CVSSv3 May 2022

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

C3BM Index

Our unique C3BM Index (CVSSv3 Base Meta Index) cumulates the CVSSv3 Meta Base Scores of all entries over time. Comparing this index to the amount of disclosed vulnerabilities helps to pinpoint the most important events.

CVSSv3 Base

≤10
≤22
≤370
≤4310
≤5286
≤6543
≤7596
≤8231
≤995
≤1030

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤24
≤373
≤4320
≤5282
≤6693
≤7485
≤8211
≤969
≤1026

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤26
≤395
≤4371
≤5341
≤6452
≤7587
≤8208
≤984
≤1019

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤52
≤68
≤76
≤829
≤96
≤105

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤22
≤312
≤440
≤595
≤6157
≤7136
≤8245
≤9110
≤1080

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤41
≤54
≤69
≤724
≤817
≤922
≤103

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

PublishedBaseVDBNVDCNAVendResVulnerabilityCTICVE
05/31/20227.55.8
 
8.38.3
 
Microsoft Edge Remote Code Execution0.03CVE-2022-30127
05/31/20227.55.8
 
8.38.3
 
Microsoft Edge Remote Code Execution0.02CVE-2022-30128
05/31/20225.06.3
 
4.34.3
 
Microsoft Edge Remote Code Execution0.04CVE-2022-26905
05/31/20225.84.1
 
7.6
 
 
polonel trudesk integer overflow0.08CVE-2022-1926
05/31/20227.06.4
 
7.6
 
 
Eufy 2K Indoor Camera RSTP Server buffer overflow0.04CVE-2021-3555
05/31/20227.36.3
 
7.87.8
 
Microsoft Windows Support Diagnostic Tool Follina Remote Code Execution0.14CVE-2022-30190
05/31/20226.94.7
 
9.1
 
 
polonel trudesk Synchronisation incorrect synchronization0.00CVE-2022-1931
05/31/20225.05.0
 
5.1
 
 
mruby use after free0.10CVE-2022-1934
05/30/20224.34.3
 
 
 
 
JivoChat Live Chat Plugin cross-site request forgery0.02CVE-2022-0642
05/30/20222.42.4
 
 
 
 
Simple Real Estate Pack Plugin Setting cross site scripting0.04CVE-2022-1646
05/30/20222.42.4
 
 
 
 
Amazon Link Plugin Setting cross site scripting0.04CVE-2022-1645
05/30/20222.42.4
 
 
 
 
Call&Book Mobile Bar Plugin cross site scripting0.07CVE-2022-1644
05/30/20222.42.4
 
 
 
 
Birthdays Widget Plugin cross site scripting0.15CVE-2022-1643
05/30/20224.34.3
 
 
 
 
Bulk Page Creator Plugin cross-site request forgery0.25CVE-2022-1611
05/30/20224.34.3
 
 
 
 
Change wp-admin Login Plugin authorization0.09CVE-2022-1589
05/30/20223.53.5
 
 
 
 
External Links in New Window Plugin URL cross site scripting0.04CVE-2022-1582
05/30/20222.42.4
 
 
 
 
Team Members Plugin Setting cross site scripting0.20CVE-2022-1568
05/30/20223.13.1
 
 
 
 
Quotes llama Plugin CSV File cross site scripting0.05CVE-2022-1566
05/30/20222.42.4
 
 
 
 
10Web Form Maker Plugin Custom Text Setting cross site scripting0.30CVE-2022-1564
05/30/20223.53.5
 
 
 
 
Enable SVG Plugin SVG File cross site scripting0.11CVE-2022-1562
05/30/20223.53.5
 
 
 
 
VikBooking Hotel Booking Engine & PMS Plugin URL cross site scripting0.04CVE-2022-1528
05/30/20223.53.5
 
 
 
 
WP 2FA Plugin Admin Page cross site scripting0.11CVE-2022-1527
05/30/20222.42.4
 
 
 
 
Poll Maker Plugin Setting cross site scripting0.04CVE-2022-1456
05/30/20222.42.4
 
 
 
 
Easy FAQ with Expanding Text Plugin cross site scripting0.03CVE-2022-1395
05/30/20222.42.4
 
 
 
 
No Future Posts Plugin cross site scripting0.20CVE-2022-1387
05/30/20222.42.4
 
 
 
 
Slideshow Plugin Setting cross site scripting0.17CVE-2022-1299
05/30/20222.42.4
 
 
 
 
IMDB Info Box Plugin Setting cross site scripting0.08CVE-2022-1294
05/30/20223.53.5
 
 
 
 
BannerMan Plugin Setting cross site scripting0.03CVE-2022-1275
05/30/20224.34.3
 
 
 
 
Content Mask Plugin cross-site request forgery0.05CVE-2022-1203
05/30/20222.42.4
 
 
 
 
Smush Plugin Admin Page cross site scripting0.06CVE-2022-1009
05/30/20222.42.4
 
 
 
 
User Meta Plugin Shared Field Label cross site scripting0.04CVE-2022-0376
05/30/20226.36.3
 
 
 
 
External Links in New Window Plugin unknown vulnerability0.06CVE-2022-1583
05/30/20224.74.7
 
 
 
 
StaffList Plugin Admin Dashboard sql injection0.06CVE-2022-1556
05/30/20222.42.4
 
 
 
 
HPB Dashboard Plugin cross site scripting0.03CVE-2022-1542
05/30/20226.36.3
 
 
 
 
Mozilla Firefox/Firefox ESR/Thunderbird Javascript Object code injection0.02CVE-2022-1529
05/30/20226.36.3
 
 
 
 
Mozilla Firefox/Firefox ESR/Thunderbird Top-Level Await code injection0.00CVE-2022-1802
05/29/20223.52.6
 
4.4
 
 
Gitea cross site scripting0.03CVE-2022-1928
05/29/20227.06.3
 
7.8
 
 
vim buffer overflow0.09CVE-2022-1927
05/28/20227.77.3
 
8.2
 
 
protobufjs code injection0.04CVE-2022-25878
05/28/20225.35.3
 
5.3
 
 
HCL BigFix Mobile XML xml validation0.02CVE-2021-27780
05/28/20227.06.3
 
7.8
 
 
vim out-of-bounds write0.02CVE-2022-1897
05/28/20224.52.4
 
6.6
 
 
HCL BigFix Mobile cross site scripting0.02CVE-2021-27781
05/28/20224.43.5
 
5.4
 
 
Cisco Enterprise Chat and Email Web Interface cross site scripting0.04CVE-2022-20802
05/28/20225.24.3
 
6.1
 
 
Cisco Common Services Platform Collector Web-based Management Interface cross site scripting0.02CVE-2022-20674
05/28/20225.24.3
 
6.1
 
 
Cisco Common Services Platform Collector Web-based Management Interface cross site scripting0.03CVE-2022-20673
05/28/20225.24.3
 
6.1
 
 
Cisco Common Services Platform Collector Web-based Management Interface cross site scripting0.09CVE-2022-20672
05/28/20225.24.3
 
6.1
 
 
Cisco Common Services Platform Collector Web-based Management Interface cross site scripting0.05CVE-2022-20671
05/28/20225.24.3
 
6.1
 
 
Cisco Common Services Platform Collector Web-based Management Interface cross site scripting0.02CVE-2022-20670
05/28/20225.24.3
 
6.1
 
 
Cisco Common Services Platform Collector Web-based Management Interface cross site scripting0.04CVE-2022-20669
05/28/20225.24.3
 
6.1
 
 
Cisco Common Services Platform Collector Web-based Management Interface cross site scripting0.04CVE-2022-20668

2113 more entries are not shown

Do you want to use VulDB in your project?

Use the official API to access entries easily!