CVSSv3 06/08/2022

CVSSv3 Base

≤10
≤22
≤313
≤424
≤516
≤629
≤714
≤84
≤91
≤100

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤22
≤313
≤424
≤516
≤629
≤715
≤83
≤91
≤100

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤23
≤314
≤426
≤512
≤634
≤710
≤84
≤90
≤100

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤22
≤35
≤415
≤53
≤67
≤74
≤80
≤96
≤101

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTICVE
2014895.55.5
 
 
 
 
H3C Magic R100 aspForm stack-based overflow0.00CVE-2022-30926
2014885.55.5
 
 
 
 
H3C Magic R100 aspForm stack-based overflow0.00CVE-2022-30925
2014875.55.5
 
 
 
 
H3C Magic R100 aspForm stack-based overflow0.00CVE-2022-30924
2014865.55.5
 
 
 
 
H3C Magic R100 aspForm stack-based overflow0.00CVE-2022-30923
2014855.55.5
 
 
 
 
H3C Magic R100 aspForm stack-based overflow0.05CVE-2022-30922
2014845.55.5
 
 
 
 
H3C Magic R100 aspForm stack-based overflow0.05CVE-2022-30921
2014835.55.5
 
 
 
 
H3C Magic R100 aspForm stack-based overflow0.00CVE-2022-30920
2014825.55.5
 
 
 
 
H3C Magic R100 aspForm stack-based overflow0.00CVE-2022-30919
2014815.55.5
 
 
 
 
H3C Magic R100 aspForm stack-based overflow0.03CVE-2022-30918
2014805.55.5
 
 
 
 
H3C Magic R100 aspForm stack-based overflow0.16CVE-2022-30917
2014795.55.5
 
 
 
 
H3C Magic R100 aspForm stack-based overflow0.00CVE-2022-30916
2014785.55.5
 
 
 
 
H3C Magic R100 aspForm stack-based overflow0.05CVE-2022-30915
2014775.55.5
 
 
 
 
H3C Magic R100 aspForm stack-based overflow0.09CVE-2022-30914
2014765.55.5
 
 
 
 
H3C Magic R100 aspForm stack-based overflow0.03CVE-2022-30913
2014755.55.5
 
 
 
 
H3C Magic R100 aspForm stack-based overflow0.00CVE-2022-30912
2014745.55.5
 
 
 
 
H3C Magic R100 aspForm stack-based overflow0.07CVE-2022-30910
2014735.55.5
 
 
 
 
H3C Magic R100 aspForm stack-based overflow0.00CVE-2022-30909
2014728.08.0
 
 
 
 
ToaruOS Kernel access control0.03CVE-2021-36710
2014715.75.7
 
 
 
 
Xiaomi Redmi Note 9T/Redmi Note 11 write out-of-bounds write0.00CVE-2020-14125
2014703.73.7
 
 
 
 
Mitsubishi Electric G-150AD risky encryption0.03CVE-2022-24296
2014695.55.5
 
 
 
 
Das U-Boot buffer overflow0.00CVE-2022-30790
2014685.55.5
 
 
 
 
Das U-Boot buffer overflow0.00CVE-2022-30552
2014678.37.3
 
9.3
 
 
emicklei go-restful authorization0.09CVE-2022-1996
2014667.35.6
 
9.0
 
 
metacalc Constructor Remote Code Execution0.00CVE-2022-21122
2014656.36.3
 
 
 
 
SonicWall SMA100 Management Interface os command injection0.07CVE-2022-1703
2014643.53.5
 
 
 
 
WP Statistics Plugin cross site scripting0.04CVE-2022-1005
2014634.34.3
 
 
 
 
LiveSync for Plugin Setting cross-site request forgery0.07CVE-2022-1712
2014624.34.3
 
 
 
 
Throws SPAM Away Plugin cross-site request forgery0.03CVE-2022-1709
2014612.42.4
 
 
 
 
FormCraft Plugin Field Label cross site scripting0.03CVE-2022-1647
2014604.34.3
 
 
 
 
Database Backup for Plugin cross-site request forgery0.03CVE-2022-1577
2014594.34.3
 
 
 
 
Files Download Delay Plugin Setting cross-site request forgery0.00CVE-2022-1570
2014582.42.4
 
 
 
 
Pie Forms Field cross site scripting0.00CVE-2022-1569
2014572.42.4
 
 
 
 
Video Slider Plugin Setting cross site scripting0.02CVE-2022-1541
2014563.53.5
 
 
 
 
WP Born Babies Plugin Field cross site scripting0.00CVE-2022-1506
2014552.42.4
 
 
 
 
FiboSearch Plugin Setting cross site scripting0.03CVE-2022-1469
2014542.42.4
 
 
 
 
Photo Gallery by 10Web Plugin Setting cross site scripting0.02CVE-2022-1394
2014533.53.5
 
 
 
 
User Meta Plugin AJAX Action um_show_uploaded_file path traversal0.00CVE-2022-0779
2014527.37.3
 
 
 
 
CP Image Store with Slideshow Plugin Query Parameter sql injection0.00CVE-2022-1692
2014516.36.3
 
 
 
 
Realty Workstation Plugin Agent Edit sql injection0.03CVE-2022-1691
2014506.36.3
 
 
 
 
Note Press Plugin Admin Page sql injection0.00CVE-2022-1690
2014496.36.3
 
 
 
 
Note Press Plugin Admin Dashboard sql injection0.00CVE-2022-1689
2014486.36.3
 
 
 
 
Note Press Plugin Admin Dashboard sql injection0.08CVE-2022-1688
2014476.36.3
 
 
 
 
Logo Slider Plugin Manage Slider Images Admin Page sql injection0.00CVE-2022-1687
2014466.36.3
 
 
 
 
Five Minute Webshop Plugin Admin Dashboard sql injection0.04CVE-2022-1686
2014456.36.3
 
 
 
 
Five Minute Webshop Plugin Manage Products Admin Page sql injection0.00CVE-2022-1685
2014444.74.7
 
 
 
 
Cube Slider Plugin sql injection0.03CVE-2022-1684
2014436.36.3
 
 
 
 
amtyThumb Plugin Shortcode sql injection0.04CVE-2022-1683
2014424.34.3
 
 
 
 
Ask Me Theme AJAX Action cross-site request forgery0.00CVE-2022-1424
2014413.53.5
 
 
 
 
Ask Me Theme Edit Profile Page cross site scripting0.00CVE-2022-1241
2014403.53.5
 
 
 
 
LibreHealth EHR Base finder_navigation.php cross site scripting0.07CVE-2022-31497

53 more entries are not shown

Interested in the pricing of exploits?

See the underground prices here!