CVSSv3 07/15/2022

CVSSv3 Base

≤10
≤20
≤31
≤411
≤511
≤64
≤723
≤83
≤90
≤100

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤31
≤412
≤510
≤612
≤715
≤83
≤90
≤100

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤20
≤32
≤412
≤510
≤64
≤722
≤83
≤90
≤100

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤31
≤41
≤52
≤61
≤72
≤810
≤90
≤100

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTIEPSSCVE
2039537.06.3
 
7.8
 
 
Adobe Acrobat Reader File Parser out-of-bounds0.050.01223CVE-2022-34226
2039527.06.3
 
7.8
 
 
Adobe Acrobat Reader File Parser out-of-bounds0.000.01223CVE-2022-34222
2039517.06.3
 
7.8
 
 
Adobe Acrobat Reader File Parser out-of-bounds0.000.01223CVE-2022-34215
2039507.06.3
 
7.8
 
 
Adobe Acrobat Reader use after free0.080.01223CVE-2022-34230
2039497.06.3
 
7.8
 
 
Adobe Acrobat Reader use after free0.040.01223CVE-2022-34229
2039487.06.3
 
7.8
 
 
Adobe Acrobat Reader uninitialized pointer0.050.01223CVE-2022-34228
2039477.06.3
 
7.8
 
 
Adobe Acrobat Reader use after free0.000.01223CVE-2022-34225
2039467.06.3
 
7.8
 
 
Adobe Acrobat Reader use after free0.020.01223CVE-2022-34223
2039457.06.3
 
7.8
 
 
Adobe Acrobat Reader use after free0.080.01223CVE-2022-34220
2039446.36.3
 
 
 
 
Adobe Acrobat Reader use after free0.030.01223CVE-2022-34219
2039436.36.3
 
 
 
 
Adobe Acrobat Reader out-of-bounds write0.000.01223CVE-2022-34217
2039426.36.3
 
 
 
 
Adobe Acrobat Reader use after free0.000.01223CVE-2022-34216
2039414.34.3
 
 
 
 
Adobe Acrobat Reader out-of-bounds0.030.01046CVE-2022-34239
2039406.36.3
 
 
 
 
Adobe Acrobat Reader use after free0.030.01046CVE-2022-34237
2039394.34.3
 
 
 
 
Adobe Acrobat Reader out-of-bounds0.000.01046CVE-2022-34236
2039386.36.3
 
 
 
 
Adobe Acrobat Reader use after free0.050.01046CVE-2022-34234
2039376.36.3
 
 
 
 
Adobe Acrobat Reader use after free0.080.01046CVE-2022-34233
2039366.36.3
 
 
 
 
Adobe Acrobat Reader use after free0.070.01046CVE-2022-34232
2039356.36.3
 
 
 
 
Adobe Acrobat Reader type confusion0.050.01223CVE-2022-34221
2039343.53.5
 
 
 
 
Octopus Server Help Sidebar cross site scripting0.050.00885CVE-2022-29890
2039333.53.5
 
 
 
 
Octopus Server resource injection0.020.00885CVE-2022-1881
2039325.35.3
 
 
 
 
jquery-validation redos0.080.00954CVE-2022-31147
2039313.13.1
 
 
 
 
Mealie Login timing discrepancy0.080.00885CVE-2022-32425
2039306.36.3
 
 
 
 
oretnom23 Product Show Room Site sql injection0.000.00885CVE-2022-32415
2039294.34.3
 
4.3
 
 
Mattermost Guest Account information disclosure0.040.00885CVE-2022-2408
2039286.45.3
 
7.5
 
 
fastify bearer-auth crypto.timingSafeEqual timing discrepancy0.000.01018CVE-2022-31142
2039273.53.5
 
 
 
 
GtkRadiant q3map2 buffer overflow0.000.00885CVE-2022-32406
2039264.34.3
 
 
 
 
Isode SWIFT Registry Editor hard-coded credentials0.030.00954CVE-2022-32389
2039255.55.5
 
 
 
 
AutoTrace input-bmp.c ReadImage heap-based overflow0.000.00885CVE-2022-32323
2039244.34.3
 
 
 
 
MPlayer File vo_v4l2.c denial of service0.000.00885CVE-2022-32317
2039233.53.5
 
 
 
 
Toybox httpd.c null pointer dereference0.040.00885CVE-2022-32298
2039226.36.3
 
 
 
 
Piwigo Search sql injection0.050.00885CVE-2022-32297
2039214.42.2
 
6.6
 
 
Gradle Dependency Verification unknown vulnerability0.050.00885CVE-2022-31156
2039203.33.3
 
 
 
 
AMD Ryzen/Athlon/EPYC Branch Predictor information disclosure0.040.00950CVE-2022-23825
2039196.76.7
 
 
 
 
AMD Ryzen/Athlon System Management Interface out-of-bounds0.030.00885CVE-2021-26384
2039184.44.4
 
 
 
 
AMD Ryzen Audio Co-Processor denial of service0.070.00885CVE-2021-26382
2039174.34.3
 
4.3
 
 
Mattermost Legacy Slack Import resource consumption0.040.00885CVE-2022-2406
2039165.44.3
 
6.5
 
 
Mattermost API information disclosure0.000.00885CVE-2022-2401
2039155.55.5
 
 
 
 
Portal do Software Publico Brasileiro i3geo HTTP Request codemirror.php file inclusion0.000.00885CVE-2022-32409
2039144.34.3
 
 
 
 
Linux Kernel eBPF bpf.c nsim_bpf_map_alloc information disclosure0.050.00885CVE-2021-4135
2039133.53.5
 
 
 
 
Portal do Software Publico Brasileiro i3geo request_token.php cross site scripting0.080.01018CVE-2022-34094
2039123.53.5
 
 
 
 
Portal do Software Publico Brasileiro i3geo access_token.php cross site scripting0.050.01018CVE-2022-34093
2039113.53.5
 
 
 
 
Portal do Software Publico Brasileiro i3geo svg2img.php cross site scripting0.000.01018CVE-2022-34092
2039106.36.3
 
 
 
 
oretnom23 Product Show Room Site sql injection0.050.00885CVE-2022-32416
2039093.53.5
 
 
 
 
oretnom23 Fast Food Ordering System cross site scripting0.000.00885CVE-2022-32318
2039082.62.2
 
3.0
 
 
IBM Security Verify Identity Manager information disclosure0.080.00885CVE-2022-22460
2039074.43.7
 
5.1
 
 
IBM Security Verify Identity Manager inadequate encryption0.030.00885CVE-2022-22453
2039064.34.7
 
3.8
 
 
IBM Security Verify Identity Manager HTTP Request unrestricted upload0.000.00885CVE-2022-22450
2039053.73.7
 
 
 
 
IBM Security Verify Identity Manager excessive authentication0.070.01055CVE-2022-22452
2039046.36.3
 
 
 
 
PbootCMS function.php parserIfLabel Privilege Escalation0.040.01156CVE-2022-32417

3 more entries are not shown

Do you want to use VulDB in your project?

Use the official API to access entries easily!