CVSSv3 11/10/2022

CVSSv3 Base

≤10
≤20
≤34
≤416
≤518
≤630
≤714
≤85
≤92
≤101

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤35
≤417
≤517
≤629
≤718
≤81
≤93
≤100

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤21
≤37
≤420
≤511
≤633
≤710
≤87
≤91
≤100

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤21
≤31
≤47
≤57
≤610
≤75
≤84
≤93
≤103

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTIEPSSCVE
2134159.28.8
 
9.6
 
 
Vela Server/Worker/UI privileges management0.000.01282CVE-2022-39395
2134146.36.3
 
 
 
 
Hualing Agentflow BPM improper authentication0.000.01055CVE-2022-39038
2134136.45.3
 
7.5
 
 
Hualing Agentflow BPM path traversal0.040.01055CVE-2022-39037
2134128.57.3
 
9.8
 
 
Hualing Agentflow BPM URL unrestricted upload0.000.02432CVE-2022-39036
2134115.44.3
 
6.5
 
 
UPSMON Pro Configuration File insufficiently protected credentials0.000.01055CVE-2022-38121
2134105.44.3
 
6.5
 
 
UPSMON Pro path traversal0.000.01055CVE-2022-38120
2134098.57.3
 
9.8
 
 
UPSMON Pro Login improper authentication0.000.01055CVE-2022-38119
2134085.55.5
 
 
 
 
Payara Community/Enterprise Privilege Escalation0.070.01108CVE-2022-45129
2134075.35.3
 
5.3
 
 
Deeplearning4J invariant value in dynamically changing context0.000.00885CVE-2022-36022
2134065.55.5
 
 
 
 
AyaCMS fst_upload.inc.php unrestricted upload0.000.01338CVE-2022-43074
2134055.55.5
 
 
 
 
xterm OSC 50 Response Privilege Escalation0.000.03806CVE-2022-45063
2134046.23.7
 
8.8
 
 
Wiesemann & Theis AT-Modem-Emulator/Com-Server small space of random values0.040.01055CVE-2022-42787
2134036.56.5
 
 
 
 
NVIDIA GPU Display Driver Kernel Mode Layer null pointer dereference0.040.00885CVE-2022-34666
2134022.62.6
 
2.6
 
 
SUSE Linux Enterprise Module for SUSE Manager Server cross site scripting0.070.01055CVE-2022-43754
2134014.34.3
 
 
 
 
SUSE Linux Enterprise Module for SUSE Manager Server path traversal0.000.01055CVE-2022-43753
2134004.34.3
 
4.3
 
 
SUSE Linux Enterprise Module for SUSE Manager Server path traversal0.040.01055CVE-2022-31255
2133994.34.3
 
 
 
 
DedeCMS cross-site request forgery0.040.00885CVE-2022-43031
2133986.54.3
 
8.8
 
 
tasklists Task Content cross site scripting0.000.00885CVE-2022-39398
2133973.53.5
 
 
 
 
James Lao Simple Video Embedder Plugin cross site scripting0.030.00885CVE-2022-44590
2133966.36.3
 
 
 
 
Lin-CMS improper authentication0.000.00885CVE-2022-44244
2133954.63.3
 
5.9
 
 
Samsung Smart Phone RIL RxServiceModeBigDataInfo insufficient permissions or privileges0.000.00885CVE-2022-39886
2133944.63.3
 
5.9
 
 
Samsung Smart Phone DeviceManagement BootCompletedReceiver_CMCC insufficient permissions or privileges0.030.00885CVE-2022-39885
2133933.83.3
 
4.3
 
 
Samsung Smart Phone IImsService access control0.030.00885CVE-2022-39884
2133924.75.3
 
4.0
 
 
Samsung Smart Phone StorageManagerService improper authorization0.030.00885CVE-2022-39883
2133916.65.3
 
8.0
 
 
Samsung Smart Phone libsmat.so sflacf_fal_bytes_peek out-of-bounds write0.000.01036CVE-2022-39882
2133905.65.3
 
5.9
 
 
Samsung Smart Phone CallBGProvider improper authorization0.000.00885CVE-2022-39879
2133894.85.3
 
4.3
 
 
Samsung Smart Phone MiscPolicy access control0.030.00885CVE-2022-39887
2133886.25.3
 
7.1
 
 
Samsung Smart Phone DualOutFocusViewer input validation0.000.01036CVE-2022-39880
2133873.53.5
 
 
 
 
AMD Link information disclosure0.070.00885CVE-2022-27673
2133862.62.6
 
 
 
 
Huawei HarmonyOS SD Upgrade Mode race condition0.050.00885CVE-2022-44563
2133855.55.5
 
 
 
 
Huawei HarmonyOS System Framework Layer deserialization0.000.00885CVE-2022-44562
2133845.55.5
 
 
 
 
Huawei HarmonyOS Launcher Module access control0.040.00885CVE-2022-44560
2133835.55.5
 
 
 
 
Huawei HarmonyOS AMS Module deserialization0.030.00885CVE-2022-44559
2133825.55.5
 
 
 
 
Huawei HarmonyOS AMS Module deserialization0.000.00885CVE-2022-44558
2133813.53.5
 
 
 
 
Huawei HarmonyOS DDMP/ODMF denial of service0.050.00885CVE-2022-44555
2133805.55.5
 
 
 
 
Huawei HarmonyOS Power Module permission0.040.00885CVE-2022-44554
2133793.53.5
 
 
 
 
Huawei HarmonyOS Lock Screen denial of service0.050.00885CVE-2022-44552
2133785.55.5
 
 
 
 
Huawei HarmonyOS iAware Module Privilege Escalation0.000.00885CVE-2022-44551
2133773.53.5
 
 
 
 
Huawei HarmonyOS Graphics Display denial of service0.050.00885CVE-2022-44550
2133763.53.5
 
 
 
 
Huawei HarmonyOS Display Service denial of service0.040.00885CVE-2022-44547
2133753.22.8
 
3.6
 
 
Samsung Pass Keep Open Feature improper authentication0.050.00885CVE-2022-39892
2133743.83.3
 
4.3
 
 
Samsung Editor Lite libsavsaudio.so parse_pce heap-based overflow0.000.00885CVE-2022-39891
2133734.73.3
 
6.2
 
 
Samsung Billing improper authorization0.000.00885CVE-2022-39890
2133723.63.3
 
4.0
 
 
GalaxyWatch4Plugin access control0.050.00885CVE-2022-39889
2133713.53.5
 
 
 
 
Huawei HarmonyOS Memory Management Module information disclosure0.080.00885CVE-2021-46852
2133706.36.3
 
 
 
 
Huawei HarmonyOS DRM Module Remote Code Execution0.040.00885CVE-2021-46851
2133695.55.5
 
 
 
 
AMD Radeon/Ryzen/Athlon ASP Driver Privilege Escalation0.040.00885CVE-2020-12930
2133684.62.0
 
7.3
 
 
GitLab Community Edition/Enterprise Edition cross site scripting0.050.00890CVE-2022-3265
2133674.96.3
 
3.5
 
 
GitLab Community Edition/Enterprise Edition Emoji improper authorization0.050.00885CVE-2022-3819
2133664.34.3
 
 
 
 
GitLab Community Edition/Enterprise Edition Configuration File improper authorization0.030.00885CVE-2022-3793

40 more entries are not shown

Do you know our Splunk app?

Download it now for free!