CVSSv3 02/08/2022

CVSSv3 Base

≤10
≤20
≤34
≤412
≤516
≤624
≤716
≤816
≤920
≤103

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤35
≤413
≤519
≤625
≤720
≤824
≤92
≤103

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤20
≤35
≤413
≤522
≤619
≤717
≤810
≤922
≤103

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤30
≤40
≤53
≤612
≤78
≤830
≤910
≤100

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤52
≤69
≤73
≤828
≤96
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTIEPSSCVE
1925815.04.3
 
5.35.3
 
Microsoft Outlook information disclosure0.040.02844CVE-2022-23280
1925808.18.8
 
7.87.8
 
Microsoft SQL Server Privilege Escalation0.030.01150CVE-2022-23276
1925797.66.3
 
8.38.3
 
Microsoft Dynamics GP Privilege Escalation0.020.01967CVE-2022-23274
1925786.86.3
 
7.17.1
 
Microsoft Dynamics GP Privilege Escalation0.030.01150CVE-2022-23273
1925778.38.8
 
8.18.1
 
Microsoft Dynamics GP Privilege Escalation0.080.01150CVE-2022-23272
1925765.84.3
 
6.56.5
 
Microsoft Dynamics GP information disclosure0.060.01150CVE-2022-23271
1925756.65.9
 
6.96.9
 
Microsoft Dynamics GP Privilege Escalation0.030.02251CVE-2022-23269
1925717.56.3
 
8.18.1
 
Microsoft Azure Data Explorer Remote Code Execution0.000.02251CVE-2022-23256
1925705.34.1
 
5.95.9
 
Microsoft OneDrive Local Privilege Escalation0.030.02251CVE-2022-23255
1925694.22.7
 
4.94.9
 
Microsoft PowerBI-Client JS SDK information disclosure0.040.01150CVE-2022-23254
1925685.14.3
 
5.55.5
 
Microsoft Office information disclosure0.030.01150CVE-2022-23252
1925678.18.8
 
7.87.8
 
Microsoft Windows Print Spooler Privilege Escalation0.060.01150CVE-2022-22718
1925667.27.5
 
7.07.0
 
Microsoft Windows Print Spooler Privilege Escalation0.060.01178CVE-2022-22717
1925655.14.3
 
5.55.5
 
Microsoft Office Excel information disclosure0.030.02844CVE-2022-22716
1925648.18.8
 
7.87.8
 
Microsoft Windows Named Pipe File System Privilege Escalation0.030.01150CVE-2022-22715
1925635.86.3
 
5.65.6
 
Microsoft Windows Hyper-V denial of service0.000.01150CVE-2022-22712
1925625.86.5
 
5.55.5
 
Microsoft Windows Common Log File System Driver denial of service0.030.01150CVE-2022-22710
1925618.18.8
 
7.87.8
 
Microsoft VP9 Video Extensions Remote Code Execution0.030.01528CVE-2022-22709
1925608.88.8
 
8.88.8
 
Microsoft SharePoint Server Privilege Escalation0.040.04550CVE-2022-22005
1925597.36.3
 
7.87.8
 
Microsoft ClickToRun Remote Code Execution0.030.01528CVE-2022-22004
1925587.36.3
 
7.87.8
 
Microsoft Office Graphics Remote Code Execution0.020.01528CVE-2022-22003
1925575.86.5
 
5.55.5
 
Microsoft Windows User Account Profile Picture denial of service0.060.01178CVE-2022-22002
1925568.18.8
 
7.87.8
 
Microsoft Windows Remote Access Connection Manager Privilege Escalation0.030.01150CVE-2022-22001
1925558.18.8
 
7.87.8
 
Microsoft Windows Common Log File System Driver Privilege Escalation0.050.01150CVE-2022-22000
1925548.18.8
 
7.87.8
 
Microsoft Windows Print Spooler Privilege Escalation0.060.07627CVE-2022-21999
1925535.14.3
 
5.55.5
 
Microsoft Windows Common Log File System Driver information disclosure0.030.01150CVE-2022-21998
1925527.78.8
 
7.17.1
 
Microsoft Windows Print Spooler Privilege Escalation0.030.01150CVE-2022-21997
1925518.18.8
 
7.87.8
 
Microsoft Windows Win32k Privilege Escalation0.040.01150CVE-2022-21996
1925507.97.9
 
7.97.9
 
Microsoft Windows Hyper-V Remote Code Execution0.030.01528CVE-2022-21995
1925498.18.8
 
7.87.8
 
Microsoft Windows DWM Core Library Privilege Escalation0.030.01150CVE-2022-21994
1925486.45.3
 
 
7.5
 
Microsoft Windows Services for NFS ONCRPC XDR Driver information disclosure0.050.02251CVE-2022-21993
1925478.18.8
 
7.87.8
 
Microsoft Windows Mobile Device Management Remote Code Execution0.040.01528CVE-2022-21992
1925468.18.1
 
8.18.1
 
Microsoft Visual Studio Code Remote Development Extension Remote Code Execution0.040.01601CVE-2022-21991
1925458.08.5
 
7.87.8
 
Microsoft Windows Kernel Privilege Escalation0.000.01150CVE-2022-21989
1925447.36.3
 
7.87.8
 
Microsoft Office Visio Remote Code Execution0.020.04475CVE-2022-21988
1925438.08.0
 
8.08.0
 
Microsoft SharePoint Server Privilege Escalation0.040.01150CVE-2022-21987
1925426.85.3
 
7.57.5
 
Microsoft .NET denial of service0.040.03678CVE-2022-21986
1925415.14.3
 
5.55.5
 
Microsoft Windows information disclosure0.040.01150CVE-2022-21985
1925408.88.8
 
8.88.8
 
Microsoft Windows DNS Server Privilege Escalation0.030.01967CVE-2022-21984
1925398.18.8
 
7.87.8
 
Microsoft Windows Common Log File System Driver Privilege Escalation0.000.01150CVE-2022-21981
1925388.18.8
 
7.87.8
 
Microsoft Windows Roaming Security Rights Management Services Remote Code Execution0.020.12761CVE-2022-21974
1925378.18.8
 
7.87.8
 
Microsoft Windows Runtime Remote Code Execution0.000.12761CVE-2022-21971
1925364.34.3
 
4.34.3
 
Microsoft SharePoint information disclosure0.030.01150CVE-2022-21968
1925356.85.3
 
7.57.5
 
Microsoft Teams/Teams Admin Center denial of service0.040.02251CVE-2022-21965
1925347.27.2
 
7.27.2
 
Microsoft Microsoft Dynamics 365 Privilege Escalation0.030.01967CVE-2022-21957
1925338.18.8
 
7.87.8
 
Microsoft HEVC Video Extensions Remote Code Execution0.000.04475CVE-2022-21927
1925328.18.8
 
7.87.8
 
Microsoft HEVC Video Extensions Remote Code Execution0.030.04475CVE-2022-21926
1925318.18.8
 
7.87.8
 
Microsoft HEVC Video Extensions Remote Code Execution0.040.04475CVE-2022-21844
1925113.93.5
 
4.3
 
 
pimcore cross site scripting0.000.00885CVE-2022-0510
1925104.34.3
 
 
 
 
Gitea API cross-site request forgery0.060.00954CVE-2021-45326

61 more entries are not shown

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!