CVSSv3 08/07/2022

CVSSv3 Base

≤10
≤20
≤30
≤40
≤51
≤63
≤75
≤86
≤90
≤100

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤30
≤40
≤51
≤64
≤75
≤85
≤90
≤100

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤20
≤30
≤41
≤54
≤61
≤78
≤81
≤90
≤100

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤72
≤86
≤92
≤105

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤30
≤41
≤52
≤60
≤77
≤81
≤90
≤100

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTIEPSSCVE
2058328.06.39.8
 
 
 
Exim Alias List host.c host_name_lookup heap-based overflow0.080.01108CVE-2022-37452
2058317.56.39.86.3
 
 
SourceCodester Online Class and Exam Scheduling System faculty_sched.php sql injection0.000.00885CVE-2022-2707
2058307.56.39.86.3
 
 
SourceCodester Online Class and Exam Scheduling System class_sched.php sql injection0.080.00885CVE-2022-2706
2058297.56.39.86.3
 
 
SourceCodester Simple Student Information System manage_department.php sql injection0.090.00885CVE-2022-2705
2058285.44.37.54.3
 
 
SourceCodester Simple E-Learning System downloadFiles.php information disclosure0.040.00885CVE-2022-2704
2058277.16.38.86.3
 
 
SourceCodester Gym Management System Exercises Module sql injection0.080.00885CVE-2022-2703
2058267.07.36.57.3
 
 
SourceCodester Company Website CMS Cookie site-settings.php access control0.040.00885CVE-2022-2702
2058256.55.57.5
 
 
 
Exim call_pam.c pam_converse use after free0.120.01537CVE-2022-37451
2058245.94.37.5
 
 
 
Foxit PDF Reader/PDF Editor exportXFAData null pointer dereference0.030.00885CVE-2022-27944
2058235.94.37.5
 
 
 
Foxit PDF Reader/PDF Editor Collab.addStateModel null pointer dereference0.040.00885CVE-2022-26979
2058224.43.56.13.5
 
 
SourceCodester Simple E-Learning System claire_blake cross site scripting0.050.00885CVE-2022-2701
2058216.14.78.84.7
 
 
SourceCodester Gym Management System GET Parameter sql injection0.000.00885CVE-2022-2700
2058206.76.37.56.3
 
 
SourceCodester Simple E-Learning System claire_blake sql injection0.000.00885CVE-2022-2699
2058197.56.39.86.3
 
 
SourceCodester Simple E-Learning System search.php sql injection0.040.00885CVE-2022-2698
2058186.76.37.56.3
 
 
SourceCodester Simple E-Learning System comment_frame.php sql injection0.050.00885CVE-2022-2697

Do you know our Splunk app?

Download it now for free!