CVSSv3 11/19/2022

CVSSv3 Base

≤10
≤20
≤32
≤430
≤518
≤622
≤718
≤85
≤94
≤100

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤35
≤427
≤518
≤625
≤716
≤84
≤94
≤100

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤20
≤35
≤432
≤520
≤611
≤719
≤87
≤95
≤100

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤30
≤42
≤529
≤614
≤710
≤812
≤91
≤101

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTIEPSSCVE
2140297.37.3
 
 
 
 
Trojan.Win32.Platinum.gen WTSAPI32.dll untrusted search path0.000.00000
2140283.53.5
 
 
 
 
davidmoreno onion Log response.c onion_response_flush allocation of resources0.480.00890CVE-2022-4066
2140275.55.5
 
 
 
 
cbeust testng XML File Parser JarFileUtils.java testngXmlExistsInJar path traversal1.230.00954CVE-2022-4065
2140263.13.1
 
 
 
 
Dalli Meta Protocol request_formatter.rb self.meta_set injection0.830.01018CVE-2022-4064
2140253.73.7
 
 
 
 
Backdoor.Win32.Oblivion.01.a Service Port 7826 WWPMsg.dll cleartext transmission0.000.00000
2140245.24.3
 
6.1
 
 
Store Locator Plugin cross-site request forgery0.050.00885CVE-2022-41615
2140235.24.3
 
6.1
 
 
Mantenimiento Web Plugin cross-site request forgery0.000.00885CVE-2022-38075
2140224.84.3
 
5.4
 
 
REST API Authentication Plugin cross-site request forgery0.080.00885CVE-2022-45073
2140214.84.3
 
5.4
 
 
Creative Mail Plugin cross-site request forgery0.030.00885CVE-2022-44740
2140203.62.4
 
4.8
 
 
Accessibility Plugin cross site scripting0.000.00885CVE-2022-41643
2140194.84.3
 
5.4
 
 
Media Library Folders Plugin cross-site request forgery0.000.00885CVE-2022-41634
2140184.13.5
 
4.8
 
 
WP Page Builder Plugin cross site scripting0.030.00885CVE-2022-40963
2140174.43.5
 
5.4
 
 
Quiz and Survey Master Plugin cross site scripting0.000.00885CVE-2022-40698
2140164.84.3
 
5.4
 
 
SEO Redirection Plugin cross-site request forgery0.310.00885CVE-2022-40695
2140154.84.3
 
5.4
 
 
Creative Mail Plugin cross-site request forgery0.240.05246CVE-2022-40687
2140144.84.3
 
5.4
 
 
Creative Mail Plugin cross-site request forgery0.040.00885CVE-2022-40686
2140136.86.5
 
7.1
 
 
NVIDIA GPU Display Driver Kernel Mode Layer null pointer dereference0.040.00885CVE-2022-31613
2140123.62.4
 
4.8
 
 
Custom Product Tabs for WooCommerce Plugin cross site scripting0.070.00885CVE-2022-43463
2140114.84.3
 
5.4
 
 
Booster for WooCommerce Plugin cross-site request forgery0.070.00885CVE-2022-41805
2140104.34.3
 
 
 
 
Zoho ManageEngine ADManager Plus Proxy Settings Privilege Escalation0.040.00885CVE-2022-42904
2140094.43.5
 
5.4
 
 
soledad Premium Theme cross site scripting0.070.00885CVE-2022-41788
2140086.36.3
 
6.4
 
 
Better Messages Plugin server-side request forgery0.200.00885CVE-2022-41609
2140075.55.5
 
 
 
 
Free5gc NAS Message Privilege Escalation0.040.00885CVE-2022-38871
2140066.36.3
 
 
 
 
IObit IOTransfer unquoted search path0.000.06089CVE-2022-37197
2140055.55.5
 
 
 
 
Carel Boss Mini access control0.040.00885CVE-2022-34827
2140043.53.5
 
 
 
 
SEPPmail Recipient Address cross site scripting0.140.00885CVE-2021-31739
2140036.36.3
 
 
 
 
Automotive Shop Management System sql injection0.100.00885CVE-2022-44820
2140022.92.4
 
3.4
 
 
Biplob Adhikari Accordions Plugin cross site scripting0.030.00885CVE-2022-45082
2140017.86.5
 
9.1
 
 
WatchTowerHQ Plugin denial of service0.270.00885CVE-2022-44584
2140006.45.3
 
7.5
 
 
WatchTowerHQ Plugin information disclosure0.140.00885CVE-2022-44583
2139997.37.3
 
 
 
 
Api2Cart Bridge Connector Plugin unrestricted upload0.420.00885CVE-2022-42698
2139985.94.7
 
7.2
 
 
Image Hover Effects Ultimate Plugin Options Change access control0.140.00885CVE-2022-42459
2139976.37.3
 
5.3
 
 
LoginPress Plugin Tracking Setting access control0.030.00885CVE-2022-41839
2139966.37.3
 
5.3
 
 
iQ Block Country Plugin access control0.160.00885CVE-2022-41155
2139956.97.3
 
6.5
 
 
Modula Plugin Setting access control0.040.00885CVE-2022-41135
2139945.36.3
 
4.3
 
 
Better Messages Plugin access control0.040.00885CVE-2022-40216
2139933.73.1
 
4.3
 
 
WP-Polls Plugin race condition0.000.00885CVE-2022-40130
2139925.36.3
 
4.3
 
 
Appointment Booking Calendar Plugin authorization0.040.00885CVE-2022-43482
2139916.97.3
 
6.5
 
 
Permalink Manager Lite Plugin access control0.050.00885CVE-2022-41781
2139905.36.3
 
4.3
 
 
Appointment Hour Booking Plugin authorization0.100.00885CVE-2022-41692
2139896.56.5
 
6.5
 
 
Quiz and Survey Master Plugin unknown vulnerability0.250.00885CVE-2022-41652
2139883.73.7
 
 
 
 
knative func information disclosure0.240.01018CVE-2022-41939
2139873.82.7
 
4.9
 
 
Import Shopify to WooCommerce Plugin path traversal0.030.00885CVE-2022-44634
2139864.34.3
 
4.3
 
 
wpDiscuz Plugin resource injection0.080.00885CVE-2022-43492
2139855.35.3
 
5.3
 
 
Quiz and Survey Master Plugin information disclosure0.050.00885CVE-2022-42883
2139845.55.5
 
 
 
 
Api2Cart Bridge Connector Plugin Privilege Escalation0.070.01440CVE-2022-42497
2139834.34.3
 
 
 
 
Viszt Péter Integration for Szamlazz.hu & WooCommerce Plugin cross-site request forgery0.070.01018CVE-2022-41685
2139824.34.3
 
4.3
 
 
Phone Orders for WooCommerce Plugin information disclosure0.100.00885CVE-2022-41655
2139813.73.7
 
3.7
 
 
Media Library Assistant Plugin information disclosure0.210.00885CVE-2022-41618
2139808.08.8
 
7.1
 
 
NVIDIA GPU Display Driver Kernel Mode Layer nvlddmkm.sys out-of-bounds0.070.00885CVE-2022-31612

49 more entries are not shown

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!