CVSSv3 03/11/2022

CVSSv3 Base

≤10
≤26
≤33
≤433
≤560
≤672
≤747
≤831
≤97
≤102

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤26
≤34
≤441
≤552
≤675
≤754
≤820
≤97
≤102

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤27
≤34
≤447
≤547
≤698
≤729
≤823
≤94
≤102

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤50
≤63
≤76
≤813
≤90
≤1011

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤26
≤30
≤45
≤511
≤616
≤713
≤814
≤94
≤107

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTICVE
1947845.94.7
 
7.2
 
 
Microweber Backup/Restore code injection0.07CVE-2022-0921
1947837.06.3
 
7.8
 
 
Adobe After Effects out-of-bounds write0.00CVE-2022-24097
1947827.06.3
 
7.8
 
 
Adobe After Effects heap-based overflow0.03CVE-2022-24096
1947817.06.3
 
7.8
 
 
Adobe After Effects stack-based overflow0.04CVE-2022-24095
1947807.06.3
 
7.8
 
 
Adobe After Effects stack-based overflow0.06CVE-2022-24094
1947797.27.2
 
 
 
 
HP BIOS Privilege Escalation0.09CVE-2022-23934
1947787.27.2
 
 
 
 
HP BIOS Privilege Escalation0.03CVE-2022-23933
1947777.27.2
 
 
 
 
HP BIOS Privilege Escalation0.06CVE-2022-23932
1947767.27.2
 
 
 
 
HP BIOS Privilege Escalation0.07CVE-2022-23931
1947757.27.2
 
 
 
 
HP BIOS Privilege Escalation0.03CVE-2022-23930
1947746.66.6
 
 
 
 
HP BIOS Privilege Escalation0.00CVE-2022-23929
1947736.66.6
 
 
 
 
HP BIOS Privilege Escalation0.06CVE-2022-23928
1947724.74.7
 
 
 
 
HP BIOS Privilege Escalation0.04CVE-2022-23927
1947716.66.6
 
 
 
 
HP BIOS Privilege Escalation0.03CVE-2022-23926
1947707.27.2
 
 
 
 
HP BIOS Privilege Escalation0.06CVE-2022-23925
1947697.27.2
 
 
 
 
HP BIOS Privilege Escalation0.03CVE-2022-23924
1947687.06.3
 
7.8
 
 
Adobe Illustrator buffer overflow0.07CVE-2022-23187
1947674.54.3
 
4.7
 
 
Contact Form X Plugin cross site scripting0.00CVE-2022-25601
1947664.94.3
 
5.5
 
 
Adobe Photoshop out-of-bounds0.00CVE-2022-24090
1947656.04.3
 
7.7
 
 
LibTIFF TIFF File tif_dirread.c TIFFFetchNormalTag null pointer dereference0.03CVE-2022-0908
1947644.94.3
 
5.5
 
 
LibTIFF tiff out-of-bounds0.00CVE-2022-0924
1947634.94.3
 
5.5
 
 
LibTIFF tiffcrop divide by zero0.04CVE-2022-0909
1947624.94.3
 
5.5
 
 
LibTIFF tiffcrop null pointer dereference0.00CVE-2022-0907
1947615.55.5
 
 
 
 
Nystudio107 Seomatic Host Header UrlHelper.php injection0.04CVE-2021-44618
1947605.44.3
 
6.5
 
 
Wire-ios exceptional condition0.04CVE-2022-23625
1947596.75.3
 
8.2
 
 
Cobbler improper authorization0.04CVE-2022-0860
1947587.26.8
 
7.6
 
 
NVIDIA Jetson AGX Xavier IOMMU Configuration permission assignment0.00CVE-2022-21819
1947575.13.5
 
6.8
 
 
microweber cross site scripting0.07CVE-2022-0928
1947564.64.3
 
5.0
 
 
gogs server-side request forgery0.03CVE-2022-0870
1947556.85.5
 
8.2
 
 
gogs improper authorization0.06CVE-2022-0871
1947547.76.3
 
9.1
 
 
microweber integer overflow0.05CVE-2022-0913
1947534.74.7
 
4.8
 
 
microweber unrestricted upload0.05CVE-2022-0912
1947526.36.3
 
 
 
 
Yokogawa CENTUM VP/Exaopc CAMS Server hard-coded credentials0.00CVE-2022-23402
1947515.55.5
 
 
 
 
Yokogawa CENTUM CS 3000/CENTUM VP/Exaopc uncontrolled search path0.07CVE-2022-23401
1947504.34.3
 
 
 
 
Yokogawa CENTUM CS 3000/CENTUM VP/Exaopc HIS Server channel accessible0.03CVE-2022-22729
1947495.55.5
 
 
 
 
Yokogawa CENTUM CS 3000/CENTUM VP/Exaopc HIS Log Server neutralization for logs0.06CVE-2022-22151
1947485.55.5
 
 
 
 
Yokogawa CENTUM CS 3000/CENTUM VP/Exaopc Long-term Data Archive Package Service permission assignment0.07CVE-2022-22141
1947473.53.5
 
 
 
 
Yokogawa CENTUM CS 3000/CENTUM VP/Exaopc HIS Server path traversal0.05CVE-2022-21808
1947465.55.5
 
 
 
 
Yokogawa CENTUM VP/Exaopc hard-coded credentials0.06CVE-2022-21194
1947455.55.5
 
 
 
 
Yokogawa CENTUM CS 3000/CENTUM VP/Exaopc HIS Log Server path traversal0.03CVE-2022-21177
1947443.53.5
 
 
 
 
FasterXML jackson-databind Java denial of service0.07CVE-2020-36518
1947435.55.5
 
 
 
 
Yokogawa CENTUM CS 3000/CENTUM VP/Exaopc Root Service permission assignment0.03CVE-2022-22148
1947424.34.3
 
 
 
 
Yokogawa CENTUM CS 3000/CENTUM VP/Exaopc HIS Log Server resource consumption0.03CVE-2022-22145
1947415.55.5
 
 
 
 
swagger-ui-dist improper restriction of rendered ui layers0.00CVE-2021-46708
1947404.34.3
 
 
 
 
Swagger UI URL information disclosure0.06CVE-2018-25031
1947393.53.5
 
 
 
 
Mime_Viewer OpenOffice Document Ooo.php cross site scripting0.03CVE-2022-26874
1947385.75.7
 
 
 
 
Linux Kernel Socket Buffer virtio_bt.c memory leak0.06CVE-2022-26878
1947376.36.3
 
 
 
 
Luocms link_ok.php sql injection0.03CVE-2022-24605
1947364.43.5
 
5.4
 
 
Orchard CMS cross site scripting0.03CVE-2022-0822
1947353.52.4
 
4.7
 
 
Orchard CMS cross site scripting0.03CVE-2022-0820

211 more entries are not shown

Interested in the pricing of exploits?

See the underground prices here!