CVSSv3 04/15/2022

CVSSv3 Base

≤10
≤20
≤32
≤430
≤525
≤638
≤745
≤832
≤916
≤103

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤32
≤430
≤526
≤648
≤736
≤831
≤915
≤103

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤20
≤33
≤437
≤532
≤634
≤736
≤842
≤94
≤103

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤30
≤42
≤59
≤618
≤713
≤822
≤918
≤1022

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTICVE
1975383.53.5
 
 
 
 
Liferay Portal/DXP cross site scripting0.31CVE-2022-26594
1975376.36.3
 
 
 
 
Fantec MWiD25-DS upload.csp access control2.53CVE-2022-28113
1975365.55.5
 
 
 
 
pearweb deserialization1.23CVE-2022-27158
1975355.55.5
 
 
 
 
django-mfa3 improper authentication1.66CVE-2022-24857
1975347.37.5
 
7.0
 
 
Microsoft Windows ALPC Privilege Escalation2.28CVE-2022-24482
1975333.53.5
 
 
 
 
Hubzilla cross site scripting1.73CVE-2022-27258
1975326.36.3
 
 
 
 
Nyron winlibsrch.aspx sql injection1.29CVE-2022-23865
1975317.57.5
 
7.5
 
 
MZ Automation libIEC61850 parseNormalModeParameters infinite loop1.29CVE-2022-21159
1975306.85.6
 
8.1
 
 
Johnson Controls Metasys ADS/Metasys ADX/Metasys OAS cleanup1.60CVE-2021-36205
1975296.24.3
 
8.1
 
 
Roland Gruber Softwareentwicklung LDAP Account Manager Profile Editor Tool path traversal1.55CVE-2022-24851
1975283.53.5
 
 
 
 
FIS GT.M op_fnj3.c op_fnj3 denial of service1.36CVE-2021-44510
1975275.55.5
 
 
 
 
FIS GT.M op_fnj3.c op_fnj3 integer underflow1.48CVE-2021-44509
1975263.53.5
 
 
 
 
FIS GT.M ious_open.c ious_open null pointer dereference1.18CVE-2021-44508
1975253.53.5
 
 
 
 
FIS GT.M Parameter Validation ztimeoutroutines.c str_tok null pointer dereference0.19CVE-2021-44507
1975243.53.5
 
 
 
 
FIS GT.M do_verify.c do_verify null pointer dereference0.25CVE-2021-44506
1975233.53.5
 
 
 
 
FIS GT.M ZPrint null pointer dereference0.25CVE-2021-44505
1975225.55.5
 
 
 
 
FIS GT.M stack-based overflow0.19CVE-2021-44504
1975215.55.5
 
 
 
 
FIS GT.M va_arg memory corruption0.12CVE-2021-44503
1975205.55.5
 
 
 
 
FIS GT.M util_output.c util_format memory corruption0.12CVE-2021-44502
1975193.53.5
 
 
 
 
FIS GT.M ZRead null pointer dereference0.25CVE-2021-44501
1975183.53.5
 
 
 
 
FIS GT.M eb_muldiv.c eb_div divide by zero0.12CVE-2021-44500
1975173.53.5
 
 
 
 
FIS GT.M f_incr.c f_incr null pointer dereference0.19CVE-2021-44498
1975165.55.5
 
 
 
 
FIS GT.M use after free0.31CVE-2021-44497
1975155.55.5
 
 
 
 
FIS GT.M memcpy buffer overflow0.19CVE-2021-44496
1975143.53.5
 
 
 
 
YottaDB/FIS GT.M ZPrint null pointer dereference0.31CVE-2021-44495
1975133.53.5
 
 
 
 
YottaDB/FIS GT.M ZRead null pointer dereference0.25CVE-2021-44494
1975123.53.5
 
 
 
 
YottaDB/FIS GT.M f_incr.c f_incr null pointer dereference0.19CVE-2021-44492
1975113.53.5
 
 
 
 
YottaDB op_fnj3.c op_fnj3 denial of service0.25CVE-2021-44491
1975103.53.5
 
 
 
 
YottaDB op_fnj3.c op_fnj3 denial of service0.19CVE-2021-44490
1975093.53.5
 
 
 
 
YottaDB op_fnj3.c op_fnj3 integer underflow0.12CVE-2021-44489
1975083.53.5
 
 
 
 
YottaDB op_fnfnumber.c op_fnfnumber denial of service0.19CVE-2021-44488
1975073.53.5
 
 
 
 
YottaDB ious_open.c ious_open null pointer dereference0.19CVE-2021-44487
1975065.55.5
 
 
 
 
YottaDB op_write.c op_write memory corruption0.50CVE-2021-44486
1975053.53.5
 
 
 
 
YottaDB eb_muldiv.c eb_div divide by zero0.14CVE-2021-44483
1975043.53.5
 
 
 
 
YottaDB do_verify.c do_verify null pointer dereference0.00CVE-2021-44482
1975033.53.5
 
 
 
 
YottaDB Parameter Validation ztimeoutroutines.c check_and_set_timeout null pointer dereference0.06CVE-2021-44481
1975026.36.3
 
 
 
 
Selenium WebDriver Endpoint dns rebinding0.12CVE-2022-28109
1975013.73.7
 
 
 
 
Moxa MGate MB3170/MGate MB3270/MGate MB3280 channel accessible0.25CVE-2022-27048
1975009.89.8
 
9.8
 
 
Microsoft Windows Network File System Remote Code Execution1.48CVE-2022-24497
1974995.55.5
 
 
 
 
FIS GT.M buffer overflow0.19CVE-2021-44499
1974985.55.5
 
 
 
 
YottaDB memcpy buffer overflow0.31CVE-2021-44493
1974973.53.5
 
 
 
 
YottaDB emit_code.c trip_gen null pointer dereference0.25CVE-2021-44485
1974963.53.5
 
 
 
 
YottaDB emit_code.c emit_trip null pointer dereference0.19CVE-2021-44484
1974956.36.3
 
 
 
 
Seowon 130-SLC Privilege Escalation0.37CVE-2021-42230
1974944.54.3
 
4.7
 
 
KB Support Plugin cross site scripting0.19CVE-2022-27852
1974934.84.3
 
5.4
 
 
Use Any Font Plugin API Key cross-site request forgery0.19CVE-2022-27851
1974924.84.3
 
5.4
 
 
Simple Ajax Chat Plugin Chat Message cross-site request forgery0.25CVE-2022-27850
1974912.42.4
 
 
 
 
WP Maintenance Plugin cross site scripting0.25CVE-2021-36828
1974903.53.5
 
 
 
 
Simple Ajax Chat Plugin sac-export.csv information disclosure0.25CVE-2022-27849
1974895.55.5
 
 
 
 
pearweb passwordmanage.php password recovery0.37CVE-2022-27157

141 more entries are not shown

Do you know our Splunk app?

Download it now for free!