CVSSv3 06/17/2022

CVSSv3 Base

≤10
≤20
≤31
≤414
≤517
≤614
≤730
≤86
≤91
≤100

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤31
≤414
≤518
≤617
≤726
≤87
≤90
≤100

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤20
≤33
≤415
≤516
≤614
≤732
≤83
≤90
≤100

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤31
≤40
≤51
≤62
≤71
≤89
≤95
≤101

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTICVE
2023616.36.3
 
 
 
 
oretnom23 Rescue Dispatch Management System sql injection1.16CVE-2022-31941
2023607.35.6
 
9.0
 
 
Blynk -Library Network Request BlynkConsole.h stack-based overflow1.00CVE-2022-29496
2023594.83.7
 
5.9
 
 
Bachmann Visutec Atvise License Registration cleartext transmission0.88CVE-2022-21184
2023588.16.3
 
10.0
 
 
Anker Eufy Homebase mips_collector use after free1.72CVE-2022-21806
2023577.97.3
 
8.6
 
 
Parse Server Apple Game Center Auth Adapter improper authentication2.17CVE-2022-31083
2023563.53.5
 
 
 
 
u5cms Default Home Page cross site scripting1.04CVE-2022-32442
2023556.36.3
 
 
 
 
Proietti Planet Time Enterprise Privilege Escalation0.92CVE-2022-30422
2023542.72.7
 
2.7
 
 
IBM Robotic Process Automation Control Center UI information disclosure0.88CVE-2022-30607
2023535.55.5
 
 
 
 
u5cms loginsave.php redirect0.80CVE-2022-32444
2023524.83.7
 
5.9
 
 
IBM Spectrum Protect Operations Center Sign-on excessive authentication1.29CVE-2022-22485
2023515.55.5
 
 
 
 
Electrum file URL paymentrequest.py Privilege Escalation0.85CVE-2022-31246
2023505.55.5
 
 
 
 
Anselal Antminer Monitor Flask Server backdoor1.05CVE-2021-40903
2023496.36.3
 
 
 
 
janobe Online Ordering System sql injection0.77CVE-2022-31357
2023486.36.3
 
 
 
 
janobe Online Ordering System sql injection0.85CVE-2022-31356
2023476.36.3
 
 
 
 
janobe Online Ordering System sql injection0.89CVE-2022-31355
2023465.42.4
 
8.4
 
 
inventree cross site scripting1.12CVE-2022-2113
2023453.53.5
 
 
 
 
ASG Zena Cross Platform Server Enterprise Edition cross site scripting1.57CVE-2021-45026
2023446.36.3
 
 
 
 
Grafana UI access control0.76CVE-2022-32276
2023435.55.5
 
 
 
 
ASG Zena Cross Platform Server Enterprise Edition xml external entity reference1.52CVE-2021-45024
2023427.25.5
 
9.0
 
 
inventree csv injection1.00CVE-2022-2112
2023417.66.3
 
9.0
 
 
inventree unrestricted upload1.04CVE-2022-2111
2023403.73.7
 
 
 
 
ASG Zena Cross Platform Server Enterprise Edition Cookie missing encryption1.08CVE-2021-45025
2023393.53.5
 
 
 
 
OMPL LazyPRM.cpp memory leak0.72CVE-2021-41490
2023386.36.3
 
 
 
 
Mitel MiVoice Business/MiVoice Business Express Management Interface buffer overflow0.72CVE-2022-31784
2023376.36.3
 
 
 
 
Checkmk permission0.73CVE-2022-33912
2023367.07.0
 
7.0
 
 
Amazon AWS Apache Log4j Hotpatch Package race condition0.89CVE-2022-33915
2023356.36.3
 
 
 
 
VoIPmonitor Web GUI api.php sql injection1.13CVE-2021-41408
2023344.74.7
 
 
 
 
zzcms ztliuyan_sendmail.php sql injection0.52CVE-2019-12359
2023336.36.3
 
 
 
 
zzcms Cookie dl_sendsms.php sql injection0.68CVE-2019-12358
2023324.74.7
 
 
 
 
zzcms deluser.php sql injection0.72CVE-2019-12357
2023316.36.3
 
 
 
 
zzcms dls_download.php sql injection0.72CVE-2019-12356
2023306.36.3
 
 
 
 
zzcms dls_print.php sql injection0.76CVE-2019-12355
2023294.74.7
 
 
 
 
zzcms showbad.php sql injection0.72CVE-2019-12354
2023284.74.7
 
 
 
 
zzcms dl_sendmail.php sql injection0.76CVE-2019-12353
2023276.36.3
 
 
 
 
zzcms Cookie dl_sendmail.php sql injection0.82CVE-2019-12352
2023265.05.0
 
 
 
 
SourceCodester Online Discussion Forum Site view_post.php sql injection0.85CVE-2022-31296
2023253.53.5
 
 
 
 
Joplin Desktop App cross site scripting0.62CVE-2021-33295
2023244.34.3
 
 
 
 
TRENDnet TEW-831DR Web Interface cross-site request forgery0.78CVE-2022-30327
2023233.53.5
 
 
 
 
TRENDnet TEW-831DR Web Interface basic.config cross site scripting0.73CVE-2022-30326
2023225.55.5
 
 
 
 
Broadcom CA Automic Automation Agent Privilege Escalation0.81CVE-2022-33753
2023213.53.5
 
 
 
 
Haraj User Upgrade Form cross site scripting0.83CVE-2022-31299
2023205.55.5
 
 
 
 
TRENDnet TEW-831DR Web Interface os command injection0.69CVE-2022-30329
2023196.36.3
 
 
 
 
TRENDnet TEW-831DR Web Interface password recovery0.63CVE-2022-30328
2023184.34.3
 
 
 
 
JForum jforum.page cross-site request forgery0.86CVE-2022-26173
2023175.55.5
 
 
 
 
ImageMagick property.c memory corruption0.64CVE-2022-32547
2023165.55.5
 
 
 
 
ImageMagick pcl.c integer overflow0.60CVE-2022-32546
2023155.55.5
 
 
 
 
Imagemagick psd.c integer overflow0.64CVE-2022-32545
2023146.36.3
 
 
 
 
Adaware Protect permission0.88CVE-2022-31464
2023133.53.5
 
 
 
 
Haraj Post Ads cross site scripting0.68CVE-2022-31301
2023123.53.5
 
 
 
 
Ghostscript null pointer dereference0.56CVE-2022-2085

33 more entries are not shown

Want to stay up to date on a daily basis?

Enable the mail alert feature now!