CVSSv3 10/21/2022

CVSSv3 Base

≤10
≤20
≤32
≤411
≤58
≤69
≤722
≤810
≤92
≤101

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤36
≤47
≤58
≤627
≤710
≤84
≤92
≤101

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤20
≤33
≤411
≤510
≤67
≤721
≤810
≤92
≤101

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤30
≤40
≤52
≤63
≤71
≤83
≤96
≤100

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTIEPSSCVE
2119923.13.1
 
 
 
 
Linux Kernel BPF inode.c nilfs_new_inode use after free2.940.00885CVE-2022-3649
2119914.43.5
 
5.4
 
 
Pop-Up Chop Chop Plugin cross site scripting0.030.00885CVE-2022-41638
2119903.62.4
 
4.8
 
 
Fatcat Apps Analytics Cat Plugin cross site scripting0.000.00885CVE-2022-40311
2119896.24.3
 
8.2
 
 
Aethon TUG Home Base Server cross site scripting0.030.00885CVE-2022-27494
2119887.77.3
 
8.2
 
 
Aethon TUG Home Base Server authorization0.030.00885CVE-2022-26423
2119877.77.3
 
8.2
 
 
Aethon TUG Home Base Server channel accessible0.000.00885CVE-2022-1070
2119867.77.3
 
8.2
 
 
Aethon TUG Home Base Server authorization0.080.00885CVE-2022-1066
2119856.24.3
 
8.2
 
 
Aethon TUG Home Base Server cross site scripting0.000.00885CVE-2022-1059
2119846.36.3
 
 
 
 
Autodesk AutoCAD DWF File DesignReview.exe memory corruption0.070.01036CVE-2022-42944
2119836.36.3
 
 
 
 
Autodesk AutoCAD DWF File DesignReview.exe memory corruption0.000.01036CVE-2022-42943
2119826.36.3
 
 
 
 
Autodesk AutoCAD DWF File DesignReview.exe memory corruption0.050.01036CVE-2022-42942
2119816.36.3
 
 
 
 
Autodesk AutoCAD DWF File DesignReview.exe memory corruption0.000.01036CVE-2022-42941
2119806.36.3
 
 
 
 
Autodesk AutoCAD TGA File DesignReview.exe memory corruption0.030.01036CVE-2022-42940
2119796.36.3
 
 
 
 
Autodesk AutoCAD TGA File DesignReview.exe memory corruption0.000.01036CVE-2022-42939
2119786.36.3
 
 
 
 
Autodesk AutoCAD TGA File DesignReview.exe memory corruption0.030.01036CVE-2022-42938
2119776.36.3
 
 
 
 
Autodesk AutoCAD DWF File DesignReview.exe memory corruption0.000.01036CVE-2022-42937
2119766.36.3
 
 
 
 
Autodesk AutoCAD DWF File DesignReview.exe memory corruption0.030.01036CVE-2022-42936
2119756.36.3
 
 
 
 
Autodesk AutoCAD DWF File DesignReview.exe memory corruption0.000.01036CVE-2022-42935
2119746.36.3
 
 
 
 
Autodesk AutoCAD DWF File DesignReview.exe memory corruption0.000.01036CVE-2022-42934
2119736.36.3
 
 
 
 
Autodesk AutoCAD DWF File DesignReview.exe memory corruption0.060.01036CVE-2022-42933
2119726.36.3
 
 
 
 
Autodesk AutoCAD DWF File DesignReview.exe memory corruption0.000.01036CVE-2022-41310
2119716.36.3
 
 
 
 
Autodesk AutoCAD DWF File DesignReview.exe memory corruption0.000.01036CVE-2022-41309
2119704.34.3
 
4.3
 
 
GitLab Community Edition/Enterprise Edition resource consumption0.030.00885CVE-2022-3639
2119695.94.7
 
7.2
 
 
Biplob Adhikari Multiple Accordions or FAQs Builder Plugin Options Change access control0.070.00885CVE-2022-38104
2119687.57.3
 
7.7
 
 
LibTIFF TIFF File tiffcrop.c out-of-bounds0.360.01018CVE-2022-3570
2119674.94.3
 
5.5
 
 
LibTIFF TIFF File tif_unix.c _TIFFmemcpy out-of-bounds write0.030.00954CVE-2022-3627
2119666.36.3
 
 
 
 
LibTIFF TIFF File tif_unix.c _TIFFmemset out-of-bounds write0.060.00954CVE-2022-3626
2119654.34.3
 
 
 
 
LibTIFF TIFF File tiffcrop.c writeSingleSection out-of-bounds0.070.00954CVE-2022-3599
2119646.36.3
 
 
 
 
LibTIFF TIFF File tiffcrop.c extractContigSamplesShifted24bits out-of-bounds write0.050.00954CVE-2022-3598
2119635.96.3
 
5.5
 
 
LibTIFF tif_unix.c _TIFFmemcpy out-of-bounds write0.030.00954CVE-2022-3597
2119623.13.1
 
 
 
 
Redis Crash Report debug.c sigsegvHandler denial of service2.050.00885CVE-2022-3647
2119613.13.1
 
 
 
 
Linux Kernel BPF segment.c nilfs_attach_log_writer memory leak1.590.00885CVE-2022-3646
2119607.37.3
 
 
 
 
Siemens Siveillance Video Mobile Server V2022 R2 improper authentication0.170.01055CVE-2022-43400
2119593.53.5
 
 
 
 
Linux Kernel Wireless rtl8xxxu_8188f.c rtl8188f_spur_calibration uninitialized variable1.450.00885CVE-2022-3642
2119585.55.5
 
 
 
 
Automox Agent Key File permission0.040.00885CVE-2022-36122
2119579.89.8
 
 
 
 
ORing IAP-420 Telnet Server hard-coded credentials0.060.00885CVE-2022-3203
2119566.86.8
 
6.8
 
 
STMicroelectronics stm32_mw_usb_host buffer overflow0.060.01086CVE-2021-42553
2119556.36.3
 
 
 
 
Emlog Pro Plugin Upload unrestricted upload0.080.01156CVE-2022-42189
2119544.34.3
 
 
 
 
Gradle Enterprise support-bundle information disclosure0.180.01055CVE-2022-41575
2119533.53.5
 
 
 
 
PHPGurukul Hospital Management System in PHP view-patient.php cross site scripting0.050.00885CVE-2022-42206
2119523.53.5
 
 
 
 
PHPGurukul Hospital Management System in PHP add-patient.php cross site scripting0.000.00885CVE-2022-42205
2119517.37.3
 
 
 
 
Advantech R-SeeNet out Endpoint stack-based overflow0.210.01156CVE-2022-3386
2119507.37.3
 
 
 
 
Advantech R-SeeNet show_code Endpoint stack-based overflow0.400.01156CVE-2022-3385
2119496.36.3
 
 
 
 
Adobe Illustrator PCX File Parser memory corruption0.060.01036CVE-2022-38435
2119486.36.3
 
 
 
 
Adobe Illustrator out-of-bounds0.040.01036CVE-2022-38436
2119477.37.3
 
 
 
 
Advantech R-SeeNet out.php pathname traversal0.070.00885CVE-2022-3387
2119468.88.8
 
 
 
 
Linux Kernel API io_uring Privilege Escalation0.330.00000CVE-2022-2602
2119454.74.7
 
 
 
 
Linux Kernel nftables nft_osf_eval information disclosure0.030.00000CVE-2022-42432
2119445.55.5
 
 
 
 
Linux Kernel Bluetooth l2cap_core.c l2cap_conn_del use after free2.120.00885CVE-2022-3640
2119373.73.7
 
 
 
 
Nginx IPv4 Off ngx_resolver.c memory leak3.110.00954CVE-2022-3638

15 more entries are not shown

Do you know our Splunk app?

Download it now for free!