CVSSv3 04/19/2022

CVSSv3 Base

≤10
≤20
≤36
≤416
≤547
≤684
≤7174
≤8120
≤929
≤1074

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤36
≤417
≤547
≤698
≤7165
≤8122
≤923
≤1072

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤20
≤37
≤417
≤548
≤690
≤7168
≤8102
≤942
≤1076

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤44
≤525
≤655
≤7132
≤892
≤920
≤1072

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤34
≤49
≤521
≤631
≤746
≤830
≤933
≤104

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤101

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTICVE
1982123.83.8
 
3.8
 
 
Oracle VM VirtualBox Core unknown vulnerability0.00CVE-2022-21488
1982113.83.8
 
3.8
 
 
Oracle VM VirtualBox Core information disclosure0.00CVE-2022-21487
1982106.56.5
 
6.5
 
 
Oracle VM VirtualBox Core denial of service0.03CVE-2022-21471
1982096.76.7
 
6.7
 
 
Oracle VM VirtualBox Core unknown vulnerability0.02CVE-2022-21465
1982087.87.8
 
7.8
 
 
Oracle VM VirtualBox Core Local Privilege Escalation0.03CVE-2022-21491
1982079.09.09.0
 
 
 
Oracle Secure Global Desktop Web Server server-side request forgery0.07CVE-2021-40438
1982066.66.66.6
 
 
 
Oracle Utilities Framework General input validation0.00CVE-2021-44832
1982056.66.66.6
 
 
 
Oracle Taleo Platform Taleo Connect Client Installer input validation0.03CVE-2021-44832
1982043.73.73.7
 
 
 
Oracle StorageTek ACSLS Software information disclosure0.08CVE-2020-9488
1982033.73.73.7
 
 
 
Oracle Ethernet Switch TOR-72 Firmware information disclosure0.04CVE-2020-1968
1982023.73.73.7
 
 
 
Oracle Ethernet Switch ES1-24 Firmware information disclosure0.04CVE-2020-1968
1982014.04.0
 
4.0
 
 
Oracle Solaris Kernel denial of service0.00CVE-2022-21494
1982004.84.84.8
 
 
 
Oracle Solaris Cluster Tools path traversal0.05CVE-2021-29425
1981995.05.0
 
5.0
 
 
Oracle Solaris Utility unknown vulnerability0.04CVE-2022-21416
1981985.55.5
 
5.5
 
 
Oracle Solaris Kernel denial of service0.04CVE-2022-21463
1981975.55.5
 
5.5
 
 
Oracle Solaris Kernel information disclosure0.03CVE-2022-21461
1981965.95.9
 
5.9
 
 
Oracle Solaris Kernel denial of service0.00CVE-2022-21493
1981956.46.16.16.9
 
 
Oracle StorageTek ACSLS Software cross site scripting0.04CVE-2020-11022
1981946.56.56.56.5
 
 
Oracle StorageTek ACSLS Software information disclosure0.04CVE-2019-3740
1981937.26.56.58.7
 
 
Oracle StorageTek ACSLS Software unknown vulnerability0.08CVE-2020-5421
1981926.56.56.5
 
 
 
Oracle Solaris Cluster Tools information disclosure0.00CVE-2020-6950
1981917.57.57.5
 
 
 
Oracle StorageTek Tape Analytics Core unknown vulnerability0.00CVE-2020-11979
1981907.57.57.5
 
 
 
Oracle StorageTek ACSLS Software unknown vulnerability0.00CVE-2020-11979
1981898.28.2
 
8.2
 
 
Oracle Solaris Utility unknown vulnerability0.06CVE-2022-21446
1981888.08.37.58.3
 
 
Oracle StorageTek Tape Analytics Application Server Remote Code Execution0.03CVE-2021-2351
1981878.08.37.58.3
 
 
Oracle StorageTek ACSLS Software Remote Code Execution0.03CVE-2021-2351
1981869.89.89.8
 
 
 
Oracle ZFS Storage Appliance Kit Operating System Image out-of-bounds write0.09CVE-2021-39275
1981859.89.89.8
 
 
 
Oracle Solaris Cluster Tools exceptional condition0.03CVE-2019-17195
1981845.55.5
 
5.5
 
 
Oracle OSS Support Tools Explorer information disclosure0.00CVE-2022-21405
1981836.56.56.5
 
 
 
Oracle OSS Support Tools Diagnostic Assistant denial of service0.03CVE-2021-41973
1981826.56.56.5
 
 
 
Oracle OSS Support Tools Diagnostic Assistant denial of service0.04CVE-2021-30129
1981814.84.84.8
 
 
 
Oracle Agile PLM Security path traversal0.03CVE-2021-29425
1981806.35.45.48.2
 
 
Oracle Agile PLM Security cross site scripting0.04CVE-2021-41165
1981796.16.1
 
6.1
 
 
Oracle Transportation Management User Interface unknown vulnerability0.00CVE-2022-21480
1981786.56.5
 
6.5
 
 
Oracle Agile PLM Attachments information disclosure0.06CVE-2022-21467
1981776.66.66.6
 
 
 
Oracle Autovue for Agile Product Lifecycle Management Internal Operations input validation0.00CVE-2021-44832
1981766.66.66.6
 
 
 
Oracle Agile PLM MCAD Connector CAX Client input validation0.04CVE-2021-44832
1981756.66.66.6
 
 
 
Oracle Agile PLM Security input validation0.00CVE-2021-44832
1981746.66.66.6
 
 
 
Oracle Agile Engineering Data Management Installation Issues input validation0.00CVE-2021-44832
1981737.57.57.5
 
 
 
Oracle Agile PLM Security denial of service0.05CVE-2021-42340
1981729.89.89.8
 
 
 
Oracle Product Lifecycle Analytics Installer code injection0.05CVE-2022-22965
1981719.89.89.8
 
 
 
Oracle Advanced Supply Chain Planning MscObieeSrvlt sql injection0.03CVE-2022-23305
1981705.35.3
 
5.3
 
 
Oracle Retail EFTLink Framework information disclosure0.04CVE-2021-34429
1981695.55.55.5
 
 
 
Oracle Retail Xstore Point of Service Xstore Office denial of service0.04CVE-2021-31812
1981685.55.55.5
 
 
 
Oracle Retail Xstore Point of Service Xenvironment denial of service0.07CVE-2021-36374
1981675.55.55.5
 
 
 
Oracle Retail Invoice Matching Security denial of service0.04CVE-2021-36374
1981665.55.55.5
 
 
 
Oracle Retail EFTLink Installation denial of service0.03CVE-2021-36374
1981656.56.56.5
 
 
 
Oracle Retail Service Backbone RSB Installation denial of service0.04CVE-2022-23437
1981646.56.56.5
 
 
 
Oracle Retail Merchandising System Foundation denial of service0.00CVE-2022-23437
1981636.56.56.5
 
 
 
Oracle Retail Integration Bus RIB Kernal denial of service0.12CVE-2022-23437

500 more entries are not shown

Do you need the next level of professionalism?

Upgrade your account now!