CVSSv3 06/13/2022

CVSSv3 Base

≤10
≤20
≤37
≤429
≤532
≤625
≤719
≤88
≤92
≤106

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤37
≤430
≤531
≤630
≤716
≤86
≤92
≤106

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤20
≤310
≤432
≤538
≤619
≤716
≤86
≤91
≤106

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤51
≤60
≤70
≤80
≤90
≤100

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤31
≤42
≤51
≤610
≤75
≤87
≤911
≤107

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTICVE
2018116.36.3
 
 
 
 
Microsoft Edge ANGLE use after free0.08CVE-2022-2011
2018106.36.3
 
 
 
 
Microsoft Edge Compositing out-of-bounds0.00CVE-2022-2010
2018096.36.3
 
 
 
 
Microsoft Edge WebGL out-of-bounds0.07CVE-2022-2008
2018086.36.3
 
 
 
 
Microsoft Edge WebGPU use after free0.03CVE-2022-2007
2017534.54.3
 
4.7
 
 
Elementor Website Builder Plugin cross site scripting0.21CVE-2022-29455
2017523.53.5
 
 
 
 
flatCore-CMS Create New Page cross site scripting0.00CVE-2021-40902
2017513.53.5
 
 
 
 
Helpdeskz email-addresses cross site scripting0.08CVE-2022-31400
2017504.13.54.8
 
 
 
Helpdeskz custom-fields cross site scripting0.06CVE-2022-31398
2017495.33.5
 
7.1
 
 
neorazorx facturascripts cross site scripting0.00CVE-2022-2066
2017486.03.5
 
8.6
 
 
neorazorx facturascripts cross site scripting0.00CVE-2022-2065
2017477.56.3
 
8.8
 
 
Jupiter Theme/JupiterX Core Plugin abb_uninstall_template privileges management0.15CVE-2022-1654
2017463.53.5
 
 
 
 
Huawei Smart Phone Secure OS Module information disclosure0.00CVE-2022-31761
2017455.55.5
 
 
 
 
Huawei HarmonyOS Dialog Box improper restriction of rendered ui layers0.03CVE-2022-31760
2017443.53.5
 
 
 
 
Huawei HarmonyOS Setting Module information disclosure0.03CVE-2022-31757
2017433.53.5
 
 
 
 
Huawei Smart Phone denial of service0.04CVE-2022-31754
2017425.75.7
 
 
 
 
Huawei HarmonyOS Wakeup Module format string0.03CVE-2022-31753
2017413.53.5
 
 
 
 
Huawei Smart Phone authorization0.04CVE-2022-31752
2017407.47.3
 
7.5
 
 
kCTF set-src-ip-ranges access control0.03CVE-2022-31055
2017395.65.3
 
5.9
 
 
Amodat Mobile Application Gateway Admin Panel sql injection0.00CVE-2022-23169
2017386.67.3
 
5.9
 
 
Amodat Mobile Application Gateway Login Panel sql injection0.06CVE-2022-23168
2017374.64.0
 
5.3
 
 
Amodat Mobile Application Gateway GET Request downloadfile.aspx path traversal0.06CVE-2022-23167
2017365.75.7
 
 
 
 
Huawei HarmonyOS Secure OS Module denial of service0.06CVE-2021-46815
2017353.53.5
 
 
 
 
Huawei Smart Phone ChinaDRM Module denial of service0.06CVE-2021-46813
2017344.64.6
 
 
 
 
Huawei HarmonyOS Multi-Device Interaction unknown vulnerability0.04CVE-2021-46812
2017335.55.5
 
 
 
 
Huawei HarmonyOS AMS Module input validation0.05CVE-2022-31762
2017325.75.7
 
 
 
 
Huawei HarmonyOS AppLink uninitialized pointer0.00CVE-2022-31759
2017313.53.5
 
 
 
 
Huawei HarmonyOS Fingerprint Sensor Module information disclosure0.00CVE-2022-31756
2017305.75.7
 
 
 
 
Huawei HarmonyOS Communication Module permissions0.00CVE-2022-31755
2017298.88.8
 
 
 
 
NAVER Cloud Explorer privileges management0.00CVE-2022-24077
2017285.75.7
 
 
 
 
Huawei HarmonyOS Video Framework out-of-bounds0.06CVE-2021-46814
2017276.96.3
 
7.6
 
 
Open Forms File Name Extension Parser unrestricted upload0.00CVE-2022-31041
2017266.76.3
 
7.1
 
 
Open Forms redirect0.00CVE-2022-31040
2017257.56.3
 
8.8
 
 
RosarioSIS sql injection0.04CVE-2022-2067
2017246.94.7
 
9.1
 
 
NocoDB session expiration0.04CVE-2022-2064
2017237.25.5
 
9.0
 
 
NocoDB privileges management0.03CVE-2022-2063
2017226.74.3
 
9.1
 
 
NocoDB information disclosure0.03CVE-2022-2062
2017213.53.5
 
 
 
 
Huawei HarmonyOS Card Production Life Cycle permission0.03CVE-2021-46811
2017205.75.7
 
 
 
 
Huawei HarmonyOS Kernel Module null pointer dereference0.03CVE-2022-31763
2017192.62.6
 
 
 
 
Huawei HarmonyOS Kernel Module race condition0.00CVE-2022-31758
2017183.53.5
 
 
 
 
Huawei HarmonyOS emcom Module denial of service0.03CVE-2022-31751
2017179.89.8
 
9.8
 
 
Festo Controller CECC-X-M1 POST Request os command injection0.03CVE-2022-30311
2017169.89.8
 
9.8
 
 
Festo Controller CECC-X-M1 POST Request os command injection0.00CVE-2022-30310
2017159.89.8
 
9.8
 
 
Festo Controller CECC-X-M1 POST Request os command injection0.03CVE-2022-30309
2017149.89.8
 
9.8
 
 
Festo Controller CECC-X-M1 POST Request os command injection0.06CVE-2022-30308
2017133.53.5
 
 
 
 
Node.js npm information disclosure0.08CVE-2022-29244
2017124.15.3
 
2.8
 
 
hpjansson chafa heap-based overflow0.00CVE-2022-2061
2017114.34.3
 
 
 
 
Quick Subscribe Plugin Setting cross-site request forgery0.00CVE-2022-1792
2017104.34.3
 
 
 
 
Sideblog Plugin Setting cross-site request forgery0.04CVE-2022-1787
2017094.34.3
 
 
 
 
postTabs Plugin Setting cross-site request forgery0.03CVE-2022-1781
2017084.34.3
 
 
 
 
LaTeX for Plugin cross-site request forgery0.00CVE-2022-1780

78 more entries are not shown

Interested in the pricing of exploits?

See the underground prices here!