CVSSv3 07/30/2022

CVSSv3 Base

≤10
≤20
≤30
≤46
≤54
≤69
≤714
≤82
≤90
≤100

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤30
≤46
≤54
≤619
≤74
≤82
≤90
≤100

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤20
≤31
≤45
≤54
≤69
≤714
≤82
≤90
≤100

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤30
≤41
≤51
≤64
≤70
≤80
≤90
≤100

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTIEPSSCVE
2053436.36.3
 
 
 
 
Rockwell Automation ISaGRAF Workbench deserialization1.860.00000CVE-2022-2465
2053426.36.3
 
 
 
 
Rockwell Automation ISaGRAF Workbench path traversal1.550.00000CVE-2022-2464
2053416.36.3
 
 
 
 
Rockwell Automation ISaGRAF Workbench 7z File path traversal2.670.00000CVE-2022-2463
2053403.73.7
 
 
 
 
AutomationDirect SIO-MB04RTDS cleartext transmission1.240.00000CVE-2022-2485
2053394.74.7
 
 
 
 
Inductive Automation Ignition xml external entity reference1.120.00000CVE-2022-1704
2053387.57.5
 
 
 
 
Moxa NPort 5110 out-of-bounds write2.980.00000CVE-2022-2044
2053377.57.5
 
 
 
 
Moxa NPort 5110 out-of-bounds write2.790.00000CVE-2022-2043
2053363.53.5
 
 
 
 
Velocidex Velociraptor GUI cross site scripting1.120.00885CVE-2022-35632
2053353.53.5
 
 
 
 
Velocidex Velociraptor Collection Report cross site scripting1.140.00885CVE-2022-35630
2053346.36.3
 
 
 
 
Trend Micro VPN Proxy Pro permission2.850.00885CVE-2022-33158
2053335.55.5
 
 
 
 
SonicWALL Hosted Email Security Capture ATP Security Service security check1.180.00885CVE-2022-2324
2053325.65.6
 
 
 
 
Velocidex Velociraptor improper authentication1.010.00885CVE-2022-35629
2053316.36.3
 
 
 
 
Trend Micro Apex One/Worry-Free Business Security link following1.450.00885CVE-2022-36336
2053306.36.3
 
 
 
 
Dogtag PKI XML Document Parser xml external entity reference0.880.01055CVE-2022-2414
2053293.53.5
 
 
 
 
Trend Micro Security 2021/Security 2022 out-of-bounds0.930.00885CVE-2022-35234
2053286.36.3
 
 
 
 
EllieGrid App code injection0.950.00885CVE-2022-30083
2053274.64.6
 
 
 
 
Chia Network CAT1 Standard unknown vulnerability0.950.00885CVE-2022-36447
2053265.55.5
 
 
 
 
D-Link DSL-3782 getAttrValue stack-based overflow3.480.00885CVE-2022-34528
2053255.55.5
 
 
 
 
D-Link DSL-3782 byte_4C0160 command injection2.790.01005CVE-2022-34527
2053244.34.3
 
 
 
 
Tiffsplit TIFF File _TIFFVGetField stack-based overflow2.550.00885CVE-2022-34526
2053235.55.5
 
 
 
 
HiBy R3 Pro unrestricted upload2.340.00885CVE-2022-34496
2053226.36.3
 
 
 
 
Autodesk Design Review TGA File DesignReview.exe out-of-bounds write2.360.02155CVE-2022-27865
2053216.36.3
 
 
 
 
Autodesk Design Review PDF File DesignReview.exe double free2.170.02722CVE-2022-27864
2053205.35.3
 
5.3
 
 
Western Digital Sweet B Cryptographic Library NIST P-256 Curve unknown vulnerability2.120.00885CVE-2022-23004
2053196.36.3
 
 
 
 
Velocidex Velociraptor temp file2.150.00885CVE-2022-35631
2053183.93.9
 
3.9
 
 
HCL Remote Store Server insufficiently protected credentials2.210.00885CVE-2021-27785
2053176.36.3
 
 
 
 
Autodesk Fusion360 HTTP Request access control2.340.00885CVE-2022-27873
2053166.36.3
 
 
 
 
Autodesk Design Review TIFF File DesignReview.exe out-of-bounds2.730.02155CVE-2022-27866
2053156.36.3
 
 
 
 
SonicWALL Switch command injection2.240.02722CVE-2022-2323
2053145.35.3
 
5.3
 
 
Western Digital Sweet B Cryptographic Library NIST P-256 Curve unknown vulnerability1.930.00885CVE-2022-23003
2053135.35.3
 
5.3
 
 
Western Digital Sweet B Cryptographic Library NIST P-256 Elliptic Curve unknown vulnerability0.810.00885CVE-2022-23002
2053125.35.3
 
5.3
 
 
Western Digital Sweet B Cryptographic Library Elliptic Curve calculation0.760.00885CVE-2022-23001
2053114.34.3
 
 
 
 
Autodesk AutoCAD 2023 PRT File out-of-bounds0.760.02155CVE-2022-33881
2053103.62.4
 
4.8
 
 
PluginlySpeaking Floating Div Plugin cross site scripting0.940.00885CVE-2022-36378
2053096.36.3
 
 
 
 
DedeCMS mytag_main.php mytag_ Privilege Escalation0.880.02722CVE-2022-34531

Do you need the next level of professionalism?

Upgrade your account now!