CVSSv3 08/19/2022

CVSSv3 Base

≤10
≤20
≤30
≤412
≤532
≤614
≤743
≤812
≤96
≤101

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤30
≤412
≤533
≤624
≤732
≤813
≤95
≤101

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤20
≤32
≤426
≤530
≤617
≤739
≤83
≤92
≤101

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤41
≤54
≤618
≤77
≤825
≤95
≤1016

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤30
≤40
≤50
≤61
≤70
≤83
≤92
≤100

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTIEPSSCVE
2068468.88.8
 
 
 
 
Cisco Secure Web Appliance HTTP os command injection0.370.00000CVE-2022-20871
2068456.36.3
 
 
 
 
SourceCodester Simple and Nice Shopping Cart Script profile.php unrestricted upload0.050.00885CVE-2022-2909
2068446.54.38.8
 
 
 
Wellcms cross-site request forgery0.050.00885CVE-2022-36579
2068436.54.38.8
 
 
 
EyouCMS Column Management cross-site request forgery0.050.00885CVE-2022-36225
2068426.54.38.8
 
 
 
XunRuiCMS cross-site request forgery0.000.00885CVE-2022-36224
2068418.06.39.8
 
 
 
jizhicms sql injection0.000.00885CVE-2022-36578
2068404.43.55.4
 
 
 
Jellyfin Access Token cross site scripting0.050.00890CVE-2022-35910
2068394.34.3
 
 
 
 
JIZHICMS cross-site request forgery0.000.00885CVE-2022-36577
2068386.45.57.3
 
 
 
StreamLabs Desktop Application obs64.exe access control0.050.01036CVE-2022-36263
2068374.22.65.9
 
 
 
Mealie GET channel accessible0.000.00954CVE-2022-34624
2068366.36.3
 
 
 
 
Jellyfin users access control0.040.00890CVE-2022-35909
2068357.36.37.87.8
 
 
vim use after free0.000.00954CVE-2022-2889
2068345.53.55.47.6
 
 
chatwoot cross site scripting0.050.00885CVE-2022-1021
2068336.36.3
 
 
 
 
Ywoa sql injection0.040.00885CVE-2022-36606
2068326.36.3
 
 
 
 
Yimioa sql injection0.050.00885CVE-2022-36605
2068314.23.15.3
 
 
 
Mealie timing discrepancy0.000.01018CVE-2022-34623
2068305.54.66.5
 
 
 
Mealie resource injection0.080.00950CVE-2022-34621
2068293.73.7
 
 
 
 
Mealie weak password0.040.01018CVE-2022-34615
2068287.65.59.8
 
 
 
Safe Exam Browse Kiosk Mode access control0.000.01440CVE-2022-36220
2068278.06.39.8
 
 
 
Fishbowl Inventory XML deserialization0.000.01978CVE-2022-29805
2068263.53.5
 
 
 
 
DolphinPHP Configuration Management cross site scripting0.040.00885CVE-2022-37254
2068256.36.3
 
 
 
 
Tenda AC18 Privilege Escalation0.070.05634CVE-2022-35201
2068247.56.38.8
 
 
 
Apple Safari WebKit out-of-bounds write0.050.02806CVE-2022-32893
2068234.43.55.4
 
 
 
Kirby Starterkit cross site scripting0.040.00885CVE-2022-35174
2068227.06.37.8
 
 
 
Intel NUC Laptop Kit Restrictions buffer overflow0.050.00885CVE-2022-34488
2068215.14.16.2
 
 
 
Intel NUC Laptop Kit input validation0.000.00885CVE-2022-34345
2068207.06.37.8
 
 
 
Intel NUC Laptop Kit input validation0.030.00885CVE-2022-33209
2068195.64.17.2
 
 
 
Intel NUC Laptop Kit initialization0.080.00885CVE-2022-32579
2068186.36.3
 
 
 
 
Intel NUC Laptop Kit buffer overflow0.030.00885CVE-2022-28858
2068174.34.34.4
 
 
 
Intel E810 Ethernet Controller access control0.080.00885CVE-2022-28709
2068165.54.36.8
 
 
 
Intel AMT/Standard Manageability access control0.070.00885CVE-2022-28697
2068156.55.37.8
 
 
 
Intel NUC Laptop Kit initialization0.070.00885CVE-2022-27493
2068144.34.3
 
 
 
 
Intel SEAPI Installation Binary insufficiently protected credentials0.040.00885CVE-2022-26844
2068136.36.3
 
 
 
 
Intel SEAPI uncontrolled search path0.030.00885CVE-2022-26374
2068127.06.37.8
 
 
 
Intel SEAPI default permission0.000.00885CVE-2022-26344
2068115.55.5
 
 
 
 
Intel SPS Firmware Subsystem denial of service0.040.00885CVE-2022-26074
2068107.06.37.8
 
 
 
Intel Enpirion Digital Power Configurator GUI uncontrolled search path0.040.00885CVE-2022-25999
2068097.06.37.8
 
 
 
Intel Edge Insights access control0.040.00885CVE-2022-25966
2068086.55.37.8
 
 
 
Intel Datacenter Group Event App uncontrolled search path0.000.00885CVE-2022-25841
2068074.34.3
 
 
 
 
Intel Data Center Manager denial of service0.040.00885CVE-2022-24378
2068064.94.35.5
 
 
 
Intel Data Center Manager denial of service0.080.00885CVE-2022-23403
2068056.36.3
 
 
 
 
Intel HAXM access control0.030.00885CVE-2022-21812
2068046.36.3
 
 
 
 
Intel VTune Profiler uncontrolled search path0.040.00885CVE-2022-21807
2068036.36.3
 
 
 
 
Intel NUC 9 Extreme Laptop Kit Driver buffer overflow0.030.00885CVE-2022-21229
2068026.36.3
 
 
 
 
Intel PROSet/Wireless WiFi/Killer WiFi input validation0.040.00885CVE-2022-21181
2068016.56.36.7
 
 
 
Intel PROSet/Wireless WiFi out-of-bounds write0.000.00885CVE-2022-21172
2068006.36.3
 
 
 
 
Intel Edge Insights access control0.040.00885CVE-2022-21148
2067996.36.3
 
 
 
 
Intel PROSet/Wireless WiFi/Killer WiFi access control0.040.00885CVE-2021-37409
2067987.06.37.8
 
 
 
Intel Wireless Bluetooth/Killer Bluetooth Firmware buffer overflow0.040.00885CVE-2021-33847
2067974.34.34.4
 
 
 
Intel E810 Ethernet Controller access control0.040.00885CVE-2021-33128

70 more entries are not shown

Do you need the next level of professionalism?

Upgrade your account now!