CVSSv3 07/17/2021

CVSSv3 Base

≤10
≤20
≤30
≤43
≤51
≤63
≤711
≤83
≤90
≤101

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤30
≤43
≤51
≤611
≤74
≤82
≤90
≤101

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤20
≤30
≤43
≤51
≤63
≤711
≤83
≤90
≤101

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTICVE
1795595.35.3
 
 
 
 
Apple iMovie permission0.04CVE-2021-30757
1788416.36.3
 
 
 
 
Google Chrome WebXR heap-based overflow0.05CVE-2021-30564
1788406.36.3
 
 
 
 
Google Chrome v8 type confusion0.00CVE-2021-30563
1788396.36.3
 
 
 
 
Google Chrome WebSerial use after free0.05CVE-2021-30562
1788386.36.3
 
 
 
 
Google Chrome v8 type confusion0.05CVE-2021-30561
1788376.36.3
 
 
 
 
Google Chrome Blink XSLT use after free0.05CVE-2021-30560
1788366.36.3
 
 
 
 
Google Chrome v8 use after free0.04CVE-2021-30541
1788356.36.3
 
 
 
 
Google Chrome ANGLE out-of-bounds write0.00CVE-2021-30559
1788345.45.4
 
 
 
 
Telegram App/Desktop Message Order unknown vulnerability0.00CVE-2021-36769
1788336.66.6
 
 
 
 
Lenovo Notebook BIOS Update Local Privilege Escalation0.04CVE-2021-3614
1788326.86.8
 
 
 
 
Lenovo Notebook/ThinkPad/Desktop BIOS Module protection mechanism0.05CVE-2021-3453
1788317.27.2
 
 
 
 
Lenovo ThinkPad System Shutdown SMI Callback input validation0.08CVE-2021-3452
1788306.36.3
 
 
 
 
Lenovo PCManager uncontrolled search path0.00CVE-2021-3550
1788297.37.3
 
 
 
 
Dell EMC Avamar Server/Integrated Data Protection Appliance xml external entity reference0.06CVE-2019-3752
1788285.35.3
 
 
 
 
Dr. ID Door Access Control and Personnel Attendance Management System path traversal0.05CVE-2021-35962
1788279.89.8
 
 
 
 
Dr. ID Door Access Control and Personnel Attendance Management System hard-coded credentials0.08CVE-2021-35961
1788263.33.3
 
 
 
 
Micronaut path traversal0.04CVE-2021-32769
1788256.36.3
 
 
 
 
Centreon Platform Centreon-Web sql injection0.07CVE-2021-28053
1788245.05.0
 
 
 
 
fail2ban mail-whois os command injection0.05CVE-2021-32749
1788233.73.7
 
 
 
 
IBM QRadar SIEM inadequate encryption0.00CVE-2020-4980
1788227.37.3
 
 
 
 
IBM InfoSphere Data Replication missing authentication0.04CVE-2020-4821
1788213.53.5
 
 
 
 
IBM Infosphere Master Data Management Server cross-site request forgery0.00CVE-2020-4675

Want to stay up to date on a daily basis?

Enable the mail alert feature now!