CVSSv3 10/19/2021

CVSSv3 Base

≤10
≤21
≤37
≤418
≤553
≤6125
≤753
≤8114
≤964
≤1034

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤21
≤38
≤417
≤554
≤6133
≤758
≤8131
≤934
≤1033

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤21
≤314
≤421
≤555
≤6119
≤751
≤8112
≤960
≤1036

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤43
≤51
≤680
≤726
≤871
≤936
≤1035

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤21
≤35
≤46
≤547
≤644
≤732
≤860
≤930
≤107

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTIEPSSCVE
1850534.44.4
 
4.4
 
 
Oracle VM VirtualBox denial of service0.030.00885CVE-2021-2475
1850524.44.4
 
4.4
 
 
Oracle VM VirtualBox denial of service0.050.00885CVE-2021-35542
1850514.64.6
 
4.6
 
 
Oracle Secure Global Desktop Client unknown vulnerability0.030.00885CVE-2021-35650
1850505.35.35.3
 
 
 
Oracle Secure Global Desktop Apache Tomcat request smuggling0.020.05242CVE-2021-33037
1850495.45.4
 
5.4
 
 
Oracle Secure Global Desktop Server unknown vulnerability0.030.00885CVE-2021-35649
1850485.55.5
 
5.5
 
 
Oracle VM VirtualBox denial of service0.030.00885CVE-2021-35540
1850476.76.7
 
6.7
 
 
Oracle VM VirtualBox unknown vulnerability0.030.00885CVE-2021-35545
1850467.87.8
 
7.8
 
 
Oracle VM VirtualBox Local Privilege Escalation0.030.00885CVE-2021-35538
1850455.55.55.5
 
 
 
Oracle Utilities Framework Apache Ant denial of service0.070.03032CVE-2021-36374
1850443.73.73.7
 
 
 
Oracle Ethernet Switch ES2-64/Ethernet Switch ES2-72 OpenSSL information disclosure0.030.01537CVE-2020-1968
1850433.93.9
 
3.9
 
 
Oracle Solaris Utility unknown vulnerability0.030.00885CVE-2021-35549
1850426.06.0
 
6.0
 
 
Oracle Solaris Device drivers denial of service0.000.00885CVE-2021-35589
1850416.56.5
 
6.5
 
 
Oracle Solaris Filesystem denial of service0.030.00885CVE-2021-35539
1850409.89.89.8
 
 
 
Oracle ZFS Storage Appliance Kit Operating System Image out-of-bounds write0.050.07767CVE-2021-26691
1850395.35.3
 
5.3
 
 
Oracle Transportation Management information disclosure0.000.00885CVE-2021-2476
1850385.45.4
 
5.4
 
 
Oracle Transportation Management UI Infrastructure unknown vulnerability0.060.06977CVE-2021-35616
1850375.55.55.5
 
 
 
Oracle Agile PLM Apache Groovy information disclosure0.030.03812CVE-2020-17521
1850367.57.57.5
 
 
 
Oracle Autovue for Agile Product Lifecycle Management jackson-databind xml external entity reference0.050.10214CVE-2020-25649
1850357.57.5
 
7.5
 
 
Oracle Autovue for Agile Product Lifecycle Management Eclipse Jetty denial of service0.030.15096CVE-2021-28165
1850343.73.73.7
 
 
 
Oracle Siebel Apps - Marketing Apache Log4j information disclosure0.030.34284CVE-2020-9488
1850336.56.56.5
 
 
 
Oracle Siebel UI Framework CKEditor denial of service0.040.01018CVE-2021-26272
1850327.07.07.0
 
 
 
Oracle Siebel Apps - Marketing Apache Tomcat deserialization0.040.89957CVE-2020-9484
1850317.57.57.5
 
 
 
Oracle Siebel UI Framework OpenSSL information disclosure0.030.34498CVE-2016-2183
1850307.57.57.5
 
 
 
Oracle Siebel UI Framework Apache Tomcat information disclosure0.040.05242CVE-2021-25122
1850297.57.5
 
7.5
 
 
Oracle Siebel Core - Automation Eclipse Jetty denial of service0.050.15096CVE-2021-28165
1850283.33.3
 
3.3
 
 
Oracle Retail Customer Management and Segmentation Foundation Google Guava information disclosure0.030.01547CVE-2020-8908
1850275.35.35.3
 
 
 
Oracle Retail Customer Management and Segmentation Foundation Apache HTTPClient unknown vulnerability0.000.04468CVE-2020-13956
1850265.35.35.3
 
 
 
Oracle Retail Customer Management and Segmentation Foundation Apache Commons IO information disclosure0.030.07767CVE-2021-29425
1850255.55.55.5
 
 
 
Oracle Retail Store Inventory Management Apache Ant denial of service0.000.03032CVE-2021-36374
1850245.55.55.5
 
 
 
Oracle Retail Service Backbone Apache Ant denial of service0.050.03032CVE-2021-36374
1850235.55.55.5
 
 
 
Oracle Retail Predictive Application Server Apache Ant denial of service0.030.03032CVE-2021-36374
1850225.55.55.5
 
 
 
Oracle Retail Point-of-Service Apache Ant denial of service0.000.03032CVE-2021-36374
1850215.55.55.5
 
 
 
Oracle Retail Merchandising System Apache Ant denial of service0.000.03032CVE-2021-36374
1850205.55.55.5
 
 
 
Oracle Retail Integration Bus Apache Ant denial of service0.030.03032CVE-2021-36374
1850195.55.55.5
 
 
 
Oracle Retail Financial Integration Apache Ant denial of service0.040.03032CVE-2021-36374
1850185.55.55.5
 
 
 
Oracle Retail Extract Transform and Load Apache Ant denial of service0.030.03032CVE-2021-36374
1850175.55.55.5
 
 
 
Oracle Retail Central Office Apache Ant denial of service0.040.03032CVE-2021-36374
1850165.55.55.5
 
 
 
Oracle Retail Bulk Data Integration Apache Ant denial of service0.040.03032CVE-2021-36374
1850155.55.55.5
 
 
 
Oracle Retail Back Office Apache Ant denial of service0.040.03032CVE-2021-36374
1850145.55.55.5
 
 
 
Oracle Retail Advanced Inventory Planning Apache Ant denial of service0.040.03032CVE-2021-36374

429 more entries are not shown

Interested in the pricing of exploits?

See the underground prices here!