CVSSv3 02/07/2022

CVSSv3 Base

≤10
≤20
≤32
≤45
≤57
≤65
≤74
≤82
≤90
≤101

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤32
≤45
≤57
≤66
≤73
≤82
≤90
≤101

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤20
≤33
≤45
≤56
≤65
≤74
≤82
≤91
≤100

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤31
≤41
≤53
≤62
≤73
≤81
≤90
≤101

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTICVE
1924482.62.6
 
 
 
 
SEUR Oficial Plugin file access0.00CVE-2021-25004
1924477.47.1
 
7.7
 
 
Microsoft Edge Privilege Escalation0.00CVE-2022-23263
1924466.36.3
 
6.3
 
 
Microsoft Edge Remote Code Execution0.07CVE-2022-23262
1924454.84.3
 
5.3
 
 
Microsoft Edge unknown vulnerability0.00CVE-2022-23261
1924445.55.5
 
 
 
 
IIPImage High Resolution Streaming Image Server iipsrv.fcgi integer overflow0.00CVE-2021-46389
1924433.53.5
 
 
 
 
FISCO-BCOS Transaction denial of service0.07CVE-2021-46359
1924423.53.5
 
 
 
 
XMPie uStore Report information disclosure0.00CVE-2022-23320
1924413.12.4
 
3.8
 
 
OTRS Regular Expression cross site scripting0.00CVE-2022-0473
1924402.42.4
 
2.4
 
 
OTRS Contact information disclosure0.07CVE-2022-0474
1924394.34.3
 
 
 
 
Servisnet Tessa app.js information disclosure0.26CVE-2022-22833
1924384.94.9
 
 
 
 
Octopus Server HTTP Binding redirect0.00CVE-2022-23184
1924375.55.5
 
 
 
 
StarWind SAN/NAS password recovery0.07CVE-2022-24551
1924365.35.3
 
5.3
 
 
Synology DiskStation Manager Web Server information disclosure0.07CVE-2022-22680
1924355.03.5
 
6.5
 
 
Synology DiskStation Manager Work Flow Management cross site scripting0.07CVE-2021-43929
1924349.38.8
 
9.9
 
 
Synology Mail Station os command injection0.07CVE-2021-43928
1924334.74.7
 
4.7
 
 
Synology DiskStation Manager sql injection0.07CVE-2021-43927
1924324.74.7
 
4.7
 
 
Synology DiskStation Manager Log Management sql injection0.07CVE-2021-43926
1924314.74.7
 
4.7
 
 
Synology DiskStation Manager sql injection0.20CVE-2021-43925
1924306.36.3
 
 
 
 
Servisnet Tessa improper authorization0.13CVE-2022-22832
1924295.55.5
 
 
 
 
Servisnet Tessa HTTP Header improper authorization0.13CVE-2022-22831
1924288.08.0
 
 
 
 
Korenix JetWave syscmd.asp Privilege Escalation0.07CVE-2021-39280
1924273.53.5
 
 
 
 
StarWind iSCSI SAN memory leak0.13CVE-2013-20004
1924263.53.5
 
 
 
 
StarWind iSCSI SAN Socket resource consumption0.08CVE-2007-20001
1924256.46.3
 
6.5
 
 
Synology DiskStation Manager Support Service Management path traversal0.08CVE-2022-22679
1924246.36.3
 
 
 
 
StarWind SAN/NAS Virtual Disk Management Command Privilege Escalation0.26CVE-2022-24552
1924235.65.6
 
 
 
 
Ruby CGI.escape_html integer overflow0.08CVE-2021-41816

Might our Artificial Intelligence support you?

Check our Alexa App!