CVSSv3 09/13/2022

CVSSv3 Base

≤10
≤21
≤33
≤439
≤520
≤656
≤749
≤814
≤939
≤103

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤21
≤33
≤440
≤521
≤678
≤735
≤840
≤96
≤100

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤21
≤33
≤441
≤522
≤651
≤750
≤815
≤936
≤105

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤33
≤40
≤52
≤67
≤75
≤88
≤91
≤101

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤51
≤64
≤74
≤828
≤922
≤103

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTIEPSSCVE
2085816.45.3
 
 
7.5
 
Microsoft Windows SPNEGO Extended Negotiation information disclosure0.380.02251CVE-2022-37958
2084848.38.8
 
 
7.8
 
Microsoft Azure ARC/Azure Guest Configuration Privilege Escalation0.140.01150CVE-2022-38007
2084838.38.8
 
 
7.8
 
Microsoft Windows Common Log File System Driver Privilege Escalation1.750.01178CVE-2022-37969
2084826.06.5
 
 
5.5
 
Microsoft Windows Event Tracing denial of service0.070.01150CVE-2022-35832
2084818.38.8
 
 
7.8
 
Microsoft Windows Common Log File System Driver Privilege Escalation0.280.01150CVE-2022-35803
2084808.38.8
 
 
7.8
 
Microsoft Windows GDI Privilege Escalation0.030.01150CVE-2022-34729
2084798.18.1
 
 
8.1
 
Microsoft Windows Kerberos Remote Code Execution0.040.02251CVE-2022-33679
2084788.18.1
 
 
8.1
 
Microsoft Windows Kerberos Remote Code Execution0.140.02251CVE-2022-33647
2084777.37.5
 
 
7.0
 
Microsoft Windows Photo Import API Privilege Escalation0.100.01150CVE-2022-26928
2084765.44.3
 
 
6.5
 
Microsoft Windows Graphics information disclosure0.000.02251CVE-2022-38006
2084757.06.3
 
 
7.8
 
Microsoft AV1 Video Extension Remote Code Execution0.070.01528CVE-2022-38019
2084744.94.3
 
 
5.5
 
Microsoft Windows Remote Access Connection Manager information disclosure0.040.01150CVE-2022-35831
2084738.38.8
 
 
7.8
 
Microsoft Defender for Endpoint Privilege Escalation0.070.01150CVE-2022-35828
2084728.88.8
 
 
8.8
 
Microsoft SharePoint Server Privilege Escalation0.040.01967CVE-2022-38008
2084718.88.8
 
 
8.8
 
Microsoft Windows ODBC Driver Remote Code Execution0.040.01528CVE-2022-34730
2084698.88.8
 
 
8.8
 
Microsoft Windows OLE DB Provider for SQL Server Remote Code Execution0.040.01601CVE-2022-35834
2084686.86.3
 
 
7.3
 
Microsoft Visual Studio Code Remote Code Execution0.000.01150CVE-2022-38020
2084676.45.3
 
 
7.5
 
Microsoft .NET Core/Visual Studio denial of service0.240.02251CVE-2022-38013
2084666.86.3
 
 
7.3
 
Microsoft Windows Raw Image Extension Remote Code Execution0.070.01877CVE-2022-38011
2084657.06.3
 
 
7.8
 
Microsoft Office Visio Remote Code Execution0.070.01528CVE-2022-38010
2084648.88.8
 
 
8.8
 
Microsoft SharePoint Server Privilege Escalation0.170.01967CVE-2022-38009
2084638.38.8
 
 
7.8
 
Microsoft Windows Print Spooler Privilege Escalation0.660.01150CVE-2022-38005
2084627.06.3
 
 
7.8
 
Microsoft Windows Fax Service Remote Code Execution0.210.01528CVE-2022-38004
2084618.38.8
 
 
7.8
 
Microsoft Windows Kernel Privilege Escalation0.040.01150CVE-2022-37964
2084607.06.3
 
 
7.8
 
Microsoft Office Visio Remote Code Execution0.110.01528CVE-2022-37963
2084597.06.3
 
 
7.8
 
Microsoft Office PowerPoint Remote Code Execution0.070.01528CVE-2022-37962
2084588.88.8
 
 
8.8
 
Microsoft SharePoint Server Privilege Escalation0.040.01967CVE-2022-37961
2084575.44.3
 
 
6.5
 
Microsoft Windows Network Device Enrollment Service information disclosure0.140.01150CVE-2022-37959
2084568.38.8
 
 
7.8
 
Microsoft Windows Kernel Privilege Escalation0.100.01150CVE-2022-37957
2084558.38.8
 
 
7.8
 
Microsoft Windows Kernel Privilege Escalation0.100.01150CVE-2022-37956
2084548.38.8
 
 
7.8
 
Microsoft Windows Group Policy Privilege Escalation0.030.01150CVE-2022-37955
2084538.38.8
 
 
7.8
 
Microsoft Windows DirectX Graphics Kernel Privilege Escalation0.100.01150CVE-2022-37954
2084528.88.8
 
 
8.8
 
Microsoft Windows Enterprise App Management Service Privilege Escalation0.110.01967CVE-2022-35841
2084518.88.8
 
 
8.8
 
Microsoft Windows OLE DB Provider for SQL Server Remote Code Execution0.100.01601CVE-2022-35840
2084507.57.5
 
 
7.5
 
Microsoft Windows HTTP V3 denial of service0.110.02251CVE-2022-35838
2084494.64.3
 
 
5.0
 
Microsoft Windows Graphics information disclosure0.070.02251CVE-2022-35837
2084488.88.8
 
 
8.8
 
Microsoft Windows OLE DB Provider for SQL Server Remote Code Execution0.070.01601CVE-2022-35836
2084478.88.8
 
 
8.8
 
Microsoft Windows OLE DB Provider for SQL Server Remote Code Execution0.110.01601CVE-2022-35835
2084467.57.5
 
 
7.5
 
Microsoft Windows Secure Channel denial of service0.070.02251CVE-2022-35833
2084458.18.1
 
 
8.1
 
Microsoft Windows Remote Procedure Call Runtime Remote Code Execution0.350.01601CVE-2022-35830
2084448.58.8
 
 
8.1
 
Microsoft SharePoint Privilege Escalation0.530.01967CVE-2022-35823
2084438.88.8
 
 
8.8
 
Microsoft Dynamics CRM Privilege Escalation0.030.01967CVE-2022-35805
2084428.88.8
 
 
8.8
 
Microsoft Windows ODBC Driver Remote Code Execution0.030.01528CVE-2022-34734
2084418.88.8
 
 
8.8
 
Microsoft Windows OLE DB Provider for SQL Server Remote Code Execution0.040.01601CVE-2022-34733
2084408.88.8
 
 
8.8
 
Microsoft Windows ODBC Driver Remote Code Execution0.250.01528CVE-2022-34732
2084398.88.8
 
 
8.8
 
Microsoft Windows OLE DB Provider for SQL Server Remote Code Execution0.070.01601CVE-2022-34731
2084384.94.3
 
 
5.5
 
Microsoft Windows Graphics information disclosure0.040.01150CVE-2022-34728
2084378.88.8
 
 
8.8
 
Microsoft Windows ODBC Driver Remote Code Execution0.070.01601CVE-2022-34727
2084368.88.8
 
 
8.8
 
Microsoft Windows ODBC Driver Remote Code Execution0.040.01601CVE-2022-34726
2084357.37.5
 
 
7.0
 
Microsoft Windows ALPC Privilege Escalation0.070.01150CVE-2022-34725

174 more entries are not shown

Want to stay up to date on a daily basis?

Enable the mail alert feature now!