CVSSv3 02/12/2022

CVSSv3 Base

≤10
≤20
≤32
≤415
≤525
≤626
≤725
≤88
≤90
≤101

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤32
≤415
≤525
≤639
≤714
≤86
≤90
≤101

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤21
≤32
≤420
≤515
≤636
≤721
≤86
≤90
≤101

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤50
≤62
≤70
≤82
≤90
≤103

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤31
≤411
≤55
≤65
≤76
≤84
≤94
≤101

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTIEPSSCVE
1930093.53.5
 
 
 
 
Projeqtor SVG File saveAttachment.php cross site scripting0.050.00885CVE-2021-42940
1930085.23.1
 
7.4
 
 
Action Pack Web Request Executor information disclosure0.030.00954CVE-2022-23633
1930074.34.3
 
 
 
 
Magnolia CMS Login Page cross-site request forgery0.000.00885CVE-2021-46366
1930065.55.5
 
 
 
 
Magnolia CMS Snake YAML Parser Privilege Escalation0.080.01005CVE-2021-46364
1930055.55.5
 
 
 
 
Magnolia CMS Freemark Filter Privilege Escalation0.040.01440CVE-2021-46361
1930045.04.3
 
5.7
 
 
Samsung SmartTagPlugin cross site scripting0.040.00885CVE-2022-24926
1930034.75.3
 
4.0
 
 
Ssamsung SearchWidget Webview access control0.050.00885CVE-2022-24923
1930024.65.3
 
3.9
 
 
Samsung Smartphone KnoxPrivacyNoticeReceiver access control0.070.00885CVE-2022-24000
1930014.65.3
 
3.9
 
 
Samsung Smartphone CpaReceiver KnoxPrivacyNoticeReceiver access control0.000.00885CVE-2022-23999
1930006.36.3
 
 
 
 
KDE Kate/KTextEditor LSP Plugin Remote Code Execution0.030.00885CVE-2022-23853
1929993.53.5
 
 
 
 
Kibana Index Pattern cross site scripting0.030.00885CVE-2022-23707
1929984.65.3
 
3.9
 
 
Samsung Smartphone KnoxPrivacyNoticeReceiver access control0.030.00885CVE-2022-23427
1929975.35.3
 
 
 
 
Acronis VSS Doctor uncontrolled search path0.080.00885CVE-2022-0483
1929965.03.5
 
6.5
 
 
TCMAN GIM cross site scripting0.040.00885CVE-2021-4046
1929954.62.4
 
6.8
 
 
Wocu Monitoring TinyMCE Rich-Text Editor cross site scripting0.040.00885CVE-2021-4035
1929945.35.3
 
 
 
 
Google Android Fastboot config0.040.01036CVE-2021-39672
1929935.55.5
 
 
 
 
Google Android CA Installation InstallCaCertificateWarning.java onCreate improper restriction of rendered ui layers0.040.01036CVE-2021-39669
1929925.35.3
 
 
 
 
Google Android DetailDialog.kt onActivityViewReady access control0.030.01036CVE-2021-39668
1929916.55.37.8
 
 
 
Google Android MediaProvider.java checkUriPermission permission0.060.01036CVE-2021-39662
1929905.05.0
 
 
 
 
Mellium xmpp Websocket certificate validation0.050.00885CVE-2022-24968
1929895.55.5
 
 
 
 
Magnolia CMS Export injection0.050.00885CVE-2021-46365
1929885.55.5
 
 
 
 
Magnolia CMS Export csv injection0.050.01005CVE-2021-46363
1929876.36.3
 
 
 
 
Magnolia CMS Registration/Forgotten Password injection0.060.01440CVE-2021-46362
1929869.89.8
 
9.8
 
 
vm2 sandbox0.060.01440CVE-2021-23555
1929854.85.3
 
4.2
 
 
Samsung Video Player Privilege Management privileges management0.020.00885CVE-2022-24927
1929844.44.4
 
4.4
 
 
Samsung Smartphone SettingsProvider input validation0.000.00885CVE-2022-24925
1929833.85.3
 
2.2
 
 
Samsung Smartphone LiveWallpaperService access control0.000.04499CVE-2022-24924
1929823.63.3
 
4.0
 
 
Samsung Bixby Vision information disclosure0.040.00885CVE-2022-24003
1929814.75.3
 
4.0
 
 
Samsung Smartphone Link Sharing PreconditionActivity improper authorization0.080.00885CVE-2022-24002
1929806.05.9
 
6.2
 
 
Samsung Smartphone Camera access control0.040.00885CVE-2022-23998
1929794.75.3
 
4.0
 
 
Samsung Wear OS Theater Mode StTheaterModeDurationAlarmReceiver access control0.030.00885CVE-2022-23997
1929784.75.3
 
4.0
 
 
Samsung Wear OS Bedtime access control0.070.00885CVE-2022-23996
1929774.75.3
 
4.0
 
 
Samsung Wear OS StBedtimeModeAlarmReceiver access control0.030.00885CVE-2022-23995
1929764.35.3
 
3.3
 
 
Samsung Wear OS StBedtimeModeReceiver access control0.000.00885CVE-2022-23994
1929754.64.8
 
4.4
 
 
Samsung Bixby code injection0.000.00885CVE-2022-23434
1929745.35.3
 
5.3
 
 
Samsung Smartphone Audio HAL Service out-of-bounds0.030.00885CVE-2022-23429
1929735.46.3
 
4.4
 
 
Samsung Smartphone DeX Home/DeX for PC code injection0.040.00885CVE-2022-23426
1929727.97.3
 
8.6
 
 
Samsung Smartphone Base Station input validation0.040.00885CVE-2022-23425
1929717.57.8
 
7.1
 
 
Samsung Smartphone Telecom insufficient permissions or privileges0.070.00885CVE-2022-22292
1929704.43.3
 
5.5
 
 
Samsung Smartphone Telephony logging of excessive data0.070.00885CVE-2022-22291
1929696.36.3
 
 
 
 
tcpreplay tree.c add_tree_ipv4 assertion0.030.00885CVE-2021-45387
1929686.36.3
 
 
 
 
tcpreplay tree.c add_tree_ipv6 assertion0.040.00885CVE-2021-45386
1929675.55.5
 
 
 
 
S-Cart backup download pathname traversal0.080.00885CVE-2021-44111
1929665.55.5
 
 
 
 
Google Android startVideoStream buffer overflow0.030.00885CVE-2021-39677
1929657.55.39.8
 
 
 
Google Android ismsEx Service permission0.000.00885CVE-2021-39658
1929646.23.39.1
 
 
 
Google Android ims_ex information disclosure0.000.00885CVE-2021-39635
1929636.55.37.8
 
 
 
Google Android UsageStatsService.java updatePackageMappingsData privileges management0.030.01036CVE-2021-39619
1929627.65.59.8
 
 
 
Google Android Privilege Escalation0.050.00885CVE-2021-39616
1929616.36.3
 
 
 
 
Tokheim Profleet DiaLOG Logon Page sql injection0.030.00885CVE-2021-34235
1929606.36.3
 
 
 
 
Nokia BTS TRS Web Console Web Panel improper authentication0.060.00885CVE-2021-31932

52 more entries are not shown

Do you need the next level of professionalism?

Upgrade your account now!