CVSSv3 08/29/2022

CVSSv3 Base

≤10
≤20
≤30
≤49
≤520
≤616
≤726
≤81
≤95
≤101

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤31
≤48
≤520
≤626
≤716
≤81
≤95
≤101

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤20
≤30
≤49
≤522
≤616
≤724
≤84
≤92
≤101

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤30
≤40
≤50
≤61
≤71
≤81
≤91
≤104

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTIEPSSCVE
2075304.94.3
 
5.5
 
 
LibTIFF TIFF File tiffcrop.c extractImageSection out-of-bounds0.040.00954CVE-2022-2953
2075294.64.6
 
 
 
 
Ingredients Stock Management System denial of service0.000.00885CVE-2022-36687
2075283.53.5
 
 
 
 
Subrion CMS Admin Panel cross site scripting0.030.00885CVE-2022-37059
2075276.45.3
 
7.5
 
 
nitrado.js redos0.060.00885CVE-2022-36034
2075264.34.3
 
 
 
 
HCL iNotes redirect0.030.00885CVE-2022-27547
2075256.34.3
 
8.3
 
 
HCL iNotes URL cross site scripting0.030.01055CVE-2022-27546
2075245.55.5
 
 
 
 
Advancecomp memory corruption0.050.00885CVE-2022-35014
2075235.55.5
 
 
 
 
fapolicyd Regular Expression file access0.040.01559CVE-2022-1117
2075224.34.3
 
 
 
 
ImageMagick TIFF Image quantum-private.h PushShortPixel memory corruption0.040.01018CVE-2022-1115
2075215.35.3
 
 
 
 
dnsmasq Packet use after free0.040.01018CVE-2022-0934
2075203.53.5
 
 
 
 
dpdk Message resource consumption0.050.00950CVE-2022-0669
2075193.53.5
 
 
 
 
Openscad scad File out-of-bounds0.050.00954CVE-2022-0497
2075185.55.5
 
 
 
 
Openscad DXF Format import memory corruption0.070.01018CVE-2022-0496
2075174.64.6
 
 
 
 
libnbd nbdcopy return value0.070.01018CVE-2022-0485
2075164.34.3
 
 
 
 
convert2rhel Command Line information disclosure0.030.00885CVE-2022-0851
2075153.73.7
 
 
 
 
HCL iNotes Form weak password0.030.00885CVE-2022-27558
2075146.36.3
 
 
 
 
Ingredients Stock Management System sql injection0.040.00885CVE-2022-36690
2075136.36.3
 
 
 
 
Ingredients Stock Management System sql injection0.000.00885CVE-2022-36689
2075126.36.3
 
 
 
 
Ingredients Stock Management System sql injection0.000.00885CVE-2022-36688
2075115.24.3
 
6.1
 
 
jsoup javascript URL cross site scripting0.000.00954CVE-2022-36033
2075106.36.3
 
 
 
 
Ingredients Stock Management System sql injection0.080.00885CVE-2022-36686
2075093.73.7
 
 
 
 
FiberHome VDSL2 Modem HG 150-UB cleartext transmission0.040.00885CVE-2022-36200
2075084.34.3
 
 
 
 
Zulip Mobile Link information disclosure0.080.00890CVE-2022-35962
2075075.55.5
 
 
 
 
Advancecomp memory corruption0.040.00885CVE-2022-35019
2075065.55.5
 
 
 
 
Advancecomp memory corruption0.070.00885CVE-2022-35018
2075055.55.5
 
 
 
 
Advancecomp heap-based overflow0.030.00885CVE-2022-35017
2075045.55.5
 
 
 
 
Advancecomp heap-based overflow0.000.00885CVE-2022-35016
2075035.55.5
 
 
 
 
Advancecomp endianrw.h le_uint32_read heap-based overflow0.000.00885CVE-2022-35015
2075024.64.6
 
 
 
 
VMware Pinniped session expiration0.040.00885CVE-2022-31677
2075016.36.3
 
 
 
 
Samba AD DC samldb.c samldb_spn_uniqueness_check default permission0.040.01034CVE-2022-0336
2075006.36.3
 
 
 
 
ImageMagick TIFF Image pixel-accessor.h GetPixelAlpha out-of-bounds0.070.01018CVE-2022-0284
2074994.34.3
 
 
 
 
convert2rhel Command Line unknown vulnerability0.040.00950CVE-2022-0852
2074986.36.3
 
 
 
 
QEMU virtio-fs Shared File System Daemon dropped privileges0.000.00890CVE-2022-0358
2074976.36.3
 
 
 
 
Advancecomp sanitizer_common_interceptors.inc __interceptor_memcpy heap-based overflow0.040.00885CVE-2022-35020
2074963.53.5
 
 
 
 
python-oslo-utils Double Quote insufficiently protected credentials0.030.01034CVE-2022-0718
2074955.55.5
 
 
 
 
libmodbus modbus.c modbus_reply heap-based overflow0.080.01018CVE-2022-0367
2074948.88.8
 
 
 
 
Linux Kernel PLP Rose rose_bind use after free0.040.00885CVE-2022-2961
2074936.56.5
 
 
 
 
Linux Kernel Amateur Radio AX.25 use after free0.040.00950CVE-2022-1204
2074926.56.5
 
 
 
 
Linux Kernel EXT4 Filesystem namei.c dx_insert_block use after free0.000.00890CVE-2022-1184
2074918.88.8
 
 
 
 
Linux Kernel io_uring Subsystem io_uring.c io_register_personality use after free0.000.00950CVE-2022-1043
2074904.34.3
 
 
 
 
Linux Kernel nf_tables_core.c nft_do_chain uninitialized pointer0.040.01669CVE-2022-1016
2074896.56.5
 
 
 
 
Linux Kernel Amateur Radio use after free0.050.01108CVE-2022-1199
2074884.34.3
 
 
 
 
Linux Kernel EXT4 File System extents.c ext4_extent_header information disclosure0.000.00950CVE-2022-0850
2074874.34.3
 
 
 
 
Linux Kernel NFS over RDMA rpc_rdma.c rpcrdma_max_reply_header_size information disclosure0.000.00950CVE-2022-0812
2074866.56.5
 
 
 
 
Linux Kernel ax25 Device 6pack.c sixpack_close use after free0.070.00950CVE-2022-1198
2074856.56.5
 
 
 
 
Linux Kernel POSIX File Lock locks.c filelock_init allocation of resources0.040.01034CVE-2022-0480
2074845.95.9
 
 
 
 
Linux Kernel SMC Protocol Stack out-of-bounds0.050.00954CVE-2022-0400
2074833.53.5
 
 
 
 
Centreon Broker Configuration cross site scripting0.060.00885CVE-2022-36194
2074824.64.6
 
 
 
 
ToolJet Forgot Password access control0.000.00885CVE-2022-3019
2074813.13.1
 
 
 
 
Foxit PDF Reader/PhantomPDF Compressed Object Parser cryptographic issues0.030.00885CVE-2022-25641

28 more entries are not shown

Do you know our Splunk app?

Download it now for free!