CVSSv3 03/21/2022

CVSSv3 Base

≤10
≤20
≤32
≤48
≤52
≤67
≤75
≤80
≤91
≤100

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤32
≤48
≤52
≤67
≤75
≤81
≤90
≤100

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤20
≤32
≤48
≤52
≤67
≤76
≤80
≤90
≤100

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤31
≤41
≤51
≤60
≤71
≤80
≤90
≤101

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTICVE
1955563.53.5
 
 
 
 
PrimeKey SignServer Admin Web Interface cross site scripting0.03CVE-2022-26494
1955553.53.5
 
 
 
 
OPC OPC Autogenerated ANSI C Stack Stubs null pointer dereference0.05CVE-2021-45117
1955544.34.3
 
 
 
 
Dreamacro URL cross site scripting0.04CVE-2020-24772
1955535.55.5
 
 
 
 
Click Studios Passwordstate permission0.03CVE-2022-25570
1955522.72.5
 
2.9
 
 
GPAC MP4Box null pointer dereference0.04CVE-2022-1035
1955513.53.5
 
 
 
 
HexoEditor Markdown File cross site scripting0.08CVE-2022-24656
1955504.34.3
 
4.3
 
 
OTRS Ticket Detail View TicketDetailView information disclosure0.04CVE-2022-1004
1955492.92.4
 
3.5
 
 
OTRS Package Manager cross site scripting0.04CVE-2022-0475
1955485.55.5
 
 
 
 
Starvlab GARO Wallbox GLB/GARO Wallbox GTB/GARO Wallbox GTC Web Manager access control0.07CVE-2021-45878
1955476.36.3
 
 
 
 
Starvlab GARO Wallbox GLB/GARO Wallbox GTB/GARO Wallbox GTC Tomcat Manger Page hard-coded credentials0.00CVE-2021-45877
1955466.36.3
 
 
 
 
Starvlab GARO Wallbox GLB/GARO Wallbox GTB/GARO Wallbox GTC downloadAndUpdate command injection0.00CVE-2021-45876
1955456.46.4
 
6.4
 
 
OTRS String Privilege Escalation0.00CVE-2021-36100
1955448.16.3
 
9.9
 
 
gogs input validation0.08CVE-2022-0415
1955433.53.5
 
 
 
 
TMS createorupdate cross site scripting0.03CVE-2022-26246
1955425.55.5
 
 
 
 
EyouCMS Index.php wechat_return xml external entity reference0.07CVE-2021-42194
1955413.53.5
 
 
 
 
DoraCMS contenttemp cross site scripting0.06CVE-2022-25464
1955403.53.5
 
 
 
 
Eova Add a Button cross site scripting0.04CVE-2022-26555
1955395.55.5
 
 
 
 
TMS Update2 permission0.03CVE-2022-26247
1955383.53.5
 
 
 
 
Yafu vecarith52.c denial of service0.07CVE-2022-25462
1955375.55.5
 
 
 
 
DWSurvey ToHtmlServlet.java access control0.07CVE-2021-39384
1955366.36.3
 
 
 
 
DWSurvey SysPropertyAction.java Privilege Escalation0.08CVE-2021-39383
1955355.55.5
 
 
 
 
ShopXO PluginsAdminService.php PluginsUpload unrestricted upload0.04CVE-2020-26008
1955345.55.5
 
 
 
 
ShopXO Upload Payment Plugin unrestricted upload0.03CVE-2020-26007
1955336.36.3
 
 
 
 
Taocms Category.php sql injection0.06CVE-2022-25505
1955323.53.5
 
 
 
 
ThinkPHP System Environment Parameter index.php information disclosure0.03CVE-2022-25481

Do you need the next level of professionalism?

Upgrade your account now!