CVSSv3 07/28/2022

CVSSv3 Base

≤10
≤20
≤31
≤46
≤57
≤610
≤712
≤813
≤95
≤104

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤31
≤47
≤56
≤614
≤79
≤813
≤94
≤104

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤20
≤32
≤49
≤57
≤611
≤715
≤86
≤96
≤102

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤30
≤42
≤52
≤65
≤74
≤811
≤98
≤107

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTIEPSSCVE
2052586.56.5
 
 
 
 
Honeywell Safety Manager data authenticity0.940.16754CVE-2022-30315
2052572.42.4
 
 
 
 
GS Plugins GS Testimonial Slider Plugin cross site scripting1.000.00885CVE-2022-35882
2052566.36.3
 
 
 
 
mb.miniAudioPlayer-an HTML5 Audio Player improper authentication0.940.00885CVE-2016-0796
2052553.53.5
 
 
 
 
kippo-graph KippoInput.class.php xss_clean cross site scripting0.940.00885CVE-2016-2138
2052543.53.5
 
 
 
 
kippo-graph KippoInput.class.php cross site scripting0.940.00885CVE-2016-2139
2052533.43.3
 
3.6
 
 
JetBrains IntelliJ IDEA Email Address input validation0.830.00885CVE-2022-37010
2052524.14.2
 
3.9
 
 
JetBrains IntelliJ IDEA code injection1.050.02559CVE-2022-37009
2052515.35.3
 
5.3
 
 
Synology Media Server information disclosure1.000.01055CVE-2022-27614
2052507.36.3
 
8.3
 
 
Synology CardDAV Server WebAPI sql injection0.900.01055CVE-2022-27613
2052497.37.3
 
7.3
 
 
Synology Audio Station buffer overflow0.850.01055CVE-2022-27612
2052487.27.2
 
7.2
 
 
Synology DiskStation Manager Task Management os command injection0.980.01055CVE-2022-22684
2052479.99.8
 
10.0
 
 
Synology Media Server CGI buffer overflow1.760.02722CVE-2022-22683
2052465.45.4
 
 
 
 
Synology Audio Station path traversal1.020.01055CVE-2022-27611
2052456.23.8
 
8.7
 
 
Synology WebDAV Server path traversal0.980.01055CVE-2022-22685
2052446.36.3
 
 
 
 
Apache Calcite Avatica JDBC Driver initialization1.050.03948CVE-2022-36364
2052437.98.1
 
7.7
 
 
PHP libmagic finfo_buffer free of memory not on the heap0.690.00885CVE-2022-31627
2052423.53.5
 
 
 
 
Fossil Ticket cross site scripting0.550.00885CVE-2022-34009
2052417.57.3
 
7.8
 
 
Veritas NetBackup Local Privilege Escalation0.490.00885CVE-2022-36955
2052408.88.8
 
 
 
 
Veritas NetBackup OpsCenter VxSS Subsystem hard-coded credentials0.710.00885CVE-2022-36952
2052398.57.8
 
9.3
 
 
Veritas NetBackup OpsCenter Local Privilege Escalation0.500.00885CVE-2022-36949
2052384.43.5
 
5.4
 
 
Veritas NetBackup OpsCenter cross site scripting0.500.00885CVE-2022-36948
2052375.55.5
 
 
 
 
GoAnywhere MFT or path traversal0.580.00885CVE-2021-46830
2052365.45.0
 
5.9
 
 
VISAM VBASE XML Document Remote Code Execution0.110.00885CVE-2021-42537
2052354.23.1
 
5.3
 
 
VISAM user-controllable cross site scripting0.110.00885CVE-2021-42535
2052348.18.8
 
7.3
 
 
AVEVA Platform Common Services uncontrolled search path0.110.00885CVE-2021-38410
2052335.55.3
 
5.8
 
 
Rockwell Automation CompactLogix 5370/ControlLogix 5570 CIP Packet denial of service0.110.11419CVE-2020-6998
2052327.87.8
 
7.8
 
 
Veritas NetBackup access control0.050.00885CVE-2022-36985
2052315.45.4
 
 
 
 
Veritas NetBackup access control0.050.00885CVE-2022-36995
2052304.22.2
 
6.3
 
 
Veritas NetBackup information disclosure0.110.00885CVE-2022-36994
2052297.26.3
 
8.1
 
 
Veritas NetBackup access control0.050.00885CVE-2022-36991
2052286.75.0
 
8.5
 
 
Veritas NetBackup access control0.050.00885CVE-2022-36987
2052277.25.5
 
9.0
 
 
Symantec Veritas Netbackup certificate validation0.000.02559CVE-2022-36956
2052268.16.3
 
9.9
 
 
Veritas NetBackup OpsCenter User Account access control0.110.01055CVE-2022-36954
2052254.85.3
 
4.3
 
 
Veritas NetBackup OpsCenter information disclosure0.270.01055CVE-2022-36953
2052248.98.1
 
9.8
 
 
Veritas NetBackup OpsCenter Remote Code Execution0.270.01055CVE-2022-36951
2052239.89.8
 
9.8
 
 
Veritas NetBackup OpsCenter Java Classloader code injection1.140.02722CVE-2022-36950
2052226.35.3
 
7.4
 
 
VISAM VBASE Web-remote Endpoint information disclosure0.160.00885CVE-2021-38417
2052216.76.3
 
7.1
 
 
Veritas NetBackup server-side request forgery0.000.00885CVE-2022-36997
2052205.44.3
 
6.5
 
 
Veritas NetBackup information disclosure0.050.00885CVE-2022-37000
2052195.44.3
 
6.5
 
 
Veritas NetBackup information disclosure0.050.00885CVE-2022-36999
2052185.85.3
 
6.3
 
 
Veritas NetBackup stack-based overflow0.170.00885CVE-2022-36998
2052174.34.3
 
4.3
 
 
Veritas NetBackup information disclosure0.110.00885CVE-2022-36996
2052167.56.3
 
8.8
 
 
Veritas NetBackup access control0.110.00885CVE-2022-36993
2052159.38.8
 
9.9
 
 
Veritas NetBackup access control1.040.00885CVE-2022-36992
2052149.28.8
 
9.6
 
 
Veritas NetBackup access control0.160.00885CVE-2022-36990
2052137.76.6
 
8.8
 
 
Veritas NetBackup Privilege Escalation0.000.00885CVE-2022-36989
2052127.36.6
 
8.0
 
 
Veritas NetBackup Privilege Escalation0.720.00885CVE-2022-36988
2052117.97.3
 
8.6
 
 
Veritas Netbackup access control0.110.00885CVE-2022-36986
2052107.16.5
 
7.7
 
 
Veritas NetBackup denial of service0.630.00885CVE-2022-36984
2052096.55.4
 
7.7
 
 
Synology DNS Server path traversal0.000.01055CVE-2022-27615

8 more entries are not shown

Want to stay up to date on a daily basis?

Enable the mail alert feature now!