CVSSv3 08/22/2022

CVSSv3 Base

≤10
≤20
≤35
≤417
≤523
≤67
≤711
≤80
≤90
≤100

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤37
≤416
≤522
≤610
≤78
≤80
≤90
≤100

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤20
≤39
≤415
≤525
≤64
≤710
≤80
≤90
≤100

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤30
≤41
≤57
≤61
≤73
≤84
≤90
≤100

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤61
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTIEPSSCVE
2069403.84.3
 
3.3
 
 
Dell EMC PowerScale OneFS SyncIQ permissions0.000.00885CVE-2022-31237
2069393.53.5
 
 
 
 
Red Hat OpenShift API Management cross site scripting0.000.00885CVE-2021-3442
2069383.73.7
 
 
 
 
WWBN AVideo HTTP Request cookie httponly flag0.000.00885CVE-2022-32778
2069375.63.7
 
7.5
 
 
WWBN AVideo HTTP Request cookie httponly flag0.000.00885CVE-2022-32777
2069365.44.3
 
6.5
 
 
WWBN AVideo HTTP Request file inclusion0.000.00885CVE-2022-32761
2069355.44.3
 
6.5
 
 
WWBN AVideo HTTP Request chunkFile file inclusion0.000.00885CVE-2022-28710
2069347.06.3
 
7.8
 
 
libhdf5 GIF File heap-based overflow0.000.01036CVE-2022-26061
2069336.36.3
 
 
 
 
libhdf5 GIF File out-of-bounds write0.000.01036CVE-2022-25972
2069327.06.3
 
7.8
 
 
libhdf5 GIF File gif2h5 out-of-bounds0.000.01036CVE-2022-25942
2069313.62.6
 
4.6
 
 
Tabit API information disclosure0.000.00885CVE-2022-34770
2069305.55.5
 
 
 
 
servicemesh-operator insecure default initialization of resource0.000.00885CVE-2021-3586
2069296.36.3
 
 
 
 
cluster-ingress-operator router-default Service permission assignment0.000.01018CVE-2020-27836
2069284.34.3
 
4.3
 
 
Dell EMC PowerScale OneFS insecure default initialization of resource0.000.01055CVE-2022-32480
2069274.34.3
 
4.3
 
 
Max Foundry MaxButtons Plugin cross-site request forgery0.000.00885CVE-2022-36346
2069265.24.3
 
6.1
 
 
smartypants SP Project & Document Manager Plugin cross site scripting0.000.00885CVE-2022-34857
2069254.34.3
 
4.2
 
 
W3 Eden Download Manager Plugin cross-site request forgery0.090.00885CVE-2022-34347
2069244.34.3
 
 
 
 
WP Sticky Button Plugin cross site scripting0.000.00885CVE-2022-2375
2069234.34.3
 
 
 
 
Student Result or Employee Database Plugin AJAX Action cross-site request forgery0.000.00885CVE-2022-2312
2069223.62.4
 
4.8
 
 
wpshopmart Testimonial Builder plugin cross site scripting0.000.00885CVE-2021-36857
2069214.34.3
 
 
 
 
ThimPress WP Hotel Booking Plugin cross-site request forgery0.000.00885CVE-2021-36852
2069203.62.4
 
4.8
 
 
WebbaPlugins Webba Booking Plugin cross site scripting0.000.00885CVE-2021-36847
2069192.42.4
 
 
 
 
Transposh Translation Plugin AJAX Action tp_translation cross site scripting0.060.00885CVE-2021-24912
2069183.53.5
 
 
 
 
Feed Them Social Plugin cross site scripting0.040.00885CVE-2022-2532
2069174.34.3
 
 
 
 
WP Coder Plugin cross-site request forgery0.070.00885CVE-2022-2388
2069166.36.3
 
 
 
 
Xpdf JBIG2 Decoder JBIG2Stream.cc readSymbolDictSeg integer overflow0.040.01719CVE-2022-38171
2069153.53.5
 
 
 
 
Feed Them Social Plugin cross site scripting0.040.00885CVE-2022-2383
2069144.34.3
 
 
 
 
Directorist Plugin AJAX Action cross-site request forgery0.000.00885CVE-2022-2377
2069132.42.4
 
 
 
 
WP Social Chat Plugin Setting cross site scripting0.060.00885CVE-2022-2361
2069124.34.3
 
 
 
 
WP Edit Menu Plugin AJAX Action cross-site request forgery0.040.00885CVE-2022-2276
2069114.34.3
 
 
 
 
WP Edit Menu Plugin AJAX Action cross-site request forgery0.030.00885CVE-2022-2275
2069104.34.3
 
 
 
 
LinkWorth Plugin cross-site request forgery0.000.00885CVE-2022-2172
2069092.42.4
 
 
 
 
Coming Soon Under Construction Plugin Setting cross site scripting0.000.00885CVE-2022-1322
2069082.42.4
 
 
 
 
Simple Banner Plugin Setting cross site scripting0.040.00885CVE-2022-0446
2069073.53.5
 
 
 
 
Transposh WordPress Translation Plugin Admin Dashboard Page tp_translation cross site scripting0.040.00885CVE-2021-24911
2069064.34.3
 
 
 
 
Transposh WordPress Translation Plugin AJAX Action cross site scripting0.040.00885CVE-2021-24910
2069054.83.7
 
5.9
 
 
miniOrange OAuth 2.0 Client for SSO Plugin access control0.330.00885CVE-2022-34858
2069046.45.3
 
7.5
 
 
miniOrange WP OAuth Server access control0.590.00885CVE-2022-34149
2069034.74.7
 
 
 
 
Better Search Replace Plugin sql injection0.070.00885CVE-2022-2593
2069026.36.3
 
 
 
 
Transposh Translation Plugin sql injection0.050.00885CVE-2022-25811
2069013.53.5
 
 
 
 
Simple Job Board Plugin exposure of information through directory listing0.040.00885CVE-2022-2558
2069003.53.5
 
 
 
 
Team Plugin path traversal0.000.00885CVE-2022-2557
2068994.34.3
 
 
 
 
Ninja Job Board Plugin Upload direct request0.030.00885CVE-2022-2544
2068984.34.3
 
 
 
 
Yotpo Reviews for WooCommerce Plugin Setting cross-site request forgery0.190.00885CVE-2022-2555
2068974.34.3
 
 
 
 
Autonami Abandoned Cart Recovery for WooCommerce, Follow Up Emails, Newsletter Builder & Marketing Automation Plugin AJAX Action cross-site request forgery0.090.00885CVE-2022-2389
2068964.34.3
 
 
 
 
Product Slider for WooCommerce Plugin AJAX Action cross-site request forgery0.040.00885CVE-2022-2382
2068953.53.5
 
 
 
 
Rezgo Online Booking Plugin AJAX Action cross site scripting0.040.00885CVE-2022-1932
2068944.34.3
 
 
 
 
Ask Me Theme Edit Profile Page cross-site request forgery0.000.00885CVE-2022-1251
2068935.55.5
 
 
 
 
Auto-hyperlink URLs Plugin unknown vulnerability0.050.00885CVE-2022-2600
2068924.74.7
 
 
 
 
Transposh Translation Plugin Debug Setting code injection0.000.00885CVE-2022-25812
2068913.13.1
 
 
 
 
Duplicator Plugin Backup direct request0.070.00885CVE-2022-2551

13 more entries are not shown

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!