CVSSv3 08/10/2021

CVSSv3 Base

≤10
≤21
≤31
≤433
≤526
≤616
≤744
≤88
≤915
≤102

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤21
≤37
≤428
≤527
≤638
≤726
≤815
≤94
≤100

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤21
≤32
≤435
≤526
≤627
≤731
≤87
≤915
≤102

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤71
≤86
≤91
≤101

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤41
≤52
≤65
≤75
≤825
≤94
≤102

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTICVE
1804935.45.4
 
 
5.4
 
Microsoft Dynamics 365 cross site scripting0.04CVE-2021-36950
1804927.17.1
 
 
7.1
 
Microsoft Azure Active Directory Connect improper authentication0.09CVE-2021-36949
1804918.38.8
 
 
7.8
 
Microsoft Windows Update Medic Service Privilege Escalation0.05CVE-2021-36948
1804908.88.8
 
 
8.8
 
Microsoft Windows Print Spooler Privilege Escalation0.07CVE-2021-36947
1804895.45.4
 
 
5.4
 
Microsoft Dynamics NAV/Dynamics 365 Business Central cross site scripting0.06CVE-2021-36946
1804888.18.8
 
 
7.3
 
Microsoft Windows Update Assistant Privilege Escalation0.03CVE-2021-36945
1804874.04.0
 
 
4.0
 
Microsoft Azure CycleCloud information disclosure0.03CVE-2021-36943
1804866.45.3
 
 
7.5
 
Microsoft Windows LSA information disclosure0.14CVE-2021-36942
1804857.06.3
 
 
7.8
 
Microsoft Office Word Remote Code Execution0.05CVE-2021-36941
1804846.55.4
 
 
7.6
 
Microsoft SharePoint Server unknown vulnerability0.08CVE-2021-36940
1804834.94.3
 
 
5.5
 
Microsoft Windows Cryptographic Primitives Library information disclosure0.05CVE-2021-36938
1804828.38.8
 
 
7.8
 
Microsoft Windows Media MPEG-4 Video Decoder Remote Code Execution0.00CVE-2021-36937
1804818.88.8
 
 
8.8
 
Microsoft Windows Print Spooler Privilege Escalation0.06CVE-2021-36936
1804806.45.3
 
 
7.5
 
Microsoft Windows Services for NFS ONCRPC XDR Driver information disclosure0.00CVE-2021-36933
1804796.45.3
 
 
7.5
 
Microsoft Windows Services for NFS ONCRPC XDR Driver information disclosure0.06CVE-2021-36932
1804788.38.8
 
 
7.8
 
Microsoft Windows Digital TV Tuner Device Registration Application Privilege Escalation0.05CVE-2021-36927
1804776.45.3
 
 
7.5
 
Microsoft Windows Services for NFS ONCRPC XDR Driver information disclosure0.06CVE-2021-36926
1804768.38.8
 
 
7.8
 
Microsoft Windows Bluetooth Driver Privilege Escalation0.05CVE-2021-34537
1804757.87.8
 
 
7.8
 
Microsoft Windows Storage Spaces Controller Local Privilege Escalation0.00CVE-2021-34536
1804748.88.8
 
 
8.8
 
Microsoft Windows Remote Desktop Client Remote Code Execution0.05CVE-2021-34535
1804735.95.0
 
 
6.8
 
Microsoft Windows MSHTML Platform Remote Code Execution0.05CVE-2021-34534
1804727.06.3
 
 
7.8
 
Microsoft Windows Graphics Remote Code Execution0.04CVE-2021-34533
1804714.94.3
 
 
5.5
 
Microsoft ASP.NET Core/Visual Studio information disclosure0.03CVE-2021-34532
1804707.06.3
 
 
7.8
 
Microsoft Windows Graphics Remote Code Execution0.05CVE-2021-34530
1804698.58.8
 
 
8.1
 
Microsoft Dynamics 365 Privilege Escalation0.04CVE-2021-34524
1804687.37.5
 
 
7.0
 
Microsoft Windows Event Tracing Privilege Escalation0.00CVE-2021-34487
1804678.38.8
 
 
7.8
 
Microsoft Windows Event Tracing Privilege Escalation0.05CVE-2021-34486
1804664.64.3
 
 
5.0
 
Microsoft .NET Core/.NET Framework information disclosure0.06CVE-2021-34485
1804658.38.8
 
 
7.8
 
Microsoft Windows User Profile Service Privilege Escalation0.04CVE-2021-34484
1804648.38.8
 
 
7.8
 
Microsoft Windows Print Spooler Privilege Escalation0.05CVE-2021-34483
1804635.95.0
 
 
6.8
 
Microsoft Windows Scripting Engine Remote Code Execution0.08CVE-2021-34480
1804627.06.3
 
 
7.8
 
Microsoft Office Remote Code Execution0.05CVE-2021-34478
1804618.38.8
 
 
7.8
 
Microsoft Malware Protection Engine Defender Privilege Escalation0.04CVE-2021-34471
1804607.07.0
 
 
7.0
 
Microsoft Azure CycleCloud Local Privilege Escalation0.06CVE-2021-33762
1804596.45.3
 
 
7.5
 
Microsoft Windows Services for NFS ONCRPC XDR Driver information disclosure0.05CVE-2021-26433
1804589.89.8
 
 
9.8
 
Microsoft Windows Services for NFS ONCRPC XDR Driver Remote Code Execution0.05CVE-2021-26432
1804578.38.8
 
 
7.8
 
Microsoft Windows Recovery Environment Agent Privilege Escalation0.04CVE-2021-26431
1804564.63.2
 
 
6.0
 
Microsoft Azure Sphere denial of service0.04CVE-2021-26430
1804556.55.3
 
 
7.7
 
Microsoft Azure Sphere Local Privilege Escalation0.07CVE-2021-26429
1804543.32.3
 
 
4.4
 
Microsoft Azure Sphere information disclosure0.07CVE-2021-26428

106 more entries are not shown

Want to stay up to date on a daily basis?

Enable the mail alert feature now!