CVSSv3 08/23/2022

CVSSv3 Base

≤10
≤20
≤30
≤41
≤516
≤621
≤736
≤812
≤95
≤100

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤30
≤42
≤515
≤633
≤724
≤812
≤95
≤100

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤20
≤35
≤422
≤513
≤620
≤727
≤84
≤90
≤100

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤41
≤53
≤65
≤711
≤88
≤98
≤1011

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤30
≤41
≤56
≤66
≤78
≤89
≤99
≤109

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTIEPSSCVE
2098176.36.3
 
 
 
 
Mozilla Thunderbird memory corruption0.000.00000CVE-2022-38478
2098166.36.3
 
 
 
 
Mozilla Thunderbird memory corruption0.000.00000CVE-2022-38477
2098156.36.3
 
 
 
 
Mozilla Thunderbird PK11_ChangePW use after free0.000.00000CVE-2022-38476
2098146.36.3
 
 
 
 
Mozilla Thunderbird XSLT Document unknown vulnerability0.060.00000CVE-2022-38473
2098136.36.3
 
 
 
 
Mozilla Thunderbird XSLT Error clickjacking0.000.00000CVE-2022-38472
2098126.36.3
 
 
 
 
Mozilla Firefox memory corruption0.000.00000CVE-2022-38478
2098116.36.3
 
 
 
 
Mozilla Firefox memory corruption0.000.00000CVE-2022-38477
2098106.36.3
 
 
 
 
Mozilla Firefox Javascript memory corruption0.040.00000CVE-2022-38475
2098094.34.3
 
 
 
 
Mozilla Firefox Recording Notification permission0.050.00000CVE-2022-38474
2098086.36.3
 
 
 
 
Mozilla Firefox XSLT Document unknown vulnerability0.040.00000CVE-2022-38473
2098076.36.3
 
 
 
 
Mozilla Firefox XSLT Error clickjacking0.000.00000CVE-2022-38472
2070206.36.3
 
 
 
 
JFinal CMS list sql injection0.050.00885CVE-2022-37223
2070198.06.39.8
 
 
 
JFinal CMS list sql injection0.040.00885CVE-2022-37199
2070185.74.37.2
 
 
 
TRENDnet TV-IP572PI access control0.000.00890CVE-2022-35203
2070174.34.3
 
 
 
 
D-Link DIR-615 WAN Configuration Page wan.htm improper authentication0.040.01018CVE-2021-42627
2070164.83.56.1
 
 
 
Apache ActiveMQ Artemis Address/Queue cross site scripting0.040.00885CVE-2022-35278
2070155.62.19.1
 
 
 
taocms path traversal0.040.00885CVE-2022-36261
2070145.35.3
 
5.3
 
 
CODESYS Visualization observable response discrepancy0.030.01055CVE-2022-1989
2070134.62.44.86.7
 
 
pimcore cross site scripting0.070.00885CVE-2022-2796
2070126.45.3
 
7.5
 
 
ASNeG OpcUaStack OPC UA Message OpcUaNodeIdBase.h get denial of service0.040.00885CVE-2022-25302
2070114.43.55.4
 
 
 
PukiWiki cross site scripting0.000.01055CVE-2022-36350
2070104.83.56.1
 
 
 
PukiWiki cross site scripting0.080.01055CVE-2022-27637
2070096.76.37.2
 
 
 
PukiWiki path traversal0.050.01055CVE-2022-34486
2070086.45.3
 
7.5
 
 
opcua Chunk denial of service0.000.00954CVE-2022-25888
2070076.45.3
 
7.5
 
 
open62541 Chunk denial of service0.080.01018CVE-2022-25761
2070066.45.3
 
7.5
 
 
FreeOpcUa python-opcua Chunk denial of service0.040.00954CVE-2022-25304
2070056.45.3
 
7.5
 
 
node-opcua OPC UA Message resource consumption0.040.00954CVE-2022-25231
2070046.45.3
 
7.5
 
 
ASNeG OpcUaStack Chunk denial of service0.040.00885CVE-2022-24381
2070036.45.3
 
7.5
 
 
FreeOpcUa memory allocation0.000.00885CVE-2022-24298
2070025.35.3
 
 
 
 
node-opcua Chunk denial of service0.050.01018CVE-2022-21208
2070016.36.3
 
 
 
 
SourceCodester Simple and Nice Shopping Cart Script profile.php sql injection0.080.00885CVE-2022-2957
2070004.43.56.13.5
 
 
ConsoleTVs Noxen users.php cross site scripting0.000.00885CVE-2022-2956
2069996.74.36.19.8
 
 
bustle mobiledoc-kit cross site scripting0.050.00885CVE-2022-2932
2069984.83.56.1
 
 
 
Frappe ERPNext cross site scripting0.000.00954CVE-2022-28598
2069975.54.3
 
6.8
 
 
Pega Platform cross-site request forgery0.040.00885CVE-2022-35656
2069965.54.36.16.1
 
 
Pega Platform cross site scripting0.000.00885CVE-2022-35654
2069955.44.36.5
 
 
 
D-Link AC1200/DSL-3782 HTTP Request denial of service0.040.01018CVE-2022-35191
2069948.06.39.8
 
 
 
Zengenti Contensis Classic File Upload Wizard unrestricted upload0.040.00885CVE-2022-34919
2069936.13.5
 
8.8
 
 
yetiforcecrm cross site scripting0.000.00885CVE-2022-2829
2069925.55.5
 
 
 
 
TP-LINK Archer A7 tddp command injection0.000.02211CVE-2021-42232
2069915.85.56.1
 
 
 
Gravitee API Management register path traversal0.040.00885CVE-2019-25075
2069905.55.5
 
 
 
 
Crow stack-based overflow0.050.00954CVE-2022-38668
2069895.54.35.56.6
 
 
vim null pointer dereference0.030.00954CVE-2022-2923
2069886.53.5
 
9.6
 
 
WWBN AVideo HTTP Request cross site scripting0.000.01440CVE-2022-32772
2069876.53.5
 
9.6
 
 
WWBN AVideo HTTP Request cross site scripting0.040.01440CVE-2022-32771
2069866.43.56.19.6
 
 
WWBN AVideo HTTP Request cross site scripting0.080.01440CVE-2022-32770
2069856.43.56.19.6
 
 
WWBN AVideo HTTP Request cross site scripting0.430.01440CVE-2022-30690
2069847.34.38.88.8
 
 
WWBN AVideo HTTP Request cross-site request forgery0.040.00885CVE-2022-29468
2069836.23.5
 
9.0
 
 
WWBN AVideo HTTP Request cross site scripting0.030.01440CVE-2022-28712
2069827.63.59.69.6
 
 
WWBN AVideo HTTP Request cross site scripting0.080.01440CVE-2022-26842

41 more entries are not shown

Might our Artificial Intelligence support you?

Check our Alexa App!