CVSSv3 05/13/2022

CVSSv3 Base

≤10
≤20
≤31
≤48
≤515
≤637
≤731
≤87
≤93
≤104

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤21
≤30
≤48
≤515
≤649
≤720
≤86
≤93
≤104

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤20
≤31
≤411
≤515
≤636
≤730
≤89
≤94
≤100

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤30
≤40
≤53
≤63
≤75
≤88
≤92
≤107

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤61
≤71
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTICVE
1998236.36.3
 
 
 
 
Google Chrome Web UI Diagnostics use after free1.73+CVE-2022-1641
1998226.36.3
 
 
 
 
Google Chrome Sharing use after free1.76+CVE-2022-1640
1998216.36.3
 
 
 
 
Google Chrome ANGLE use after free1.76+CVE-2022-1639
1998206.36.3
 
 
 
 
Google Chrome V8 Internationalization heap-based overflow1.05+CVE-2022-1638
1998196.36.3
 
 
 
 
Google Chrome Web Contents Remote Code Execution1.25+CVE-2022-1637
1998186.36.3
 
 
 
 
Google Chrome Performance API use after free1.11+CVE-2022-1636
1998176.36.3
 
 
 
 
Google Chrome Prompts use after free0.99+CVE-2022-1635
1998166.36.3
 
 
 
 
Google Chrome Browser UI use after free1.05+CVE-2022-1634
1998156.36.3
 
 
 
 
Google Chrome Sharesheet use after free1.14+CVE-2022-1633
1998144.34.3
 
 
 
 
Apache Tomcat WebSocket Message denial of service1.08+CVE-2022-25762
1998135.55.5
 
 
 
 
SolarView Compact conf_mail.php command injection1.02+CVE-2022-29303
1998125.36.3
 
4.2
 
 
IBM Robotic Process Automation sql injection1.02+CVE-2022-22413
1998114.53.5
 
5.5
 
 
Sysaid treecontent.jsp cross site scripting0.96+CVE-2022-23165
1998105.24.3
 
6.1
 
 
Adobe ColdFusion cross site scripting1.11+CVE-2022-28818
1998094.84.3
 
5.4
 
 
InHand InRouter302 HTTP Request info.jsp cross site scriting0.87+CVE-2022-21238
1998087.47.3
 
7.5
 
 
HCL Unica Platform XML Content xml external entity reference0.87+CVE-2021-27777
1998075.75.3
 
6.1
 
 
Sysaid index.html file inclusion0.93+CVE-2022-23166
1998063.53.5
 
 
 
 
Micro Focus NetIQ Access Manager cross site scripting0.99+CVE-2021-22531
1998055.35.3
 
 
 
 
Intel NUC Firmware input validation0.99+CVE-2022-24382
1998045.35.3
 
 
 
 
Intel NUC Firmware buffer overflow0.99+CVE-2022-24297
1998035.35.3
 
 
 
 
Intel XTU uncontrolled search path0.93+CVE-2022-22139
1998025.35.3
 
 
 
 
Intel NUC Firmware buffer overflow0.95+CVE-2022-21237
1998015.55.5
 
 
 
 
Intel Xeon denial of service1.08+CVE-2022-21136
1998005.35.3
 
 
 
 
Intel Advisor control flow1.08+CVE-2022-21128
1997994.34.3
 
 
 
 
Intel CPU Hardware Debug Mode access control1.11+CVE-2022-0004
1997985.35.3
 
 
 
 
Intel CPU BIOS Authenticated Code Module out-of-bounds write1.11+CVE-2021-33124
1997975.35.3
 
 
 
 
Intel CPU BIOS Authenticated Code Module access control1.31CVE-2021-33123
1997965.35.3
 
 
 
 
Intel CPU BIOS Firmware control flow1.32CVE-2021-33122
1997955.35.3
 
 
 
 
Intel In-Band Manageability input validation1.14CVE-2021-33108
1997945.35.3
 
 
 
 
Intel CPU BIOS Authenticated Code Module Local Privilege Escalation1.14CVE-2021-33103
1997934.74.7
 
 
 
 
Intel Optane SSD/SSD DC denial of service1.11CVE-2021-33078
1997924.34.3
 
 
 
 
Intel SSD/Optane SSD/SSD DC control flow1.14CVE-2021-33077
1997915.55.5
 
 
 
 
Intel Optane SSD/Optane SSD DC Firmware denial of service1.08CVE-2021-33075
1997906.36.3
 
 
 
 
Intel Killer Control Center access control1.05CVE-2021-26258
1997895.35.3
 
 
 
 
Intel CPU BIOS Firmware Local Privilege Escalation1.17CVE-2021-0190
1997885.35.3
 
 
 
 
Intel CPU BIOS Firmware Local Privilege Escalation1.14CVE-2021-0189
1997875.35.3
 
 
 
 
Intel CPU BIOS Firmware Local Privilege Escalation1.05CVE-2021-0188
1997865.35.3
 
 
 
 
Intel CPU BIOS Authenticated Code Module input validation1.14CVE-2021-0159
1997855.35.3
 
 
 
 
Intel CPU BIOS Firmware input validation1.14CVE-2021-0154
1997845.35.3
 
 
 
 
Intel CPU BIOS Firmware out-of-bounds write1.05CVE-2021-0153
1997836.36.3
 
 
 
 
Simple Client Management System sql injection0.96CVE-2022-29984
1997826.36.3
 
 
 
 
Simple Client Management System sql injection0.89CVE-2022-29983
1997816.36.3
 
 
 
 
Simple Simple Client Management System sql injection0.86CVE-2022-29980
1997806.36.3
 
 
 
 
Simple Client Management System sql injection0.92CVE-2022-29748
1997796.36.3
 
 
 
 
Simple Client Management System sql injection0.90CVE-2022-29747
1997786.36.3
 
 
 
 
RESI Gemini-Net resi-calltrace os command injection0.84CVE-2022-29539
1997774.34.3
 
4.2
 
 
HCL Sametime Proxy/Web Chat Client Meeting Chat clickjacking0.86CVE-2021-27773
1997766.85.5
 
8.2
 
 
HCL Sametime Proxy/Web Chat Client unrestricted upload0.90CVE-2021-27771
1997755.05.0
 
 
 
 
Check Point Endpoint Security Client link following1.07CVE-2022-23742
1997745.44.3
 
 
6.5
 
VMware Spring STOMP over WebSocket Endpoint allocation of resources1.25CVE-2022-22971

56 more entries are not shown

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!