CVSSv3 10/17/2022

CVSSv3 Base

≤10
≤20
≤36
≤418
≤511
≤620
≤77
≤85
≤91
≤100

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤36
≤418
≤511
≤624
≤74
≤84
≤91
≤100

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤20
≤36
≤417
≤512
≤621
≤75
≤86
≤91
≤100

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤30
≤41
≤50
≤60
≤71
≤82
≤90
≤100

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTIEPSSCVE
2110966.36.3
 
 
 
 
GitLab Community Edition/Enterprise Edition GitHub API Endpoint Privilege Escalation1.53-0.00000CVE-2022-2884
2110956.97.3
 
6.5
 
 
GitLab Package Registry improper authentication1.32-0.00000CVE-2022-2533
2110947.47.3
 
7.5
 
 
Secuever reverseWall-MDS improper authentication1.29-0.00000CVE-2022-23769
2110933.53.5
 
 
 
 
OSGeo shapelib shpsort.c use after free1.44-0.00000CVE-2022-0699
2110926.36.3
 
 
 
 
SalesForce Tableau Server Administration Agent path traversal1.83-0.00000CVE-2022-22128
2110917.37.3
 
 
 
 
WordPress Header access control1.86-0.00000CVE-2020-35539
2110904.64.6
 
 
 
 
Linux Kernel IPv6 inet6_dgram_ops race condition2.13-0.00000CVE-2022-3567
2110894.64.6
 
 
 
 
Linux Kernel TCP tcp_setsockopt race condition1.68-0.00000CVE-2022-3566
2110884.64.6
 
 
 
 
Linux Kernel Bluetooth l1oip_core.c del_timer use after free2.08-0.00000CVE-2022-3565
2110875.55.5
 
 
 
 
Linux Kernel Bluetooth l2cap_core.c l2cap_reassemble_sdu use after free2.08-0.00000CVE-2022-3564
2110863.53.5
 
 
 
 
Linux Kernel BlueZ mgmt-tester.c read_50_controller_cap_complete null pointer dereference2.16-0.00000CVE-2022-3563
2110853.53.5
 
 
 
 
74cmsSE add cross site scripting1.17-0.00000CVE-2022-41472
2110845.55.5
 
 
 
 
74cmsSE access control1.14-0.00000CVE-2022-41471
2110837.37.3
 
 
 
 
Merchandise Online Store sql injection1.32-0.00000CVE-2022-42237
2110825.55.5
 
 
 
 
Tenda AC10 saveParentControlInfo stack-based overflow1.11-0.00000CVE-2022-42171
2110815.55.5
 
 
 
 
Tenda AC10 formWifiWpsStart stack-based overflow1.14-0.00000CVE-2022-42170
2110805.55.5
 
 
 
 
Tenda AC10 addWifiMacFilter stack-based overflow1.26-0.00000CVE-2022-42169
2110795.55.5
 
 
 
 
Tenda AC10 fromSetIpMacBind stack-based overflow1.23-0.00000CVE-2022-42168
2110785.55.5
 
 
 
 
Tenda AC10 formSetFirewallCfg stack-based overflow1.23-0.00000CVE-2022-42167
2110775.55.5
 
 
 
 
Tenda AC10 formSetSpeedWan stack-based overflow1.32-0.00000CVE-2022-42166
2110765.55.5
 
 
 
 
devhub user session1.26-0.00000CVE-2022-41542
2110755.55.5
 
 
 
 
74cmsSE attach unrestricted upload1.20-0.00000CVE-2022-42154
2110746.36.3
 
 
 
 
SourceCodester Billing System Project editbrand.php sql injection1.29-0.00000CVE-2022-41498
2110735.55.5
 
 
 
 
Exim Regex use after free2.79-0.00000CVE-2022-3559
2110725.55.5
 
 
 
 
Tenda AC10 formSetDeviceName stack-based overflow1.26-0.00000CVE-2022-42165
2110715.55.5
 
 
 
 
Tenda AC10 formSetClientState stack-based overflow1.20-0.00000CVE-2022-42164
2110705.55.5
 
 
 
 
Tenda AC10 fromNatStaticSetting stack-based overflow1.23-0.00000CVE-2022-42163
2110694.34.3
 
 
 
 
WP Custom Cursors Plugin cross-site request forgery1.44-0.00000CVE-2022-3149
2110684.34.3
 
 
 
 
WP Custom Cursors Plugin cross-site request forgery1.32-0.00000CVE-2022-3151
2110672.42.4
 
 
 
 
We're Open Plugin Setting cross site scripting1.29-0.00000CVE-2022-3139
2110664.34.3
 
 
 
 
Frontend File Manager Plugin Plugin cross-site request forgery1.35-0.00000CVE-2022-3126
2110652.42.4
 
 
 
 
Meks Easy Social Share Plugin Setting cross site scripting1.53-0.00000CVE-2022-2574
2110642.42.4
 
 
 
 
Tutor LMS Plugin Course cross site scripting1.53-0.00000CVE-2022-2563
2110636.36.3
 
 
 
 
Import all XML, CSV & TXT Plugin authorization1.59-0.00000CVE-2022-3244
2110624.74.7
 
 
 
 
Import all XML, CSV & TXT Plugin sql injection1.56-0.00000CVE-2022-3243
2110613.73.7
 
 
 
 
Passster Plugin Cookie inadequate encryption1.47-0.00000CVE-2022-3206
2110604.74.7
 
 
 
 
WP Custom Cursors Plugin sql injection1.56-0.00000CVE-2022-3150
2110594.74.7
 
 
 
 
Search Logger Plugin sql injection1.56-0.00000CVE-2022-3131
2110584.34.3
 
 
 
 
miniOrange Discord Integration Plugin AJAX Action cross-site request forgery1.47-0.00000CVE-2022-3082
2110573.53.5
 
 
 
 
Helpful Plugin Log information disclosure1.59-0.00000CVE-2022-2834
2110565.55.5
 
 
 
 
Drag and Drop Multiple File Upload Plugin authorization1.38-0.00000CVE-2022-3282
2110553.53.5
 
 
 
 
X.org libX11 xcb_disp.c _XFreeX11XCBStructure memory leak2.20-0.00000CVE-2022-3555
2110543.53.5
 
 
 
 
X.org libX11 imsClbk.c _XimRegisterIMInstantiateCallback memory leak2.29-0.00000CVE-2022-3554
2110533.53.5
 
 
 
 
X.org Server xquartz X11Controller.m denial of service2.41-0.00000CVE-2022-3553
2110523.53.5
 
 
 
 
X.org Server xkb.c ProcXkbGetKbdByName memory leak2.29-0.00000CVE-2022-3551
2110515.55.5
 
 
 
 
X.org Server xkb.c _GetCountedString buffer overflow2.44-0.00000CVE-2022-3550
2110507.37.3
 
 
 
 
Backdoor.Win32.Redkod.d Service Port 4820 hard-coded credentials1.89-0.00000
2110494.74.7
 
 
 
 
SourceCodester Simple Cold Storage Management System Avatar unrestricted upload2.96-0.00000CVE-2022-3549
2110482.42.4
 
 
 
 
SourceCodester Simple Cold Storage Management System Add New Storage cross site scripting2.75-0.00000CVE-2022-3548
2110472.42.4
 
 
 
 
SourceCodester Simple Cold Storage Management System Setting cross site scripting2.45-0.00000CVE-2022-3547

18 more entries are not shown

Do you know our Splunk app?

Download it now for free!