CVSSv3 05/20/2022

CVSSv3 Base

≤10
≤20
≤31
≤427
≤510
≤622
≤721
≤84
≤95
≤101

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤21
≤31
≤426
≤510
≤629
≤716
≤87
≤90
≤101

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤21
≤32
≤429
≤513
≤621
≤715
≤84
≤95
≤101

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤30
≤40
≤52
≤63
≤75
≤86
≤93
≤102

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTICVE
2004725.55.5
 
 
 
 
Siemens Teamcenter XML xml external entity reference0.00CVE-2022-29801
2004713.53.5
 
 
 
 
Proton Markdown File cross site scripting0.06CVE-2022-25224
2004706.45.3
 
7.5
 
 
jgraph drawio server-side request forgery0.06CVE-2022-1784
2004695.55.5
 
 
 
 
Popcorn Time Settings Page os command injection0.18CVE-2022-25229
2004684.34.3
 
 
 
 
Online Banquet Booking System POST Request cross-site request forgery0.06CVE-2022-28992
2004674.34.3
 
 
 
 
Siemens SICAM P850/SICAM P855 cross site scripting0.00CVE-2022-29882
2004663.53.5
 
 
 
 
Siemens SICAM P850/SICAM P855 Configuration Interface cross site scripting0.05CVE-2022-29880
2004654.34.3
 
 
 
 
Siemens SICAM P850/SICAM P855 GET Request Parameter cross site scripting0.06CVE-2022-29876
2004645.45.4
 
 
 
 
Siemens SICAM P850/SICAM P855 Web Interface improper authentication0.06CVE-2022-29883
2004634.34.3
 
 
 
 
Siemens SICAM P850/SICAM P855 Web-based Management Interface missing authentication0.00CVE-2022-29881
2004623.53.5
 
 
 
 
Siemens SICAM P850/SICAM P855 Web-based Management Interface missing authentication0.06CVE-2022-29879
2004614.34.3
 
 
 
 
Siemens SICAM P850/SICAM P855 Web Interface Configuration missing authentication0.06CVE-2022-29877
2004603.73.7
 
 
 
 
Siemens SICAM P850/SICAM P855 cleartext transmission0.05CVE-2022-29874
2004596.36.3
 
 
 
 
Siemens SICAM P850/SICAM P855 Request Remote Code Execution0.06CVE-2022-29873
2004585.55.5
 
 
 
 
Siemens SICAM P850/SICAM P855 POST Request Privilege Escalation0.05CVE-2022-29872
2004578.88.8
 
 
 
 
MiniTool Partition Wizard unquoted search path0.06CVE-2022-29320
2004565.55.5
 
 
 
 
Siemens JT2Go/Teamcenter Visualization CGM File Parser CGM_NIST_Loader.dll uninitialized pointer0.18CVE-2022-29033
2004555.55.5
 
 
 
 
Siemens JT2Go/Teamcenter Visualization CGM File Parser CGM_NIST_Loader.dll double free0.36CVE-2022-29032
2004543.53.5
 
 
 
 
Siemens JT2Go/Teamcenter Visualization CGM File Parser CGM_NIST_Loader.dll null pointer dereference0.37CVE-2022-29031
2004533.53.5
 
 
 
 
Siemens JT2Go/Teamcenter Visualization TG4 File Parser Mono_Loader.dll denial of service0.25CVE-2022-29030
2004523.53.5
 
 
 
 
Siemens JT2Go/Teamcenter Visualization CGM File Parser CGM_NIST_Loader.dll null pointer dereference0.12CVE-2022-29029
2004513.53.5
 
 
 
 
Siemens JT2Go/Teamcenter Visualization TIFF File Parser Tiff_Loader.dll infinite loop0.20CVE-2022-29028
2004503.53.5
 
 
 
 
OpenRazer razermouse Driver matrix_custom_frame buffer overflow0.06CVE-2022-29023
2004493.53.5
 
 
 
 
OpenRazer razeraccessory Driver matrix_custom_frame buffer overflow0.00CVE-2022-29022
2004485.55.5
 
 
 
 
OpenRazer razerkbd Driver matrix_custom_frame buffer overflow0.11CVE-2022-29021
2004475.55.5
 
 
 
 
Multi Store Inventory Management System POST Request Privilege Escalation0.00CVE-2022-28993
2004465.55.5
 
 
 
 
Siemens Simcenter Femap NEU File Parser out-of-bounds write0.12CVE-2022-27653
2004456.56.5
 
 
 
 
Siemens SIMATIC CP 442-1 RNA/SIMATIC CP 443-1 RNA ARP Broadcast resource consumption0.40CVE-2022-27640
2004445.55.5
 
 
 
 
Siemens OpenV2G EXI Parser buffer overflow0.06CVE-2022-27242
2004438.88.8
 
 
 
 
BattlEye unquoted search path0.06CVE-2022-27095
2004428.88.8
 
 
 
 
Sony PlayMemories Home unquoted search path0.52CVE-2022-27094
2004418.88.8
 
 
 
 
Private Internet Access unquoted search path0.06CVE-2022-27092
2004408.88.8
 
 
 
 
HMA VPN unquoted search path0.06CVE-2022-26634
2004393.53.5
 
 
 
 
Siemens Teamcenter tcserver.exe stack-based overflow0.27CVE-2022-24290
2004385.55.5
 
 
 
 
Siemens SIMATIC PCS 7 Kiosk Mode insecure default initialization of resource0.28CVE-2022-24287
2004373.73.7
 
 
 
 
Siemens Desigo DXR2/Desigo PXC3/Desigo PXC4/Desigo PXC5 missing secure attribute0.12CVE-2022-24045
2004363.13.1
 
 
 
 
Siemens Desigo DXR2/Desigo PXC3/Desigo PXC4/Desigo PXC5 Login excessive authentication0.35CVE-2022-24044
2004353.73.7
 
 
 
 
Siemens SICAM P850/SICAM P855 authentication replay0.37CVE-2022-29878
2004343.53.5
 
 
 
 
Multi Store Inventory Management System information disclosure0.21CVE-2022-28991
2004335.55.5
 
 
 
 
Online Sports Complex Booking System POST Request Privilege Escalation0.06CVE-2022-28106
2004325.55.5
 
 
 
 
Foxit PDF Editor unrestricted upload0.06CVE-2022-28104
2004313.73.7
 
 
 
 
Siemens Desigo DXR2/Desigo PXC3/Desigo PXC4/Desigo PXC5 Login information exposure0.15CVE-2022-24043
2004306.36.3
 
 
 
 
Goverlan Reach Console/Reach Server/Client Agent Agent Update access control0.06CVE-2022-31215
2004294.34.3
 
 
 
 
OPC UA Legacy Java Stack Messages denial of service0.09CVE-2022-30551
2004286.36.3
 
 
 
 
Cybele Thinfinity VNC WebSocket Request unknown vulnerability0.06CVE-2022-25227
2004276.36.3
 
 
 
 
ChatBot Application with a Suggestion Feature view_response.php sql injection0.12CVE-2022-30518
2004265.05.0
 
 
 
 
Online Sports Complex Booking System view_facility.php sql injection0.00CVE-2022-28105
2004256.36.3
 
 
 
 
Simple Student Quarterly Result System sql injection0.06CVE-2022-26633
2004246.36.3
 
 
 
 
Multi-Vendor Online Groceries Management System view_product.php sql injection0.43CVE-2022-26632
2004236.36.3
 
 
 
 
School Dormitory Management System daily_collection_report.php sql injection0.32CVE-2022-30886

41 more entries are not shown

Do you know our Splunk app?

Download it now for free!