CVSSv3 07/25/2022

CVSSv3 Base

≤10
≤20
≤31
≤46
≤53
≤61
≤74
≤80
≤93
≤100

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤31
≤46
≤53
≤62
≤73
≤80
≤93
≤100

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤20
≤31
≤46
≤53
≤62
≤73
≤82
≤91
≤100

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤30
≤40
≤51
≤60
≤70
≤81
≤91
≤102

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTIEPSSCVE
2049822.42.4
 
 
 
 
Request a Quote Plugin Setting cross site scripting0.000.00885CVE-2022-2239
2049813.53.5
 
 
 
 
Unyson Plugin cross site scripting0.050.00885CVE-2022-2219
2049806.36.3
 
 
 
 
OpenTeknik OSSN Open Source Social Network com_installer unrestricted upload0.000.01549CVE-2022-34965
2049793.53.5
 
 
 
 
WP Video Lightbox Plugin cross site scripting0.060.00885CVE-2022-2189
2049783.53.5
 
 
 
 
Popup Anything Plugin Frontend Page cross site scripting0.050.00885CVE-2022-2115
2049773.53.5
 
 
 
 
Header Footer Code Manager Plugin Admin Page cross site scripting0.000.00885CVE-2022-0899
2049768.37.3
 
9.3
 
 
Osamaesh WP Visitor Statistics Plugin sql injection0.050.00885CVE-2022-33965
2049756.36.3
 
 
 
 
Request a Quote Plugin csv injection0.040.00885CVE-2022-2240
2049743.53.5
 
 
 
 
SP Project & Document Manager Plugin information disclosure0.000.00885CVE-2022-1551
2049738.37.3
 
9.4
 
 
ffmpeg-sdk index.js injection0.050.00885CVE-2020-28435
2049724.64.3
 
5.0
 
 
ABB Hitachi Energy MSM Web Interface cross-site request forgery0.030.00885CVE-2021-40335
2049714.34.3
 
 
 
 
Professional Social Sharing Buttons, Icons & Related Posts Plugin AJAX Action information disclosure0.000.00885CVE-2022-0594
2049705.55.5
 
 
 
 
Exports and Reports Plugin CSV Export csv injection0.000.00885CVE-2022-1539
2049693.53.5
 
 
 
 
Webmin UI Command apt-lib.pl cross site scripting0.000.00885CVE-2022-36446
2049686.75.5
 
8.0
 
 
Obsidian URL code0.050.02722CVE-2022-36450
2049678.68.6
 
8.6
 
 
Atos Unify OpenScape SBC/OpenScape Branch/OpenScape BCF Remote Code Execution0.070.02722CVE-2022-36444
2049666.36.3
 
 
 
 
GNOME gdk-pixbuf GIF File io-gif-animation.c composite_frame heap-based overflow0.000.01707CVE-2021-46829
2049654.34.3
 
 
 
 
Apache MXNet Operator Name resource consumption0.030.00885CVE-2022-24294

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!