CVSSv3 08/12/2022

CVSSv3 Base

≤10
≤20
≤32
≤431
≤540
≤620
≤715
≤89
≤91
≤100

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤34
≤432
≤537
≤621
≤716
≤88
≤90
≤100

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤20
≤32
≤464
≤511
≤628
≤78
≤85
≤90
≤100

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤32
≤417
≤57
≤627
≤77
≤816
≤92
≤106

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤30
≤41
≤52
≤60
≤74
≤81
≤90
≤100

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTIEPSSCVE
2063624.14.1
 
 
 
 
Google Android Settings access control0.080.01036CVE-2022-20302
2063614.34.14.6
 
 
 
Google Android Settings permission0.040.01036CVE-2022-20265
2063604.13.54.8
 
 
 
ForkCMS cross site scripting0.000.01055CVE-2022-35590
2063594.13.54.8
 
 
 
ForkCMS cross site scripting0.040.01055CVE-2022-35585
2063583.53.5
 
 
 
 
Synacor Zimbra Collaboration Suite cross site scripting0.040.00885CVE-2022-37044
2063574.35.33.3
 
 
 
Google Android Core Utilities input validation0.040.01036CVE-2022-20338
2063565.35.3
 
 
 
 
Google Android Wifi Slice permission0.080.01036CVE-2022-20335
2063556.34.87.8
 
 
 
Google Android Framework improper restriction of rendered ui layers0.080.01036CVE-2022-20331
2063546.55.37.8
 
 
 
Google Android Wifi permission0.080.01036CVE-2022-20329
2063536.55.37.8
 
 
 
Google Android DreamServices external reference0.080.01036CVE-2022-20319
2063524.24.2
 
 
 
 
Google Android KeyChain permission0.040.01036CVE-2022-20314
2063514.24.2
 
 
 
 
Google Android Bluetooth out-of-bounds write0.040.01036CVE-2022-20313
2063505.44.26.7
 
 
 
Google Android Camera Provider HAL memory corruption0.040.01036CVE-2022-20306
2063495.35.3
 
 
 
 
Google Android Settings access control0.040.01036CVE-2022-20297
2063486.55.37.8
 
 
 
Google Android Settings access control0.080.01036CVE-2022-20292
2063475.35.3
 
 
 
 
Google Android Midi permission0.040.01036CVE-2022-20290
2063466.55.37.8
 
 
 
Google Android Connectivity access control0.040.01036CVE-2022-20286
2063455.35.3
 
 
 
 
Google Android AppWidget permission0.040.01036CVE-2022-20282
2063446.55.37.8
 
 
 
Google Android Core permission0.080.01036CVE-2022-20281
2063436.55.37.8
 
 
 
Google Android Keyguard permission0.080.01036CVE-2022-20274
2063425.35.3
 
 
 
 
Google Android PermissionController permission0.080.01036CVE-2022-20271
2063415.54.26.8
 
 
 
Google Android Bluetooth out-of-bounds write0.080.01036CVE-2022-20269
2063406.55.37.8
 
 
 
Google Android RestrictionsManager permission0.080.01036CVE-2022-20268
2063395.35.3
 
 
 
 
Google Android Bluetooth permission0.080.01036CVE-2022-20267
2063385.25.35.0
 
 
 
Google Android Companion permission0.040.01036CVE-2022-20266
2063374.35.33.3
 
 
 
Google Android Bluetooth improper authentication0.040.01036CVE-2022-20257
2063366.46.46.4
 
 
 
Google Android Audio HAL out-of-bounds write0.040.01036CVE-2022-20256
2063354.95.34.4
 
 
 
Google Android SettingsProvider permission0.040.01036CVE-2022-20255
2063345.35.3
 
 
 
 
Google Android Wi-Fi permission0.030.01036CVE-2022-20254
2063334.13.54.8
 
 
 
Fork cross site scripting0.030.01055CVE-2022-35589
2063324.13.54.8
 
 
 
Fork cross site scripting0.030.01055CVE-2022-35587
2063313.53.5
 
 
 
 
ThingsBoard Rule Engine cross site scripting0.040.01055CVE-2021-42751
2063303.53.5
 
 
 
 
ThingsBoard Rule Engine cross site scripting0.050.01055CVE-2021-42750
2063296.55.57.5
 
 
 
Neo4j APOC apoc.log.stream pathname traversal0.040.00885CVE-2022-37423
2063287.65.59.8
 
 
 
Tenda W6 exeCommand command injection0.040.01086CVE-2022-35555
2063274.43.35.5
 
 
 
Google Android PackageManager information disclosure0.000.01036CVE-2022-20332
2063263.33.33.3
 
 
 
Google Android PackageManager information disclosure0.000.01036CVE-2022-20328
2063254.43.35.5
 
 
 
Google Android Framework information disclosure0.040.01036CVE-2022-20324
2063243.33.33.3
 
 
 
Google Android ActivityManager information disclosure0.070.01036CVE-2022-20320
2063233.33.33.3
 
 
 
Google Android PackageInstaller information disclosure0.000.01036CVE-2022-20318
2063223.33.33.3
 
 
 
Google Android ContentResolver information disclosure0.070.01036CVE-2022-20316
2063213.33.33.3
 
 
 
Google Android PackageInstaller information disclosure0.040.01036CVE-2022-20309
2063203.33.33.3
 
 
 
Google Android AlarmManagerService information disclosure0.050.01036CVE-2022-20307
2063194.43.35.5
 
 
 
Google Android LauncherApps information disclosure0.000.01036CVE-2022-20293
2063184.43.35.5
 
 
 
Google Android AppOpsService information disclosure0.080.01036CVE-2022-20291
2063174.43.35.5
 
 
 
Google Android PackageInstaller information disclosure0.030.01036CVE-2022-20289
2063164.43.35.5
 
 
 
Google Android AppSearchManagerService information disclosure0.050.01036CVE-2022-20288
2063154.43.35.5
 
 
 
Google Android AppSearchManagerService information disclosure0.000.01036CVE-2022-20287
2063143.33.3
 
 
 
 
Google Android PackageManager information disclosure0.000.01036CVE-2022-20285
2063133.33.3
 
 
 
 
Google Android DevicePolicyManager information disclosure0.040.01036CVE-2022-20279

68 more entries are not shown

Do you know our Splunk app?

Download it now for free!