CVSSv3 09/17/2022

CVSSv3 Base

≤10
≤20
≤30
≤423
≤558
≤618
≤716
≤87
≤90
≤100

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤30
≤423
≤558
≤623
≤711
≤87
≤90
≤100

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤20
≤30
≤475
≤54
≤628
≤78
≤87
≤90
≤100

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤812
≤90
≤100

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤31
≤40
≤52
≤653
≤72
≤80
≤91
≤100

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTIEPSSCVE
2090045.55.5
 
 
 
 
Google Chrome DevTools input validation0.000.00000CVE-2022-3201
2090035.55.5
 
 
 
 
Google Chrome Internals heap-based overflow0.090.00000CVE-2022-3200
2090026.36.3
 
 
 
 
Google Chrome Frames use after free0.090.00000CVE-2022-3199
2090016.36.3
 
 
 
 
Google Chrome PDF use after free0.120.00000CVE-2022-3198
2090006.36.3
 
 
 
 
Google Chrome PDF use after free0.050.00000CVE-2022-3197
2089996.36.3
 
 
 
 
Google Chrome PDF use after free0.120.00000CVE-2022-3196
2089984.85.3
 
4.3
 
 
Snipe-IT improper authentication0.040.00885CVE-2022-3173
2089973.53.5
 
 
 
 
Craft CMS Drafts cross site scripting0.000.00885CVE-2022-37251
2089963.53.5
 
 
 
 
Craft CMS fields cross site scripting0.000.00885CVE-2022-37247
2089953.53.5
 
 
 
 
6Kare Emakin Activity Stream Page setProfile cross site scripting0.070.00885CVE-2020-25491
2089943.33.3
 
 
 
 
Nextcloud Android path traversal0.080.00885CVE-2022-39210
2089937.47.4
 
 
 
 
Tesla Model 3 Mobile App Phone Key Authentication authentication spoofing2.610.00954CVE-2022-37709
2089925.55.5
 
 
 
 
Open5GS UPF PFCP Session Establishment Request memcpy potentially dangerous function0.160.00885CVE-2022-39063
2089915.75.6
 
5.8
 
 
some-natalie ghas-to-csv API injection0.040.00885CVE-2022-39217
2089903.53.5
 
 
 
 
Samsung mTower TEE_Realloc resource consumption0.000.00885CVE-2022-40762
2089893.53.5
 
 
 
 
Samsung mTower TEE_MACUpdate buffer overflow0.040.00954CVE-2022-40760
2089883.53.5
 
 
 
 
Samsung mTower TEE_CipherUpdate buffer overflow0.050.00885CVE-2022-40758
2089874.64.6
 
 
 
 
Samsung mTower TEE_MACComputeFinal buffer overflow0.040.00885CVE-2022-40757
2089863.53.5
 
 
 
 
JasPer jas_image.c inttobits denial of service0.040.00885CVE-2022-40755
2089856.36.3
 
 
 
 
Zoho ManageEngine Password Manager Pro/PAM360/Access Manager Plus sql injection0.610.00885CVE-2022-40300
2089846.36.3
 
 
 
 
Watchdog Anti-Virus Binary access control0.000.01036CVE-2022-38611
2089835.55.5
 
 
 
 
stealjs npm-convert.js convertLater prototype pollution0.000.00954CVE-2022-37258
2089827.77.3
 
8.2
 
 
Zoom On-Premise Meeting Connector MMR access control0.160.00885CVE-2022-28758
2089815.55.5
 
 
 
 
Huawei EMUI/HarmonyOS WLAN Module permission0.050.00885CVE-2022-39009
2089805.55.5
 
 
 
 
Huawei EMUI/HarmonyOS NFC Module deserialization0.070.00885CVE-2022-39008
2089794.34.3
 
4.3
 
 
Nextcloud Talk Video Frame information disclosure0.060.00885CVE-2022-39212
2089785.55.5
 
 
 
 
Huawei EMUI/HarmonyOS Location Module access control0.040.00885CVE-2022-39007
2089774.84.8
 
 
 
 
Huawei EMUI/Magic UI/HarmonyOS MPTCP Module race condition0.030.00885CVE-2022-39006
2089763.53.5
 
 
 
 
Huawei EMUI/Magic UI/HarmonyOS MPTCP Module memory leak0.000.00885CVE-2022-39005
2089753.53.5
 
 
 
 
Huawei EMUI/Magic UI/HarmonyOS MPTCP Module memory leak0.070.00885CVE-2022-39004
2089745.55.5
 
 
 
 
Huawei EMUI/Magic UI Video Framework buffer overflow0.000.00885CVE-2022-39003
2089735.55.5
 
 
 
 
Huawei EMUI/Magic UI Storage Module double free0.000.00885CVE-2022-39002
2089725.55.5
 
 
 
 
Huawei EMUI/Magic UI/HarmonyOS iAware Module access control0.080.00885CVE-2022-39000
2089715.55.5
 
 
 
 
Huawei EMUI/HarmonyOS AOD Module Privilege Escalation0.000.00885CVE-2022-38999
2089706.45.37.5
 
 
 
Huawei EMUI/Magic UI/HarmonyOS Secure OS Module information disclosure0.000.00885CVE-2022-38997
2089697.57.57.5
 
 
 
Huawei EMUI/Magic UI/HarmonyOS Secure OS Module denial of service0.030.00885CVE-2022-38996
2089687.57.57.5
 
 
 
Huawei EMUI/Magic UI/HarmonyOS Secure OS Module denial of service0.040.00885CVE-2022-38995
2089676.45.37.5
 
 
 
Huawei EMUI/Magic UI/HarmonyOS secure OS module information disclosure0.030.00885CVE-2022-38994
2089666.45.37.5
 
 
 
Huawei EMUI/Magic UI/HarmonyOS Secure OS Module denial of service0.040.00885CVE-2022-38993
2089656.45.37.5
 
 
 
Huawei EMUI/Magic UI/HarmonyOS secure OS module information disclosure0.040.00885CVE-2022-38992
2089645.35.3
 
 
 
 
Huawei EMUI/Magic UI/HarmonyOS Secure OS Module information disclosure0.000.00885CVE-2022-38991
2089637.57.57.5
 
 
 
Huawei EMUI/Magic UI/HarmonyOS secure OS module denial of service0.040.00885CVE-2022-38990
2089627.57.57.5
 
 
 
Huawei EMUI/Magic UI/HarmonyOS Secure OS Module denial of service0.040.00885CVE-2022-38989
2089616.45.37.5
 
 
 
Huawei EMUI/Magic UI/HarmonyOS Secure OS Module information disclosure0.000.00885CVE-2022-38988
2089607.57.57.5
 
 
 
Huawei EMUI/Magic UI/HarmonyOS Secure OS Module denial of service0.040.00885CVE-2022-38987
2089596.45.37.5
 
 
 
Huawei EMUI/Magic UI/HarmonyOS Secure OS Module information disclosure0.000.00885CVE-2022-38979
2089586.45.37.5
 
 
 
Huawei EMUI/Magic UI/HarmonyOS Secure OS Module information disclosure0.000.00885CVE-2022-38978
2089573.53.5
 
 
 
 
Huawei EMUI Configuration information disclosure0.040.00885CVE-2021-40023
2089563.53.5
 
 
 
 
Huawei EMUI/Magic UI HW_KEYMASTER Module out-of-bounds0.040.00885CVE-2021-40019
2089553.53.5
 
 
 
 
Huawei HarmonyOS HW_KEYMASTER Module out-of-bounds0.040.00885CVE-2021-40017

72 more entries are not shown

Do you want to use VulDB in your project?

Use the official API to access entries easily!