CVSSv3 03/03/2022

CVSSv3 Base

≤10
≤21
≤33
≤419
≤515
≤634
≤750
≤80
≤92
≤100

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤21
≤33
≤419
≤517
≤667
≤715
≤80
≤92
≤100

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤21
≤33
≤419
≤515
≤635
≤749
≤81
≤91
≤100

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤31
≤42
≤52
≤62
≤74
≤81
≤91
≤101

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTICVE
1943806.36.3
 
 
 
 
Microsoft Edge WebXR out-of-bounds read0.04CVE-2022-0809
1943796.36.3
 
 
 
 
Microsoft Edge Chrome OS Shell use after free0.04CVE-2022-0808
1943786.36.3
 
 
 
 
Microsoft Edge Autofill Remote Code Execution0.04CVE-2022-0807
1943776.36.3
 
 
 
 
Microsoft Edge Canvas information disclosure0.00CVE-2022-0806
1943766.36.3
 
 
 
 
Microsoft Edge Browser Switcher use after free0.06CVE-2022-0805
1943756.36.3
 
 
 
 
Microsoft Edge Full Screen Mode Remote Code Execution0.03CVE-2022-0804
1943745.55.5
 
 
 
 
Microsoft Edge Permissions Privilege Escalation0.00CVE-2022-0803
1943736.36.3
 
 
 
 
Microsoft Edge Full Screen Mode Remote Code Execution0.00CVE-2022-0802
1943726.36.3
 
 
 
 
Microsoft Edge HTML Parser Remote Code Execution0.07CVE-2022-0801
1943716.36.3
 
 
 
 
Microsoft Edge Cast UI heap-based overflow0.04CVE-2022-0800
1943705.55.5
 
 
 
 
Microsoft Edge Installer Privilege Escalation0.00CVE-2022-0799
1943696.36.3
 
 
 
 
Microsoft Edge MediaStream use after free0.04CVE-2022-0798
1943686.36.3
 
 
 
 
Microsoft Edge Mojo out-of-bounds read0.07CVE-2022-0797
1943676.36.3
 
 
 
 
Microsoft Edge Media use after free0.04CVE-2022-0796
1943666.36.3
 
 
 
 
Microsoft Edge Blink Layout type confusion0.06CVE-2022-0795
1943656.36.3
 
 
 
 
Microsoft Edge WebShare use after free0.03CVE-2022-0794
1943646.36.3
 
 
 
 
Microsoft Edge Views use after free0.07CVE-2022-0793
1943636.36.3
 
 
 
 
Microsoft Edge ANGLE out-of-bounds read0.04CVE-2022-0792
1943626.36.3
 
 
 
 
Microsoft Edge Omnibox use after free0.03CVE-2022-0791
1943616.36.3
 
 
 
 
Microsoft Edge Cast UI use after free0.00CVE-2022-0790
1943606.36.3
 
 
 
 
Microsoft Edge ANGLE heap-based overflow0.04CVE-2022-0789
1941693.53.5
 
3.5
 
 
hestiacp cross site scripting0.00CVE-2022-0753
1941685.55.5
 
 
 
 
FRRouting message.c parse_update_subtlv memory corruption0.06CVE-2022-26129
1941675.55.5
 
 
 
 
FRRouting Packet Length message.c babel_packet_examin memory corruption0.00CVE-2022-26128
1941665.55.5
 
 
 
 
FRRouting Packet Length message.c babel_packet_examin memory corruption0.03CVE-2022-26127
1941655.55.5
 
 
 
 
FRRouting isis_nb_notifications.c strdup memory corruption0.04CVE-2022-26126
1941645.55.5
 
 
 
 
FRRouting Packet Length isis_tlvs.c memory corruption0.03CVE-2022-26125
1941633.53.5
 
 
 
 
Axelor Open Suite cross site scripting0.04CVE-2022-25138
1941625.55.5
 
 
 
 
ARM Mali GPU Driver Privilege Escalation0.03CVE-2022-22706
1941615.16.3
 
3.8
 
 
ljharb npm-lockfile os command injection0.00CVE-2022-0841
1941606.56.6
 
6.4
 
 
Wordline HIDCCEMonitorSVC unquoted search path0.03CVE-2021-45819
1941598.88.8
 
 
 
 
RDPSoft Remote Desktop Commander Suite Agent unquoted search path0.06CVE-2022-25031
1941583.13.1
 
 
 
 
Fujifilm DocuCentre-VI C4471 Administrative Web Interface inadequate encryption0.04CVE-2021-43774
1941573.53.5
 
 
 
 
OS4Ed openSIS Classic EmailCheckOthers.php cross site scripting0.03CVE-2021-40637
1941564.34.3
 
 
 
 
OS4Ed openSIS Classic ChooseCpSearch.php sql injection0.04CVE-2021-40635
1941556.45.3
 
7.5
 
 
containerd CRI information disclosure0.04CVE-2022-23648
1941544.34.3
 
 
 
 
OS4Ed openSIS Classic CheckDuplicateName.php sql injection0.04CVE-2021-40636
1941534.34.3
 
 
 
 
Google Chrome WebXR out-of-bounds read0.04CVE-2022-0809
1941525.55.5
 
 
 
 
Google Chrome Chrome OS Shell use after free0.03CVE-2022-0808
1941515.55.5
 
 
 
 
Google Chrome Autofill Privilege Escalation0.03CVE-2022-0807
1941503.53.5
 
 
 
 
Google Chrome Canvas information disclosure0.00CVE-2022-0806
1941495.55.5
 
 
 
 
Google Chrome Browser Switcher use after free0.05CVE-2022-0805
1941485.55.5
 
 
 
 
Google Chrome Full Screen Mode Privilege Escalation0.00CVE-2022-0804
1941475.55.5
 
 
 
 
Google Chrome permission0.06CVE-2022-0803
1941465.55.5
 
 
 
 
Google Chrome Full Screen Mode Privilege Escalation0.00CVE-2022-0802
1941456.36.3
 
 
 
 
Google Chrome HTML Parser Remote Code Execution0.07CVE-2022-0801
1941446.36.3
 
 
 
 
Google Chrome Cast UI heap-based overflow0.06CVE-2022-0800
1941435.55.5
 
 
 
 
Google Chrome Installer Privilege Escalation0.04CVE-2022-0799
1941426.36.3
 
 
 
 
Google Chrome MediaStream use after free0.04CVE-2022-0798
1941414.34.3
 
 
 
 
Google Chrome Mojo out-of-bounds read0.00CVE-2022-0797

74 more entries are not shown

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!