CVSSv3 07/08/2022

CVSSv3 Base

≤10
≤20
≤30
≤44
≤54
≤610
≤74
≤81
≤91
≤100

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤31
≤43
≤55
≤610
≤73
≤81
≤91
≤100

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤20
≤31
≤46
≤51
≤611
≤73
≤81
≤91
≤100

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤31
≤40
≤50
≤66
≤70
≤84
≤90
≤100

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTIEPSSCVE
2034063.13.1
 
 
 
 
PortSwigger Burp Suite Repeater/Intruder redirect0.330.00885CVE-2022-35406
2034055.55.5
 
5.4
 
 
IBM CICS TX Standard/CICS TX Advanced HTTP Header injection0.030.00890CVE-2022-34306
2034044.43.5
 
5.4
 
 
IBM CICS TX Standard/CICS TX Advanced Web UI cross site scripting0.000.00890CVE-2022-34167
2034034.43.5
 
5.4
 
 
IBM CICS TX Standard/CICS TX Advanced Web UI cross site scripting0.060.00890CVE-2022-34166
2034024.84.3
 
5.4
 
 
IBM CICS TX Standard/CICS TX Advanced injection0.030.01136CVE-2022-34160
2034013.53.5
 
 
 
 
Known cross site scripting0.030.00950CVE-2022-31290
2034005.55.5
 
 
 
 
Known SVG File isSVG Privilege Escalation0.050.00954CVE-2022-32115
2033995.55.5
 
 
 
 
Known Header injection0.030.00950CVE-2022-33011
2033985.55.5
 
 
 
 
Known resource injection0.030.00890CVE-2022-30852
2033973.53.5
 
 
 
 
HPE FlexNetwork/FlexFabric cross site scripting0.060.00885CVE-2022-28624
2033966.36.3
 
 
 
 
HPE IceWall SSO sql injection0.400.00885CVE-2022-28623
2033954.12.4
 
5.9
 
 
AdminLTE cross site scripting0.070.00885CVE-2022-31029
2033945.55.5
 
 
 
 
GFI Mail Archiver Telerik Web UI Plugin unrestricted upload0.060.01018CVE-2021-29281
2033935.55.5
 
 
 
 
Keycloak authorization0.730.00885CVE-2022-1245
2033925.55.5
 
 
 
 
Snipe-IT People Menu unrestricted upload0.070.01338CVE-2022-32061
2033915.55.5
 
 
 
 
Snipe-IT Update Branding Settings unrestricted upload0.000.01338CVE-2022-32060
2033906.45.3
 
7.5
 
 
Eclipse Jetty SslConnection resource control0.130.00885CVE-2022-2191
2033893.33.8
 
2.7
 
 
Eclipse Jetty HttpURI input validation0.130.00885CVE-2022-2047
2033885.55.5
 
 
 
 
Eclipse Lyo RDF xml external entity reference0.000.00885CVE-2021-41042
2033877.87.8
 
7.8
 
 
Dell EMC PowerProtect Cyber Recovery access control0.070.00885CVE-2022-32481
2033866.45.3
 
7.5
 
 
Eclipse Jetty HTTP2 Server insufficient resource pool0.530.00885CVE-2022-2048
2033858.48.8
 
8.0
 
 
Dell EMC Storage Cloud Mobility Remote Code Execution0.230.00885CVE-2022-33936
2033845.96.3
 
5.5
 
 
Eclipse Equinox p2 unknown vulnerability0.070.00885CVE-2021-41037
2033836.36.3
 
 
 
 
atoms183 CMS product_admin.php sql injection0.000.00885CVE-2021-35283

Do you need the next level of professionalism?

Upgrade your account now!