CVSSv3 08/28/2022

CVSSv3 Base

≤10
≤20
≤30
≤48
≤52
≤69
≤73
≤82
≤90
≤100

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤30
≤48
≤52
≤69
≤73
≤82
≤90
≤100

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤20
≤30
≤49
≤51
≤610
≤74
≤80
≤90
≤100

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤50
≤61
≤70
≤82
≤90
≤101

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤30
≤40
≤51
≤60
≤70
≤81
≤90
≤100

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTIEPSSCVE
2074526.36.3
 
 
 
 
D-Link DIR845L S80telnetd.sh hard-coded credentials0.030.00885CVE-2022-38557
2074516.36.3
 
 
 
 
Trendnet TEW733GR S80telnetd.sh hard-coded credentials0.000.00885CVE-2022-38556
2074505.55.5
 
 
 
 
Linksys E1200 ej_get_web_page_name buffer overflow0.040.00885CVE-2022-38555
2074495.55.5
 
 
 
 
D-Link Go-RT-AC750 ssdpcgi_main command injection0.050.02055CVE-2022-37057
2074485.55.5
 
 
 
 
D-Link Go-RT-AC750 hnap_main command injection0.030.02055CVE-2022-37056
2074475.55.5
 
 
 
 
D-Link Go-RT-AC750 hnap_main buffer overflow0.040.00885CVE-2022-37055
2074465.55.5
 
 
 
 
Tenda M3 formSetGuideListItem buffer overflow0.000.00885CVE-2022-38571
2074453.53.5
 
 
 
 
Tenda M3 formDelPushedAd stack-based overflow0.000.00885CVE-2022-38570
2074445.55.5
 
 
 
 
Tenda M3 formDelAd stack-based overflow0.000.00885CVE-2022-38569
2074433.53.5
 
 
 
 
Tenda M3 formSetFixTools heap-based overflow0.000.00885CVE-2022-38568
2074423.53.5
 
 
 
 
Tenda M3 formSetAdConfigInfo stack-based overflow0.040.00885CVE-2022-38567
2074413.53.5
 
 
 
 
Tenda M3 formEmailTest heap-based overflow0.070.00885CVE-2022-38566
2074403.53.5
 
 
 
 
Tenda M3 formEmailTest heap-based overflow0.040.00885CVE-2022-38565
2074393.53.5
 
 
 
 
Tenda M3 formSetPicListItem buffer overflow0.030.00885CVE-2022-38564
2074383.53.5
 
 
 
 
Tenda M3 formSetFixTools heap-based overflow0.040.00885CVE-2022-38563
2074373.53.5
 
 
 
 
Tenda M3 formSetFixTools heap-based overflow0.000.00885CVE-2022-38562
2074365.55.5
 
 
 
 
TRENDnet TEW733GR gena.php command injection0.080.02055CVE-2022-37053
2074355.55.5
 
 
 
 
D-Link DIR845L A1 gena.php command injection0.040.02055CVE-2022-36756
2074348.06.39.8
 
 
 
D-Link DIR845L A1 getcfg.php improper authentication0.080.00885CVE-2022-36755
2074334.34.3
 
4.3
 
 
froxlor cross-site request forgery0.040.00885CVE-2022-3017
2074327.36.37.87.8
 
 
vim use after free0.040.00954CVE-2022-3016
2074316.55.57.5
 
 
 
Zaver pathname traversal0.080.00885CVE-2022-38794
2074305.55.5
 
 
 
 
exotel-py backdoor0.050.02509CVE-2022-38792
2074294.43.35.5
 
 
 
MariaDB ds_compress.cc compress_write deadlock0.000.00885CVE-2022-38791

Do you need the next level of professionalism?

Upgrade your account now!