CVSSv3 01/29/2022

CVSSv3 Base

≤10
≤20
≤31
≤478
≤514
≤625
≤711
≤811
≤93
≤101

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤34
≤475
≤514
≤635
≤74
≤88
≤93
≤101

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤20
≤35
≤480
≤512
≤621
≤712
≤811
≤91
≤102

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤30
≤44
≤52
≤63
≤76
≤83
≤94
≤101

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTICVE
1919927.37.3
 
 
 
 
GE Gas Power ToolBoxST Template File xml external entity reference0.07CVE-2021-44477
1919917.57.5
 
 
 
 
Fernhill SCADA Server FHSvrService.exe resource consumption0.05CVE-2022-21155
1919907.37.3
 
 
 
 
Backdoor.Win32.Tiny.c Service Port 7778 backdoor0.00
1919896.36.3
 
 
 
 
HackTool.Win32.Muzzer.a File heap-based overflow0.04
1919887.37.3
 
7.3
 
 
bmoor Incomplete Fix CVE-2020-7736 code injection0.00CVE-2021-23558
1919874.42.4
 
6.5
 
 
livehelperchat cross site scripting0.08CVE-2022-0395
1919866.03.5
 
8.5
 
 
calibreweb cross site scripting0.00CVE-2022-0352
1919853.53.5
 
 
 
 
H.H.G. Multistore Address Book cross site scripting0.05CVE-2021-46447
1919844.34.3
 
 
 
 
YzmCMS delete cross-site request forgery0.05CVE-2022-23887
1919833.53.5
 
 
 
 
Reolink RLC-410W JSON Command Parser cgiserver.cgi denial of service0.03CVE-2021-44372
1919828.57.3
 
9.8
 
 
zip-local Archive Extraction access control0.04CVE-2021-23484
1919813.53.5
 
 
 
 
Gibbon CMS cross site scripting0.09CVE-2022-22868
1919805.03.5
 
6.6
 
 
Synel eharmony cross site scripting0.08CVE-2022-22791
1919795.55.5
 
 
 
 
Reolink RLC-410W SetLocalLink API os command injection0.00CVE-2021-40411
1919785.55.5
 
 
 
 
Reolink RLC-410W SetLocal API os command injection0.08CVE-2021-40410
1919778.07.3
 
8.8
 
 
Pega password recovery0.00CVE-2021-27654
1919765.55.5
 
 
 
 
SuiteCRM file inclusion0.08CVE-2021-45898
1919754.34.3
 
 
 
 
YzmCMS init.html cross-site request forgery0.00CVE-2022-23888
1919747.36.3
 
8.4
 
 
vim out-of-bounds read0.00CVE-2022-0393
1919736.26.3
 
6.1
 
 
vim heap-based overflow0.06CVE-2022-0392
1919723.53.5
 
 
 
 
Reolink RLC-410W JSON Command Parser cgiserver.cgi denial of service0.05CVE-2021-44419
1919713.53.5
 
 
 
 
Reolink RLC-410W JSON Command Parser cgiserver.cgi denial of service0.07CVE-2021-44418
1919703.53.5
 
 
 
 
Reolink RLC-410W JSON Command Parser cgiserver.cgi denial of service0.00CVE-2021-44417
1919693.53.5
 
 
 
 
Reolink RLC-410W JSON Command Parser cgiserver.cgi denial of service0.00CVE-2021-44415
1919683.53.5
 
 
 
 
Reolink RLC-410W JSON Command Parser cgiserver.cgi denial of service0.07CVE-2021-44414
1919673.53.5
 
 
 
 
Reolink RLC-410W JSON Command Parser cgiserver.cgi denial of service0.04CVE-2021-44413
1919663.53.5
 
 
 
 
Reolink RLC-410W JSON Command Parser cgiserver.cgi denial of service0.00CVE-2021-44412
1919653.53.5
 
 
 
 
Reolink RLC-410W JSON Command Parser cgiserver.cgi denial of service0.05CVE-2021-44411
1919643.53.5
 
 
 
 
Reolink RLC-410W JSON Command Parser cgiserver.cgi denial of service0.06CVE-2021-44410
1919633.53.5
 
 
 
 
Reolink RLC-410W JSON Command Parser cgiserver.cgi denial of service0.06CVE-2021-44409
1919623.53.5
 
 
 
 
Reolink RLC-410W JSON Command Parser cgiserver.cgi denial of service0.07CVE-2021-44408
1919613.53.5
 
 
 
 
Reolink RLC-410W JSON Command Parser cgiserver.cgi denial of service0.06CVE-2021-44407
1919603.53.5
 
 
 
 
Reolink RLC-410W JSON Command Parser cgiserver.cgi denial of service0.00CVE-2021-44406
1919593.53.5
 
 
 
 
Reolink RLC-410W JSON Command Parser cgiserver.cgi denial of service0.09CVE-2021-44405
1919583.53.5
 
 
 
 
Reolink RLC-410W JSON Command Parser cgiserver.cgi denial of service0.04CVE-2021-44404
1919573.53.5
 
 
 
 
Reolink RLC-410W JSON Command Parser cgiserver.cgi denial of service0.00CVE-2021-44403
1919563.53.5
 
 
 
 
Reolink RLC-410W JSON Command Parser cgiserver.cgi denial of service0.03CVE-2021-44402
1919553.53.5
 
 
 
 
Reolink RLC-410W JSON Command Parser cgiserver.cgi denial of service0.00CVE-2021-44401
1919543.53.5
 
 
 
 
Reolink RLC-410W JSON Command Parser cgiserver.cgi denial of service0.04CVE-2021-44400
1919533.53.5
 
 
 
 
Reolink RLC-410W JSON Command Parser cgiserver.cgi denial of service0.00CVE-2021-44399
1919523.53.5
 
 
 
 
Reolink RLC-410W JSON Command Parser cgiserver.cgi denial of service0.07CVE-2021-44398
1919513.53.5
 
 
 
 
Reolink RLC-410W JSON Command Parser cgiserver.cgi denial of service0.04CVE-2021-44397
1919503.53.5
 
 
 
 
Reolink RLC-410W JSON Command Parser cgiserver.cgi denial of service0.05CVE-2021-44396
1919493.53.5
 
 
 
 
Reolink RLC-410W JSON Command Parser cgiserver.cgi denial of service0.00CVE-2021-44395
1919483.53.5
 
 
 
 
Reolink RLC-410W JSON Command Parser cgiserver.cgi denial of service0.00CVE-2021-44393
1919473.53.5
 
 
 
 
Reolink RLC-410W JSON Command Parser cgiserver.cgi denial of service0.00CVE-2021-44392
1919463.53.5
 
 
 
 
Reolink RLC-410W JSON Command Parser cgiserver.cgi denial of service0.04CVE-2021-44391
1919453.53.5
 
 
 
 
Reolink RLC-410W JSON Command Parser cgiserver.cgi denial of service0.04CVE-2021-44390
1919443.53.5
 
 
 
 
Reolink RLC-410W JSON Command Parser cgiserver.cgi denial of service0.03CVE-2021-44389
1919433.53.5
 
 
 
 
Reolink RLC-410W JSON Command Parser cgiserver.cgi denial of service0.08CVE-2021-44388

94 more entries are not shown

Do you know our Splunk app?

Download it now for free!