CVSSv3 02/16/2022

CVSSv3 Base

≤10
≤20
≤31
≤412
≤517
≤616
≤721
≤86
≤98
≤101

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤21
≤30
≤412
≤517
≤616
≤724
≤83
≤98
≤101

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤20
≤32
≤412
≤519
≤615
≤717
≤812
≤94
≤101

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤32
≤40
≤50
≤613
≤710
≤87
≤93
≤104

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTICVE
1932533.53.5
 
 
 
 
SourceCodester Hospital Patient Record Management System cross site scripting0.00CVE-2022-22853
1932524.34.3
 
 
 
 
pki-server cleartext storage0.04CVE-2021-3551
1932517.07.3
 
6.6
 
 
MobiSoft MobiPlus URL Parameter input validation0.06CVE-2022-22792
1932507.87.8
 
7.8
 
 
Snow Inventory Java Scanner privileges management0.04CVE-2021-4106
1932497.37.3
 
7.3
 
 
litespeed.js Query String getJsonFromUrl code injection0.04CVE-2021-23682
1932486.66.6
 
 
 
 
HP Product UEFI Firmware Privilege Escalation0.00CVE-2021-39301
1932476.66.6
 
 
 
 
HP Product UEFI Firmware Privilege Escalation0.05CVE-2021-39300
1932466.66.6
 
 
 
 
HP Product UEFI Firmware Privilege Escalation0.00CVE-2021-39299
1932458.88.8
 
 
 
 
HP Product UEFI Firmware Privilege Escalation0.04CVE-2021-39298
1932446.66.6
 
 
 
 
HP Product UEFI Firmware Privilege Escalation0.04CVE-2021-39297
1932433.53.5
 
 
 
 
argocd permission assignment0.04CVE-2021-3557
1932423.53.5
 
 
 
 
Texas Instruments CC3200 SimpleLink Solution NWP HTTP Request ping.html information disclosure0.09CVE-2021-21966
1932416.36.3
 
 
 
 
Hancom Office 2020 HwordApp.dll heap-based overflow0.04CVE-2021-21958
1932406.36.3
 
 
 
 
KiCad EDA Gerber Viewer ReadIJCoord stack-based overflow0.05CVE-2022-23804
1932396.36.3
 
 
 
 
KiCad EDA Gerber Viewer ReadXYCoord stack-based overflow0.04CVE-2022-23803
1932385.55.5
 
 
 
 
HP Support Assistant Privilege Escalation0.03CVE-2020-6922
1932375.55.5
 
 
 
 
HP Support Assistant Privilege Escalation0.10CVE-2020-6921
1932365.55.5
 
 
 
 
HP Support Assistant Privilege Escalation0.05CVE-2020-6920
1932355.55.5
 
 
 
 
HP Support Assistant Privilege Escalation0.04CVE-2020-6919
1932345.55.5
 
 
 
 
HP Support Assistant Privilege Escalation0.00CVE-2020-6918
1932335.55.5
 
 
 
 
HP Support Assistant Privilege Escalation0.04CVE-2020-6917
1932324.94.3
 
5.5
 
 
Adobe Illustrator null pointer dereference0.14CVE-2022-23199
1932314.94.3
 
5.5
 
 
Adobe Illustrator null pointer dereference0.06CVE-2022-23198
1932304.94.3
 
5.5
 
 
Adobe Illustrator null pointer dereference0.09CVE-2022-23189
1932297.06.3
 
7.8
 
 
Adobe Photoshop buffer overflow0.00CVE-2022-23203
1932287.17.1
 
7.0
 
 
Adobe Creative Cloud Desktop uncontrolled search path0.00CVE-2022-23202
1932277.06.3
 
7.8
 
 
Adobe After Effects out-of-bounds write0.05CVE-2022-23200
1932267.06.3
 
7.8
 
 
Adobe Illustrator buffer overflow0.10CVE-2022-23188
1932257.06.3
 
7.8
 
 
Adobe Illustrator out-of-bounds write0.10CVE-2022-23186
1932248.88.8
 
 
 
 
VMware NSX Data Center for vSphere CLI os command injection0.07CVE-2022-22945
1932238.57.3
 
9.8
 
 
Adobe Commerce input validation0.24CVE-2022-24086
1932224.94.3
 
5.5
 
 
Adobe Premiere Rush out-of-bounds read0.10CVE-2022-23204
1932214.94.3
 
5.5
 
 
Adobe Illustrator out-of-bounds read0.00CVE-2022-23197
1932204.94.3
 
5.5
 
 
Adobe Illustrator out-of-bounds read0.00CVE-2022-23196
1932194.94.3
 
5.5
 
 
Adobe Illustrator out-of-bounds read0.04CVE-2022-23195
1932184.94.3
 
5.5
 
 
Adobe Illustrator out-of-bounds read0.05CVE-2022-23194
1932174.94.3
 
5.5
 
 
Adobe Illustrator out-of-bounds read0.04CVE-2022-23193
1932164.94.3
 
5.5
 
 
Adobe Illustrator out-of-bounds read0.04CVE-2022-23192
1932154.94.3
 
5.5
 
 
Adobe Illustrator out-of-bounds read0.18CVE-2022-23191
1932144.94.3
 
5.5
 
 
Adobe Illustrator out-of-bounds read0.05CVE-2022-23190
1932136.56.5
 
 
 
 
Linux Kernel UDF File System udf_file_write_iter null pointer dereference0.04CVE-2022-0617
1932123.95.3
 
2.4
 
 
IBM Maximo Anywhere source code0.00CVE-2019-4352
1932115.95.3
 
6.5
 
 
IBM Maximo Anywhere information disclosure0.09CVE-2019-4291
1932102.12.1
 
2.1
 
 
IBM Maximo Anywhere information disclosure0.06CVE-2019-4351
1932098.57.3
 
9.8
 
 
WP Statistics Plugin class-wp-statistics-exclusion.php sql injection0.04CVE-2022-0513
1932085.94.7
 
7.2
 
 
Fancy Product Designer Plugin class-view.php sql injection0.06CVE-2021-4134
1932079.39.8
 
8.8
 
 
Valmet DNA Service Port 1517 os command injection0.04CVE-2021-26726
1932065.35.3
 
 
 
 
VMware ESXi rhttpproxy denial of service0.24CVE-2021-22050
1932057.27.2
 
 
 
 
VMware ESXi settingsd toctou0.07CVE-2021-22043
1932047.27.2
 
 
 
 
VMware ESXi VMX improper authorization0.21CVE-2021-22042

32 more entries are not shown

Do you want to use VulDB in your project?

Use the official API to access entries easily!