CVSSv3 08/02/2022

CVSSv3 Base

≤10
≤20
≤31
≤44
≤517
≤615
≤722
≤83
≤93
≤100

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤31
≤418
≤53
≤615
≤722
≤84
≤92
≤100

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤20
≤31
≤43
≤522
≤613
≤720
≤86
≤90
≤100

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤31
≤42
≤52
≤67
≤73
≤89
≤94
≤103

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTIEPSSCVE
2054945.35.3
 
 
 
 
MediaTek MT8797 cta permission1.440.00000CVE-2022-26429
2054935.64.3
 
6.9
 
 
beancount fava cross site scripting1.410.00000CVE-2022-2589
2054923.53.5
 
 
 
 
PyroCMS cross site scripting1.410.00000CVE-2022-35118
2054913.53.5
 
 
 
 
Backdrop CMS Password Reset information disclosure1.310.00000CVE-2022-34530
2054905.55.5
 
 
 
 
University of Texas Mango Plugins access control1.340.00000CVE-2022-34567
2054894.24.2
 
 
 
 
MediaTek MT8981 WiFi Driver out-of-bounds write1.280.00000CVE-2022-26445
2054884.24.2
 
 
 
 
MediaTek MT8981 WiFi Driver out-of-bounds write1.190.00000CVE-2022-26444
2054874.24.2
 
 
 
 
MediaTek MT8981 WiFi Driver out-of-bounds write1.190.00000CVE-2022-26443
2054864.24.2
 
 
 
 
MediaTek MT8981 WiFi Driver out-of-bounds write1.220.00000CVE-2022-26442
2054854.24.2
 
 
 
 
MediaTek MT8981 WiFi Driver out-of-bounds write1.280.00000CVE-2022-26441
2054844.24.2
 
 
 
 
MediaTek MT8981 WiFi Driver out-of-bounds write1.220.00000CVE-2022-26440
2054834.24.2
 
 
 
 
MediaTek MT8981 WiFi Driver out-of-bounds write1.130.00000CVE-2022-26439
2054824.24.2
 
 
 
 
MediaTek MT8981 WiFi Driver out-of-bounds write1.160.00000CVE-2022-26438
2054814.24.2
 
 
 
 
MediaTek MT8797 Mailbox out-of-bounds write1.150.00000CVE-2022-26435
2054804.24.2
 
 
 
 
MediaTek MT8797 Mailbox out-of-bounds write1.150.00000CVE-2022-26434
2054794.24.2
 
 
 
 
MediaTek MT8797 Mailbox out-of-bounds write1.180.00000CVE-2022-26433
2054784.24.2
 
 
 
 
MediaTek MT8797 Mailbox out-of-bounds write1.220.00000CVE-2022-26432
2054774.24.2
 
 
 
 
MediaTek MT8797 Mailbox out-of-bounds write1.340.00000CVE-2022-26431
2054764.24.2
 
 
 
 
MediaTek MT8797 Mailbox out-of-bounds write1.220.00000CVE-2022-26430
2054753.53.5
 
 
 
 
graphql-go Type Definition Parser recursion1.410.00000CVE-2022-37315
2054745.45.4
 
5.3
 
 
Solana Pay Transaction validateTransfer control flow1.340.00000CVE-2022-35917
2054735.96.5
 
5.3
 
 
OpenZeppelin CrossChainEnabledArbitrumL2/LibArbitrumL2 resource transfer1.460.00000CVE-2022-35916
2054728.57.3
 
9.8
 
 
Shescape Regular Expression escapeAll injection1.830.00000CVE-2022-31180
2054715.74.3
 
7.1
 
 
DSpace dspace-jspui cross site scripting1.310.00000CVE-2022-31191
2054707.97.3
 
8.6
 
 
CVAT server-side request forgery1.310.00000CVE-2022-31188
2054694.55.5
 
3.5
 
 
fof byobu privileges management1.250.00000CVE-2022-35921
2054685.35.3
 
5.3
 
 
OpenZeppelin supportsInterface resource consumption1.160.00000CVE-2022-35915
2054675.55.5
 
 
 
 
Bolt Privilege Escalation1.310.00000CVE-2022-31321
2054667.06.5
 
7.5
 
 
OpenZeppelin GovernorVotesQuorumFraction calculation1.370.00000CVE-2022-31198
2054655.94.7
 
7.2
 
 
DSpace ItemImportServiceImpl path traversal1.100.00000CVE-2022-31195
2054646.76.3
 
7.1
 
 
DSpace dspace-jspui redirect1.220.00000CVE-2022-31193
2054635.35.3
 
5.3
 
 
DSpace dspace-xmlui information disclosure1.190.00000CVE-2022-31190
2054625.35.3
 
5.3
 
 
DSpace dspace-jspui internal.jsp information exposure1.190.00000CVE-2022-31189
2054618.27.3
 
9.1
 
 
fs2 certificate validation1.500.00000CVE-2022-31183
2054606.85.6
 
8.1
 
 
Shescape API Function injection1.460.00000CVE-2022-31179
2054594.34.3
 
4.3
 
 
eLabFTW Template authorization1.220.00000CVE-2022-31178
2054586.36.3
 
 
 
 
Pligg CMS load_data_for_groups.php sql injection1.610.00000CVE-2022-34956
2054576.36.3
 
 
 
 
Pligg CMS load_data_for_topusers.php sql injection1.130.00000CVE-2022-34955
2054566.36.3
 
 
 
 
Web Based Quiz System update.php sql injection1.060.00000CVE-2022-35422
2054556.36.3
 
 
 
 
Pharmacy Management System invoiceprint.php sql injection1.100.00000CVE-2022-34954
2054546.36.3
 
 
 
 
Pharmacy Management System getOrderReport.php sql injection1.150.00000CVE-2022-34953
2054536.36.3
 
 
 
 
Pharmacy Management System edituser.php sql injection1.060.00000CVE-2022-34952
2054526.36.3
 
 
 
 
Pharmacy Management System getsalereport.php sql injection1.060.00000CVE-2022-34951
2054516.36.3
 
 
 
 
Pharmacy Management System editproduct.php sql injection1.090.00000CVE-2022-34950
2054506.36.3
 
 
 
 
Pharmacy Management System login.php sql injection1.120.00000CVE-2022-34949
2054496.36.3
 
 
 
 
Pharmacy Management System editbrand.php sql injection1.120.00000CVE-2022-34948
2054486.36.3
 
 
 
 
Pharmacy Management System editcategory.php sql injection1.090.00000CVE-2022-34947
2054476.36.3
 
 
 
 
Pharmacy Management System getexpproduct.php sql injection1.000.00000CVE-2022-34946
2054466.36.3
 
 
 
 
Pharmacy Management System getproductreport.php sql injection1.000.00000CVE-2022-34945
2054456.36.3
 
 
 
 
Online Tours And Travels Management System packages.php sql injection1.060.00000CVE-2022-35421

15 more entries are not shown

Want to stay up to date on a daily basis?

Enable the mail alert feature now!