CVSSv3 07/07/2022

CVSSv3 Base

≤10
≤20
≤32
≤415
≤514
≤625
≤730
≤88
≤96
≤100

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤35
≤414
≤512
≤626
≤730
≤810
≤93
≤100

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤20
≤33
≤417
≤519
≤617
≤731
≤811
≤92
≤100

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤30
≤41
≤53
≤66
≤75
≤87
≤93
≤103

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTICVE
2033813.53.5
 
 
 
 
Magnolia CMS Edit Contact cross site scripting0.06CVE-2022-33098
2033806.56.5
 
 
 
 
TP-LINK TL-WR741N/TL-WR742N Packet httpRpmPass infinite loop0.06CVE-2022-32058
2033793.53.5
 
 
 
 
HumHub Spaces cross site scripting0.00CVE-2022-31133
2033785.55.5
 
 
 
 
Wavlink WL-WN575A3 POST Request obtw command injection0.06CVE-2022-34592
2033775.55.5
 
 
 
 
TOTOLINK EX300 MQTT Data Packet setLanguageCfg command injection0.06CVE-2022-32449
2033764.34.3
 
 
 
 
Akashi Evidence Packet denial of service0.00CVE-2022-31135
2033756.45.3
 
7.5
 
 
Hyperledger Fabric denial of service0.03CVE-2022-31121
2033745.34.3
 
6.3
 
 
Bookwyrm User Profiles/Book Description/Status cross site scripting0.00CVE-2022-31136
2033736.36.3
 
 
 
 
Google Login Plugin improper authentication0.00CVE-2015-5298
2033723.53.5
 
 
 
 
Apache Druid URL Parameter cross site scripting0.03CVE-2021-44791
2033716.36.3
 
 
 
 
Apache Druid Header improper restriction of rendered ui layers0.09CVE-2022-28889
2033704.34.3
 
 
 
 
glFTPd Connection Limit denial of service0.00CVE-2021-31645
2033696.36.3
 
 
 
 
Tenda AC10 Privilege Escalation0.00CVE-2022-32054
2033686.36.3
 
 
 
 
Online Accreditation Management process.php sql injection0.00CVE-2022-32056
2033676.36.3
 
 
 
 
Inout Homestay sql injection0.00CVE-2022-32055
2033663.53.5
 
 
 
 
EQS Integrity Line Whistleblower Entry cross site scripting0.09CVE-2022-34007
2033652.72.7
 
 
 
 
Check Point ZoneAlarm unknown vulnerability0.31CVE-2022-23744
2033646.36.3
 
 
 
 
Hex-Rays Ida Pro File memory corruption0.00CVE-2022-32441
2033635.55.5
 
 
 
 
Devolutions Server permission0.03CVE-2022-33996
2033623.13.1
 
 
 
 
cURL FTP Transfer behavioral workflow0.09CVE-2022-32208
2033613.13.1
 
 
 
 
cURL HTTP Response allocation of resources0.06CVE-2022-32205
2033602.62.6
 
 
 
 
CWP Password Reset Token generation of predictable numbers or identifiers0.10CVE-2022-25047
2033593.73.7
 
 
 
 
Openshift Origin Console missing secure attribute0.03CVE-2015-3207
2033584.64.6
 
 
 
 
cURL Cookie behavioral workflow0.27CVE-2022-32207
2033573.13.1
 
 
 
 
curl HTTP Compression allocation of resources0.12CVE-2022-32206
2033564.34.3
 
 
 
 
Codoforum Admin Panel unrestricted upload0.03CVE-2022-31854
2033558.08.0
 
 
 
 
CWP command injection0.10CVE-2022-25048
2033547.37.3
 
 
 
 
Symantec Advanced Secure Gateway/ProxySG HTTP Remote Code Execution0.21CVE-2021-46825
2033535.55.5
 
 
 
 
nextgen-gallery Plugin HTTP Request unrestricted upload0.07CVE-2015-1785
2033525.55.5
 
 
 
 
nextgen-gallery Plugin HTTP Request unrestricted upload0.00CVE-2015-1784
2033515.55.5
 
 
 
 
CWP POST Request loader.php path traversal0.06CVE-2022-25046
2033507.37.3
 
 
 
 
Red Hat IcedTea-Web applet Tag data authenticity0.25CVE-2015-5236
2033496.76.7
 
 
 
 
MediaTek MT8797 WLAN Driver out-of-bounds write0.00CVE-2022-21781
2033486.76.7
 
 
 
 
MediaTek MT8365 GED Driver use after free0.00CVE-2022-21771
2033475.35.3
 
 
 
 
MediaTek MT8167S/MT8175/MT8183/MT8362A/MT8365/MT8385 Bluetooth out-of-bounds write0.03CVE-2022-21768
2033465.43.5
 
7.3
 
 
outline cross site scripting0.03CVE-2022-2342
2033453.53.5
 
 
 
 
EidoGo SGF cross site scripting0.06CVE-2015-3172
2033444.13.3
 
4.9
 
 
HCL Launch credentials storage0.13CVE-2022-27548
2033433.53.5
 
 
 
 
Appfire Jira Misc Custom Fields App Project Name cross site scripting0.09CVE-2022-32567
2033426.76.7
 
 
 
 
MediaTek MT8798 Audio DSP out-of-bounds write0.43CVE-2022-21787
2033416.76.7
 
 
 
 
MediaTek MT8798 Audio DSP memory corruption0.09CVE-2022-21786
2033406.76.7
 
 
 
 
MediaTek MT8797 WLAN Driver out-of-bounds write0.06CVE-2022-21785
2033396.76.7
 
 
 
 
MediaTek MT8797 WLAN Driver out-of-bounds write0.03CVE-2022-21784
2033386.76.7
 
 
 
 
MediaTek MT8797 WLAN Driver out-of-bounds write0.03CVE-2022-21783
2033376.76.7
 
 
 
 
MediaTek MT8797 WLAN Driver out-of-bounds write0.06CVE-2022-21782
2033366.76.7
 
 
 
 
MediaTek MT8797 WLAN Driver out-of-bounds write0.06CVE-2022-21780
2033356.76.7
 
 
 
 
MediaTek MT8797 WLAN Driver out-of-bounds write0.06CVE-2022-21779
2033345.35.3
 
 
 
 
MediaTek MT8797 Autoboot permission0.06CVE-2022-21777
2033336.76.7
 
 
 
 
MediaTek MT8798 MDP use after free0.06CVE-2022-21776
2033326.76.7
 
 
 
 
MediaTek MT8797 sched Driver use after free0.06CVE-2022-21775

50 more entries are not shown

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!