CVSSv3 05/26/2022

CVSSv3 Base

≤10
≤20
≤31
≤413
≤515
≤634
≤749
≤810
≤95
≤101

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤31
≤413
≤516
≤650
≤732
≤810
≤95
≤101

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤20
≤32
≤422
≤526
≤628
≤741
≤86
≤92
≤101

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤50
≤64
≤70
≤816
≤94
≤101

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤31
≤41
≤53
≤63
≤74
≤813
≤93
≤106

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTICVE
2008275.55.5
 
 
 
 
Tuxera NTFS-3G NTFS Image ntfs_check_log_client_array heap-based overflow0.13CVE-2022-30789
2008265.55.5
 
 
 
 
Tuxera NTFS-3G NTFS Image ntfs_mft_rec_alloc heap-based overflow0.05CVE-2022-30788
2008255.55.5
 
 
 
 
Tuxera NTFS-3G NTFS Image ntfs_names_full_collate heap-based overflow0.09CVE-2022-30786
2008245.55.5
 
 
 
 
Tuxera NTFS-3G NTFS Image ntfs_get_attribute_value heap-based overflow0.09CVE-2022-30784
2008236.36.3
 
 
 
 
Jfinal CMS sql injection0.17CVE-2022-30500
2008223.53.5
 
 
 
 
Action View Tag Helpers cross site scripting0.06CVE-2022-27777
2008216.86.8
 
6.8
 
 
Dell Support Assist OS Recovery authentication bypass0.09CVE-2022-26865
2008203.53.5
 
 
 
 
Action Pack cross site scripting0.05CVE-2022-22577
2008195.55.5
 
 
 
 
oretnom23 Automotive Shop Management System authorization0.04CVE-2022-30495
2008185.55.5
 
 
 
 
Tenda AC18 form_fast_setting_wifi_set stack-based overflow0.17CVE-2022-30473
2008175.55.5
 
 
 
 
Tenda AC18 fromAddressNat stack-based overflow0.05CVE-2022-30472
2008165.33.1
 
7.6
 
 
Dell EMC CloudLink Auth Token information disclosure0.00CVE-2022-24414
2008156.36.3
 
 
 
 
cURL OAUTH2 Authentication improper authentication0.09CVE-2022-22576
2008145.55.5
 
 
 
 
Active Storage code injection0.00CVE-2022-21831
2008136.65.6
 
7.7
 
 
radare2 out-of-bounds read0.00CVE-2022-1899
2008128.57.3
 
9.8
 
 
Kuka KR C4 hard-coded credentials0.09CVE-2021-33016
2008118.88.8
 
8.8
 
 
Kuka KR C4 VxWorks Shell hard-coded credentials0.00CVE-2021-33014
2008103.53.5
 
 
 
 
oretnom23 Automotive Shop Management System cross site scripting0.00CVE-2022-30494
2008097.27.0
 
7.5
 
 
Dell BIOS SMM input validation0.05CVE-2022-24418
2008087.27.0
 
7.5
 
 
Dell BIOS SMM input validation0.00CVE-2022-24417
2008078.88.8
 
 
 
 
Citrix Gateway Plug-in privileges management0.00CVE-2022-21827
2008063.53.5
 
 
 
 
Tuxera NTFS-3G fuse_lib_readdir integer underflow0.00CVE-2022-30787
2008055.55.5
 
 
 
 
Tuxera NTFS-3G fuse_lib_opendir memory corruption0.17CVE-2022-30785
2008045.05.0
 
 
 
 
oretnom23 Automotive Shop Management System access control0.06CVE-2022-30493
2008035.55.5
 
 
 
 
Tenda AC18 httpd Module SetClientState stack-based overflow0.05CVE-2022-30477
2008025.55.5
 
 
 
 
Tenda AC18 httpd Module SetFirewallCfg stack-based overflow0.03CVE-2022-30476
2008015.55.5
 
 
 
 
Tenda AC18 httpd Module WifiExtraSet stack-based overflow0.60CVE-2022-30475
2008005.55.5
 
 
 
 
Tenda AC18 httpd Module saveParentControlInfo heap-based overflow0.11CVE-2022-30474
2007994.84.3
 
5.3
 
 
Dell Unity/UnityVSA/UnityXT Unisphere GUI cross site scripting0.05CVE-2022-29091
2007983.43.1
 
3.7
 
 
Dell EMC NetWorker Rabbitmq certificate validation0.05CVE-2022-29082
2007977.66.3
 
9.0
 
 
Dell EMC OpenManage Enterprise improper authorization0.05CVE-2022-26857
2007969.79.8
 
9.6
 
 
Dell iDRAC9 VNC Console improper authentication0.26CVE-2022-24422
2007955.24.6
 
5.8
 
 
Matrikon OPC Server IPersisFile access control0.11CVE-2022-1261
2007944.34.3
 
 
 
 
Tuxera NTFS-3G libfuse-lite fuse_kern_mount information disclosure0.07CVE-2022-30783
2007937.67.6
 
 
 
 
Linux Kernel Pipe post_one_notification uninitialized pointer0.09CVE-2022-1882
2007926.36.3
 
 
 
 
Hospital-Management-System doctor.php sql injection0.04CVE-2022-30516
2007915.35.3
 
 
 
 
Citrix ADC/Gateway VPN Gateway/AAA Virtual Server resource consumption0.13CVE-2022-27508
2007904.34.3
 
 
 
 
Citrix ADC/Gateway VPN Gateway resource consumption0.11CVE-2022-27507
2007896.76.3
 
7.1
 
 
vim heap-based overflow0.06CVE-2022-1886
2007884.84.3
 
5.3
 
 
QNAP QTS/QuTS Hero/QuTScloud Proxy Server cross-site request forgery0.00CVE-2021-34360
2007875.05.0
 
 
 
 
Debian dpkg Archive pathname traversal0.00CVE-2022-1664
2007866.15.07.2
 
 
 
CSCMS Music Portal System del sql injection0.17CVE-2022-29689
2007856.15.07.2
 
 
 
CSCMS Music Portal System hy sql injection0.04CVE-2022-29688
2007846.15.07.2
 
 
 
CSCMS Music Portal System level_del sql injection0.05CVE-2022-29687
2007836.15.07.2
 
 
 
CSCMS Music Portal System zhuan sql injection0.05CVE-2022-29686
2007826.95.08.8
 
 
 
CSCMS Music Portal System level_sort sql injection0.05CVE-2022-29685
2007816.15.07.2
 
 
 
CSCMS Music Portal System js_del sql injection0.05CVE-2022-29684
2007806.15.07.2
 
 
 
CSCMS Music Portal System page_del sql injection0.06CVE-2022-29683
2007796.15.07.2
 
 
 
CSCMS Music Portal System del sql injection0.05CVE-2022-29682
2007786.15.07.2
 
 
 
CSCMS Music Portal System del sql injection0.04CVE-2022-29681

78 more entries are not shown

Want to stay up to date on a daily basis?

Enable the mail alert feature now!