CVSSv3 06/25/2022

CVSSv3 Base

≤10
≤20
≤36
≤413
≤513
≤635
≤712
≤83
≤97
≤105

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤37
≤412
≤514
≤639
≤79
≤83
≤95
≤105

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤20
≤37
≤418
≤517
≤626
≤711
≤88
≤93
≤104

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤30
≤43
≤52
≤65
≤78
≤86
≤90
≤1011

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTICVE
2027535.24.3
 
6.1
 
 
Raytion cross site scripting0.05CVE-2022-29931
2027525.44.3
 
6.5
 
 
Argo CD resource consumption0.00CVE-2022-31016
2027514.34.3
 
 
 
 
wire-webapp mentions cross site scripting0.05CVE-2022-29168
2027502.22.2
 
 
 
 
Zulip API Event expression is always true0.05CVE-2022-31017
2027496.25.0
 
7.5
 
 
Espressif Bluetooth Mesh SDK out-of-bounds write0.05CVE-2022-24893
2027486.36.3
 
 
 
 
Ruijie RG-EG350 alarmService.php get_alarmAction sql injection0.05CVE-2022-33128
2027474.34.3
 
 
 
 
miniCMS DAT File cross-site request forgery0.04CVE-2022-33121
2027463.53.5
 
 
 
 
EyouCMS Login Page cross site scripting0.04CVE-2022-33122
2027453.53.5
 
 
 
 
BigBlueButton Private Message cross site scripting0.05CVE-2022-27238
2027445.44.9
 
5.9
 
 
SysAid Okta SSO xml external entity reference0.05CVE-2022-23170
2027437.47.3
 
7.5
 
 
deep-get-set Incomplete Fix CVE-2020-7715 deep code injection0.05CVE-2022-21231
2027425.55.5
 
 
 
 
Dradis Professional Edition Password Reset Token password recovery0.05CVE-2022-30028
2027415.55.5
 
 
 
 
Telesoft VitalPBX Backup System access control0.05CVE-2022-29330
2027404.83.5
 
6.1
 
 
Dell Wyse Management Suite saveGroupConfigurations Page cross site scripting0.05CVE-2022-29096
2027395.55.5
 
 
 
 
Online Student Rate System access control0.10CVE-2021-39409
2027384.34.3
 
 
 
 
GNOME GIMP XCF File gimp_layer_invalidate_boundary denial of service0.07CVE-2022-32990
2027375.33.1
 
7.5
 
 
OFFIS DCMTK DICOM File null pointer dereference0.13CVE-2022-2121
2027368.67.3
 
10.0
 
 
Illumina Local Run Manager path traversal0.09CVE-2022-1518
2027352.72.7
 
 
 
 
Broadcom Symantec Messaging Gateway Active Directory information disclosure0.05CVE-2021-30651
2027346.36.3
 
 
 
 
Thales Safenet Authentication Client Lock File symlink0.04CVE-2021-42056
2027338.88.8
 
 
 
 
EagleGet Downloader luminati_net_updater_win_eagleget_com Privilege Escalation0.05CVE-2020-21046
2027322.62.6
 
 
 
 
Concrete cross site scripting0.05CVE-2022-30120
2027312.62.6
 
 
 
 
Concrete view cross site scripting0.05CVE-2022-30119
2027302.62.6
 
 
 
 
Concrete [GUID] cross site scripting0.05CVE-2022-30118
2027293.53.5
 
 
 
 
underscore-99xp deepValueSearch incorrect regex0.05CVE-2021-40894
2027282.72.7
 
 
 
 
Dell WMS Device API path traversal0.05CVE-2022-29097
2027273.53.5
 
 
 
 
validate-data Mail incorrect regex0.05CVE-2021-40893
2027269.69.8
 
9.4
 
 
Secheron SEPCOS behavioral workflow0.05CVE-2022-2105
2027258.57.3
 
9.8
 
 
Secheron SEPCOS FTP Server access control0.00CVE-2022-2103
2027245.53.7
 
7.4
 
 
Illumina Local Run Manager TLS Encryption cleartext transmission0.00CVE-2022-1524
2027238.27.3
 
9.1
 
 
Illumina Local Run Manager improper authorization0.07CVE-2022-1521
2027229.99.8
 
10.0
 
 
Illumina Local Run Manager unrestricted upload0.00CVE-2022-1519
2027213.53.5
 
 
 
 
validate-color RGB String incorrect regex0.00CVE-2021-40892
2027206.36.3
 
 
 
 
HPE Version Control Repository Manager Installer Privilege Escalation0.00CVE-2022-28619
2027195.65.6
 
 
 
 
Texercise backdoor0.03CVE-2022-34066
2027185.65.6
 
 
 
 
Rondolu-YT-Concate backdoor0.00CVE-2022-34065
2027175.65.6
 
 
 
 
Zibal backdoor0.04CVE-2022-34064
2027165.65.6
 
 
 
 
Catly-Translate backdoor0.00CVE-2022-34061
2027155.65.6
 
 
 
 
Togglee backdoor0.00CVE-2022-34060
2027145.65.6
 
 
 
 
Sixfab-Tool Request backdoor0.03CVE-2022-34059
2027135.65.6
 
 
 
 
Scoptrial Request Package backdoor0.00CVE-2022-34057
2027125.65.6
 
 
 
 
Watertools Request backdoor0.00CVE-2022-34056
2027115.65.6
 
 
 
 
drxhello Request Package backdoor0.00CVE-2022-34055
2027105.65.6
 
 
 
 
Perdido Request Package backdoor0.03CVE-2022-34054
2027095.65.6
 
 
 
 
DR-Web-Engine Request Package backdoor0.04CVE-2022-34053
2027085.65.6
 
 
 
 
Beginner Request Package backdoor0.04CVE-2022-33004
2027075.65.6
 
 
 
 
watools Request Package backdoor0.05CVE-2022-33003
2027065.65.6
 
 
 
 
KGExplore Request Package backdoor0.00CVE-2022-33002
2027055.65.6
 
 
 
 
AAmiles Request Package backdoor0.04CVE-2022-33001
2027045.65.6
 
 
 
 
ML-Scanner Request Package backdoor0.03CVE-2022-33000

44 more entries are not shown

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!