022-22584
1917234.34.3
 
 
 
 
Apple watchOS WebKit Storage unknown vulnerability0.86CVE-2022-22594
1917226.36.3
 
 
 
 
Apple watchOS WebKit Remote Code Execution0.74CVE-2022-22589
1917216.36.3
 
 
 
 
Apple watchOS WebKit state issue0.74CVE-2022-22592
1917206.36.3
 
 
 
 
Apple watchOS WebKit use after free0.77CVE-2022-22590
1917197.87.8
 
 
 
 
Apple watchOS Kernel buffer overflow0.27CVE-2022-22593
1917185.35.3
 
 
 
 
Apple watchOS iCloud symlink1.08CVE-2022-22585
1917177.87.8
 
 
 
 
Apple watchOS Crash Reporter Local Privilege Escalation0.81CVE-2022-22578
1917166.36.3
 
 
 
 
Apple watchOS ColorSync memory corruption0.61CVE-2022-22584
1917154.34.3
 
 
 
 
Apple iOS/iPadOS WebKit Storage unknown vulnerability0.53CVE-2022-22594
1917146.36.3
 
 
 
 
Apple iOS/iPadOS WebKit state issue0.36CVE-2022-22592
1917136.36.3
 
 
 
 
Apple iOS/iPadOS WebKit use after free0.80CVE-2022-22590
1917126.36.3
 
 
 
 
Apple iOS/iPadOS WebKit Remote Code Execution0.53CVE-2022-22589
1917116.36.3
 
 
 
 
Apple iOS/iPadOS Model I/O Remote Code Execution0.44CVE-2022-22579
1917107.87.8
 
 
 
 
Apple iOS/iPadOS Kernel buffer overflow0.27CVE-2022-22593
1917097.87.8
 
 
 
 
Apple iOS/iPadOS IOMobileFrameBuffer memory corruption4.35CVE-2022-22587
1917085.35.3
 
 
 
 
Apple iOS/iPadOS iCloud symlink0.09CVE-2022-22585
1917077.87.8
 
 
 
 
Apple iOS/iPadOS Crash Reporter Local Privilege Escalation0.62CVE-2022-22578
1917066.36.3
 
 
 
 
Apple iOS/iPadOS ColorSync memory corruption1.33CVE-2022-22584
1916976.24.3
 
8.1
 
 
Microweber cross site scripting0.99CVE-2022-0379
1916965.74.3
 
7.1
 
 
Microweber cross site scripting0.72CVE-2022-0378
1916956.36.3
 
 
 
 
Acer Care Center ListCheck.exe untrusted search path0.45CVE-2021-45975
1916943.53.5
 
 
 
 
BuddyBoss cross site scripting0.74CVE-2021-43334
1916936.45.3
 
7.5
 
 
crater-invoice access control0.18CVE-2022-0203
1916925.55.5
 
 
 
 
libexpat doProlog integer overflow0.99CVE-2022-23990

93 more entries are not shown

Do you know our Splunk app?

Download it now for free!