CVSSv3 06/24/2022

CVSSv3 Base

≤10
≤20
≤31
≤44
≤542
≤617
≤721
≤819
≤95
≤102

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤31
≤44
≤542
≤617
≤721
≤819
≤95
≤102

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤20
≤31
≤445
≤56
≤621
≤726
≤85
≤95
≤102

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤54
≤622
≤725
≤811
≤918
≤101

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤30
≤40
≤51
≤61
≤79
≤84
≤96
≤103

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤81
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTIEPSSCVE
2029577.77.18.37.77.7
 
Microsoft Edge Remote Code Execution0.050.02251CVE-2022-33639
2026596.05.57.84.8
 
 
Schneider Electric Geo SCADA Mobile exposure of resource0.040.00885CVE-2022-32530
2026584.43.35.5
 
 
 
MELAG FTP Server Configuration File cleartext storage in a file or on disk0.170.00885CVE-2021-41639
2026576.25.37.1
 
 
 
MELAG FTP Server FTP Configuration File access control0.170.00885CVE-2021-41637
2026564.43.55.3
 
 
 
MELAG FTP Server information disclosure0.030.00885CVE-2021-41634
2026557.47.37.5
 
 
 
MELAG FTP Server improper authentication0.030.01055CVE-2021-41638
2026546.97.36.5
 
 
 
MELAG FTP Server CWD Command access control0.170.00885CVE-2021-41636
2026538.48.18.8
 
 
 
MELAG FTP Server unnecessary privileges0.000.01055CVE-2021-41635
2026526.75.48.16.5
 
 
CODESYS Products exceptional condition0.040.01055CVE-2022-1965
2026519.89.8
 
9.8
 
 
CODESYS PLCWinNT and Runtime Toolkit 32 Password Protection insecure default initialization of resource0.170.00885CVE-2022-31806
2026505.35.3
 
5.3
 
 
CODESYS Gateway Server TCP Client Connection resource consumption0.090.00885CVE-2022-31803
2026496.73.7
 
9.8
 
 
CODESYS Gateway Server partial string comparison0.040.00885CVE-2022-31802
2026487.56.3
 
8.8
 
 
CODESYS Products File Download/File Upload file access0.170.01055CVE-2022-32143
2026478.58.8
 
8.1
 
 
CODESYS Products Local File out-of-range pointer offset0.040.01055CVE-2022-32142
2026466.56.5
 
6.5
 
 
CODESYS Products Request buffer over-read0.040.01055CVE-2022-32141
2026456.56.5
 
6.5
 
 
CODESYS Products buffer overflow0.040.01055CVE-2022-32140
2026446.56.5
 
6.5
 
 
CODESYS Products out-of-bounds0.090.01055CVE-2022-32139
2026439.39.8
 
8.8
 
 
CODESYS Products Request unexpected sign extension0.340.01055CVE-2022-32138
2026428.88.8
 
8.8
 
 
CODESYS Products Request heap-based overflow0.090.01055CVE-2022-32137
2026416.56.5
 
6.5
 
 
EMCO Products uninitialized pointer0.250.01055CVE-2022-32136
2026407.03.77.59.8
 
 
CODESYS Development System unprotected transport of credentials0.170.00885CVE-2022-31805
2026397.57.5
 
7.5
 
 
CODESYS Gateway Server Request allocation of resources0.040.00885CVE-2022-31804
2026385.44.36.5
 
 
 
Jenkins vRealize Orchestrator Plugin HTTP POST Request cross-site request forgery0.090.00885CVE-2022-34211
2026375.44.36.5
 
 
 
ThreadFix Plugin cross-site request forgery0.080.00885CVE-2022-34209
2026365.44.36.5
 
 
 
Beaker Builder Plugin cross-site request forgery0.090.00885CVE-2022-34207
2026355.44.36.5
 
 
 
Jianliao Notification Plugin HTTP POST Request cross-site request forgery0.000.00885CVE-2022-34205
2026346.54.38.8
 
 
 
EasyQA Plugin cross-site request forgery0.060.00885CVE-2022-34203
2026335.44.36.5
 
 
 
Convertigo Mobile Platform Plugin cross-site request forgery0.000.00885CVE-2022-34200
2026324.43.55.4
 
 
 
Stash Branch Parameter Plugin cross site scripting0.040.00885CVE-2022-34198
2026314.43.55.4
 
 
 
Sauce OnDemand Plugin cross site scripting0.040.00885CVE-2022-34197
2026304.43.55.4
 
 
 
REST List Parameter Plugin cross site scripting0.090.00885CVE-2022-34196
2026294.43.55.4
 
 
 
Repository Connector Plugin Maven Repository Artifact cross site scripting0.080.00885CVE-2022-34195
2026284.43.55.4
 
 
 
Readonly Parameter Plugin cross site scripting0.200.00885CVE-2022-34194
2026274.43.55.4
 
 
 
Package Version Plugin cross site scripting0.040.00885CVE-2022-34193
2026264.43.55.4
 
 
 
ontrack Plugin cross site scripting0.000.00885CVE-2022-34192
2026254.43.55.4
 
 
 
NS-ND Integration Performance Publisher Plugin NetStorm Test cross site scripting0.040.00885CVE-2022-34191
2026244.43.55.4
 
 
 
Maven Metadata Plugin for Jenkins CI Server List Maven Artifact Versions cross site scripting0.030.00885CVE-2022-34190
2026234.43.55.4
 
 
 
Image Tag Parameter Plugin cross site scripting0.080.00885CVE-2022-34189
2026224.43.55.4
 
 
 
Hidden Parameter Plugin cross site scripting0.040.00885CVE-2022-34188
2026214.43.55.4
 
 
 
Filesystem List Parameter Plugin File System Object cross site scripting0.040.00885CVE-2022-34187
2026204.43.55.4
 
 
 
Dynamic Extended Choice Parameter Plugin Moded Extended Choice cross site scripting0.030.00885CVE-2022-34186
2026194.43.55.4
 
 
 
Date Parameter Plugin cross site scripting0.040.00885CVE-2022-34185
2026184.43.55.4
 
 
 
CRX Content Package Deployer Plugin CRX Content Package Choice cross site scripting0.040.00885CVE-2022-34184
2026174.43.55.4
 
 
 
Agent Server Parameter Plugin cross site scripting0.040.00885CVE-2022-34183
2026164.83.56.1
 
 
 
Nested View Plugin Search Parameter cross site scripting0.040.00885CVE-2022-34182
2026154.83.56.1
 
 
 
Embeddable Build Status Plugin Query Parameter cross site scripting0.030.00885CVE-2022-34178
2026144.43.55.4
 
 
 
JUnit Plugin Test Result cross site scripting0.030.00885CVE-2022-34176
2026134.13.54.8
 
 
 
Simple Bakery Shop Management cross site scripting0.040.00885CVE-2022-32987
2026124.83.56.1
 
 
 
Jenkins Build Button cross site scripting0.070.00885CVE-2022-34173
2026114.83.56.1
 
 
 
Jenkins Symbol-based Icons cross site scripting0.030.00885CVE-2022-34172

61 more entries are not shown

Do you need the next level of professionalism?

Upgrade your account now!