CVSSv3 03/08/2022

CVSSv3 Base

≤10
≤20
≤32
≤412
≤54
≤616
≤713
≤833
≤917
≤100

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤33
≤412
≤57
≤619
≤736
≤816
≤94
≤100

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤20
≤32
≤412
≤58
≤611
≤721
≤825
≤918
≤100

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤71
≤80
≤90
≤100

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤30
≤42
≤53
≤68
≤719
≤836
≤97
≤100

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤42
≤53
≤67
≤718
≤835
≤96
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTICVE
1944506.47.1
 
6.16.1
 
Microsoft Visual Studio Code Remote Code Execution0.09CVE-2022-24526
1944497.27.5
 
7.07.0
 
Microsoft Windows Update Stack Privilege Escalation0.04CVE-2022-24525
1944486.44.3
 
7.57.5
 
Microsoft Skype Extension information disclosure0.03CVE-2022-24522
1944477.27.2
 
7.27.2
 
Microsoft Azure Site Recovery VMWare to Azure Privilege Escalation0.05CVE-2022-24520
1944466.77.2
 
6.56.5
 
Microsoft Azure Site Recovery VMWare to Azure Privilege Escalation0.00CVE-2022-24519
1944456.77.2
 
6.56.5
 
Microsoft Azure Site Recovery VMWare to Azure Privilege Escalation0.00CVE-2022-24518
1944447.27.2
 
7.27.2
 
Microsoft Azure Site Recovery VMWare to Azure Privilege Escalation0.04CVE-2022-24517
1944436.56.5
 
6.56.5
 
Microsoft Azure Site Recovery VMWare to Azure unknown vulnerability0.00CVE-2022-24515
1944426.36.3
 
6.36.3
 
Microsoft .NET/Visual Studio Remote Code Execution0.00CVE-2022-24512
1944415.55.4
 
5.55.5
 
Microsoft Office Word unknown vulnerability0.07CVE-2022-24511
1944407.36.3
 
7.87.8
 
Microsoft Office Visio Remote Code Execution0.00CVE-2022-24510
1944397.36.3
 
7.87.8
 
Microsoft Office Visio Remote Code Execution0.03CVE-2022-24509
1944388.88.8
 
8.88.8
 
Microsoft Windows SMBv3 Privilege Escalation0.04CVE-2022-24508
1944378.18.8
 
7.87.8
 
Microsoft Windows Ancillary Function Driver for WinSock Privilege Escalation0.04CVE-2022-24507
1944366.77.2
 
6.56.5
 
Microsoft Azure Site Recovery VMWare to Azure Privilege Escalation0.05CVE-2022-24506
1944357.27.5
 
7.07.0
 
Microsoft Windows ALPC Privilege Escalation0.06CVE-2022-24505
1944345.45.4
 
5.45.4
 
Microsoft Windows Remote Desktop Protocol Client unknown vulnerability0.04CVE-2022-24503
1944334.34.3
 
4.34.3
 
Microsoft Windows HTML Platforms Security information disclosure0.00CVE-2022-24502
1944327.36.3
 
7.87.8
 
Microsoft VP9 Video Extensions Remote Code Execution0.04CVE-2022-24501
1944317.27.2
 
7.27.2
 
Microsoft Azure Site Recovery VMWare to Azure Privilege Escalation0.00CVE-2022-24471
1944307.27.2
 
7.27.2
 
Microsoft Azure Site Recovery VMWare to Azure Privilege Escalation0.04CVE-2022-24470
1944298.38.8
 
8.18.1
 
Microsoft Azure Site Recovery VMWare to Azure Privilege Escalation0.04CVE-2022-24469
1944287.27.2
 
7.27.2
 
Microsoft Azure Site Recovery VMWare to Azure Privilege Escalation0.07CVE-2022-24468
1944277.27.2
 
7.27.2
 
Microsoft Azure Site Recovery VMWare to Azure Privilege Escalation0.00CVE-2022-24467
1944263.33.3
 
3.33.3
 
Microsoft Intune Portal information disclosure0.00CVE-2022-24465
1944257.57.5
 
7.57.5
 
Microsoft .NET/Visual Studio denial of service0.00CVE-2022-24464
1944245.84.3
 
6.56.5
 
Microsoft Exchange Server information disclosure0.04CVE-2022-24463
1944235.86.3
 
5.55.5
 
Microsoft Office Word Remote Code Execution0.06CVE-2022-24462
1944227.36.3
 
7.87.8
 
Microsoft Office Visio Remote Code Execution0.04CVE-2022-24461
1944217.07.1
 
7.07.0
 
Microsoft Windows Tablet Windows User Interface Application Privilege Escalation0.04CVE-2022-24460
1944208.18.8
 
7.87.8
 
Microsoft Windows Fax/Scan Service Privilege Escalation0.00CVE-2022-24459
1944197.36.3
 
7.87.8
 
Microsoft HEIF Image Extension Remote Code Execution0.04CVE-2022-24457
1944187.36.3
 
7.87.8
 
Microsoft HEVC Video Extensions Remote Code Execution0.04CVE-2022-24456
1944178.18.8
 
7.87.8
 
Microsoft Windows CD-ROM Driver Privilege Escalation0.04CVE-2022-24455
1944168.18.8
 
7.87.8
 
Microsoft Windows Security Support Provider Interface Privilege Escalation0.04CVE-2022-24454
1944157.36.3
 
7.87.8
 
Microsoft HEVC Video Extensions Remote Code Execution0.07CVE-2022-24453
1944147.36.3
 
7.87.8
 
Microsoft HEVC Video Extensions Remote Code Execution0.00CVE-2022-24452
1944137.36.3
 
7.87.8
 
Microsoft VP9 Video Extensions Remote Code Execution0.04CVE-2022-24451
1944127.36.3
 
7.87.8
 
Microsoft HEVC Video Extensions Remote Code Execution0.03CVE-2022-23301
1944117.36.3
 
7.87.8
 
Microsoft Raw Image Extension Remote Code Execution0.03CVE-2022-23300
1944108.18.8
 
7.87.8
 
Microsoft Windows PDEV Privilege Escalation0.07CVE-2022-23299
1944097.27.5
 
7.07.0
 
Microsoft Windows NT OS Kernel Privilege Escalation0.04CVE-2022-23298
1944085.14.3
 
5.55.5
 
Microsoft Windows NT Lan Manager Datagram Receiver Driver information disclosure0.04CVE-2022-23297
1944078.18.8
 
7.87.8
 
Microsoft Windows Installer Privilege Escalation0.04CVE-2022-23296
1944067.36.3
 
7.87.8
 
Microsoft Raw Image Extension Remote Code Execution0.08CVE-2022-23295
1944058.88.8
 
8.88.8
 
Microsoft Windows Event Tracing Privilege Escalation0.00CVE-2022-23294
1944048.18.8
 
7.87.8
 
Microsoft Windows Fast FAT File System Driver Privilege Escalation0.07CVE-2022-23293
1944038.18.8
 
7.87.8
 
Microsoft Windows DWM Core Library Privilege Escalation0.04CVE-2022-23291
1944028.18.8
 
7.87.8
 
Microsoft Windows Inking COM Privilege Escalation0.04CVE-2022-23290
1944017.27.5
 
7.07.0
 
Microsoft Windows DWM Core Library Privilege Escalation0.08CVE-2022-23288

47 more entries are not shown

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!