CVSSv3 02/09/2022

CVSSv3 Base

≤10
≤20
≤31
≤47
≤59
≤617
≤725
≤86
≤91
≤101

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤32
≤46
≤59
≤620
≤726
≤82
≤91
≤101

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤20
≤33
≤410
≤510
≤623
≤715
≤84
≤92
≤100

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤50
≤63
≤71
≤812
≤90
≤100

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤32
≤40
≤53
≤60
≤710
≤83
≤94
≤101

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTICVE
1926489.38.8
 
9.9
 
 
Dell EMC Integrated System for Microsoft Azure Stack Hub privileges management0.05CVE-2021-36302
1926475.84.36.56.5
 
 
chatwoot privileges management0.06CVE-2021-3813
1926463.74.7
 
2.7
 
 
ArangoDB Foxx Service server-side request forgery0.00CVE-2021-25939
1926455.05.0
 
 
 
 
Gitea TOTP improper authentication0.00CVE-2021-45331
1926444.34.3
 
 
 
 
D-Link IR-X1860 URL denial of service0.00CVE-2021-41441
1926435.94.37.5
 
 
 
Jenkins XStream Converter protection mechanism0.16CVE-2022-0538
1926423.53.5
 
 
 
 
Cybele Thinfinity VirtualUI information disclosure0.04CVE-2021-46354
1926414.53.55.34.6
 
 
F-Secure Antivirus ACE Decompression denial of service0.05CVE-2021-40837
1926404.43.55.4
 
 
 
TastyIgniter 1 cross site scripting0.00CVE-2022-23378
1926395.34.35.46.3
 
 
ptrofimov beanstalk_console cross site scripting0.00CVE-2022-0539
1926385.65.6
 
 
 
 
Gitea session expiration0.00CVE-2021-45330
1926373.53.5
 
 
 
 
Siemens Spectrum Power Online Help cross site scripting0.05CVE-2022-23312
1926366.65.57.8
 
 
 
Siemens Simcenter Femap NEU File Parser out-of-bounds write0.00CVE-2021-46161
1926356.65.57.8
 
 
 
Siemens Simcenter Femap NEU File Parser out-of-bounds write0.00CVE-2021-46160
1926346.65.57.8
 
 
 
Siemens Simcenter Femap NEU File Parser out-of-bounds write0.00CVE-2021-46159
1926336.65.57.8
 
 
 
Siemens Simcenter Femap NEU File Parser stack-based overflow0.00CVE-2021-46158
1926326.65.57.8
 
 
 
Siemens Simcenter Femap NEU File Parser memory corruption0.00CVE-2021-46157
1926316.65.57.8
 
 
 
Siemens Simcenter Femap NEU File Parser out-of-bounds write0.00CVE-2021-46156
1926306.65.57.8
 
 
 
Siemens Simcenter Femap NEU File Parser stack-based overflow0.00CVE-2021-46155
1926296.65.57.8
 
 
 
Siemens Simcenter Femap NEU File Parser stack-based overflow0.00CVE-2021-46154
1926286.65.57.8
 
 
 
Siemens Simcenter Femap NEU File Parser memory corruption0.05CVE-2021-46153
1926276.65.57.8
 
 
 
Siemens Simcenter Femap NEU File Parser type confusion0.06CVE-2021-46152
1926266.65.57.8
 
 
 
Siemens Simcenter Femap NEU File Parser out-of-bounds write0.06CVE-2021-46151
1926256.36.3
 
 
 
 
Siemens SICAM TOOLBOX II Database Service hard-coded credentials0.00CVE-2021-45106
1926245.55.5
 
 
 
 
Siemens JT2Go PAR File Parser plmxmlAdapterSE70.dll out-of-bounds read0.06CVE-2021-44018
1926235.55.5
 
 
 
 
Siemens JT2Go PAR File Parser plmxmlAdapterSE70.dll memory corruption0.00CVE-2021-44016
1926225.55.5
 
 
 
 
Siemens JT2Go PAR File Parser plmxmlAdapterSE70.dll heap-based overflow0.05CVE-2021-44000
1926215.55.5
 
 
 
 
Siemens COMOS Web unrestricted upload0.05CVE-2021-37194
1926203.13.1
 
 
 
 
Siemens SIMATIC PCS 7/SIMATIC WinCC Project File file information disclosure0.06CVE-2021-40363
1926195.55.5
 
 
 
 
Siemens SINEMA Remote Connect Server redirect0.05CVE-2022-23102
1926186.56.5
 
 
 
 
Siemens SIMATIC Drive Controller Service Port 102 tcp memory leak0.00CVE-2021-37205
1926176.56.5
 
 
 
 
Siemens SIMATIC Drive Controller Service Port 102 operation after expiration0.05CVE-2021-37204
1926164.34.3
 
 
 
 
Siemens SIMATIC Drive Controller Service Port 102 operation after expiration0.09CVE-2021-37185
1926153.13.1
 
 
 
 
Siemens SIMATIC PCS 7/SIMATIC WinCC Public API unknown vulnerability0.00CVE-2021-40360
1926145.55.5
 
 
 
 
XpressEngine XE Normal Button unrestricted upload0.00CVE-2021-44912
1926135.55.5
 
 
 
 
XpressEngine XE menu.admin.controller.php unrestricted upload0.00CVE-2021-44911
1926126.36.3
 
 
 
 
Composr CMS unrestricted upload0.09CVE-2021-46360
1926112.62.6
 
2.6
 
 
follow-redirects information disclosure0.10CVE-2022-0536
1926108.38.8
 
7.8
 
 
ESET Endpoint Antivirus Pipe access control0.05CVE-2021-37852
1926097.37.3
 
 
 
 
Backdoor.Win32.Freddy.2001 Service Port 19535 improper authentication0.04
1926087.37.3
 
 
 
 
Backdoor.Win32.Prexot.a TCP Service hard-coded credentials0.00
1926076.36.3
 
 
 
 
Backdoor.Win32.Frauder.jt permission0.00
1926067.37.3
 
 
 
 
Backdoor.Win32.XRat.k Service Port 20888 backdoor0.00
1926056.36.3
 
 
 
 
Backdoor.Win32.Prexot.a TCP Service server-side request forgery0.03
1926047.37.3
 
 
 
 
Backdoor.Win32.Wdoor.11 Service Port 80 backdoor0.06
1926034.22.4
 
6.1
 
 
chatwoot cross site scripting0.00CVE-2022-0527
1926025.43.5
 
7.3
 
 
chatwoot cross site scripting0.00CVE-2022-0526
1926013.53.5
 
 
 
 
Gitea Repository cross site scripting0.00CVE-2021-45329
1926004.52.6
 
6.5
 
 
Grafana Backend Plugin cross site scripting0.05CVE-2022-21702
1925993.53.5
 
 
 
 
Studio 42 elFinder SVG Document cross site scripting0.00CVE-2021-45919

17 more entries are not shown

Do you need the next level of professionalism?

Upgrade your account now!