CVSSv2 February 2021info

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

PublishedVDBNVDVendResVulnerabilityCTICVE
02/27/20214.9
 
 
 
SerComm Combo VD625 HTTP Header injection0.89CVE-2021-27132
02/27/20215.2
 
 
 
SaltStack Salt SSH Client os command injection1.31CVE-2021-3197
02/27/20214.0
 
 
 
i-doit cross site scripting0.79CVE-2021-3151
02/27/20215.2
 
 
 
SaltStack Salt API thin.py salt.utils.thin.gen_thin command injection0.79CVE-2021-3148
02/27/20215.2
 
 
 
SaltStack Salt eauth Token unknown vulnerability0.53CVE-2021-3144
02/27/20212.1
 
 
 
wpa_supplicant P2P Provision Discovery Request p2p_pd.c denial of service0.53CVE-2021-27803
02/27/20215.2
 
 
 
Zint Barcode Generator C API upcean.c ean_leading_zeroes buffer overflow0.53CVE-2021-27799
02/27/20216.8
 
 
 
Visualware MyConnection Server Web Service unrestricted upload0.68CVE-2021-27198
02/27/20216.5
 
 
 
Synology DiskStation Manager faad path traversal0.47CVE-2021-26567
02/27/20215.1
 
 
 
Synology DiskStation Manager synorelayd insertion of sensitive information into sent data0.42CVE-2021-26566
02/27/20212.6
 
 
 
Synology DiskStation Manager HTTP Session cleartext transmission0.58CVE-2021-26565
02/27/20212.6
 
 
 
Synology DiskStation Manager HTTP Session channel accessible0.44CVE-2021-26564
02/27/20211.7
 
 
 
Synology DiskStation Manager Kernel Module access control0.48CVE-2021-26563
02/27/20217.6
 
 
 
Synology DiskStation Manager HTTP Header out-of-bounds write0.44CVE-2021-26562
02/27/20217.6
 
 
 
Synology DiskStation Manager HTTP Header stack-based overflow0.65CVE-2021-26561
02/27/20212.6
 
 
 
Synology DiskStation Manager HTTP Session channel accessible0.43CVE-2021-26560
02/27/20212.7
 
 
 
SaltStack Salt salt.modules.cmdmod log file0.44CVE-2021-25284
02/27/20214.9
 
 
 
SaltStack Salt Jinja Renderer injection0.66CVE-2021-25283
02/27/20215.2
 
 
 
SaltStack Salt salt.wheel.pillar_roots.write pathname traversal0.47CVE-2021-25282
02/27/20216.5
 
 
 
SaltStack Salt salt-api Remote Privilege Escalation0.47CVE-2021-25281
02/27/20217.5
 
 
 
Redis integer overflow0.81CVE-2021-21309
02/27/20217.5
 
 
 
PrestaShop Soft Logout System improper authentication0.43CVE-2021-21308
02/27/20216.5
 
 
 
PrestaShop Admin Panel csv injection0.38CVE-2021-21302
02/27/20216.8
 
 
 
Google Android cameraisp out-of-bounds write0.65CVE-2021-0406
02/27/20216.8
 
 
 
Google Android Performance Driver out-of-bounds write0.63CVE-2021-0405
02/27/20211.7
 
 
 
Google Android mobile_log_d information disclosure0.43CVE-2021-0404
02/27/20211.7
 
 
 
Google Android netdiag information disclosure0.27CVE-2021-0403
02/27/20216.8
 
 
 
Google Android jpeg out-of-bounds write0.38CVE-2021-0402
02/27/20216.8
 
 
 
Google Android vow memory corruption0.43CVE-2021-0401
02/27/20216.8
 
 
 
Google Android vpu memory corruption0.27CVE-2021-0367
02/27/20216.8
 
 
 
Google Android vpu memory corruption0.43CVE-2021-0366
02/27/20216.5
 
 
 
Zenphoto CMS Uploader Plugin unrestricted upload0.16CVE-2020-36079
02/27/20215.1
 
 
 
SaltStack Salt certificate validation0.49CVE-2020-35662
02/27/20215.1
 
 
 
SaltStack Salt certificate validation0.28CVE-2020-28972
02/27/20214.3
 
 
 
SaltStack Salt Process Name command injection0.70CVE-2020-28243
02/27/20215.0
 
 
 
GNU C Library Mutlibyte iconv infinite loop0.32CVE-2020-27618
02/27/20212.3
 
 
 
Eclipse Jetty Accept Header algorithmic complexity0.53CVE-2020-27223
02/27/20213.3
 
 
 
Scytl sVote X-Forwarded-For Header injection0.28CVE-2019-25023
02/27/20215.2
 
 
 
Scytl sVote Event Alias Runtime.getRuntime.exec code injection0.32CVE-2019-25022
02/27/20215.8
 
 
 
Scytl sVote Database Manager hard-coded password0.38CVE-2019-25021
02/27/20213.3
 
 
 
Scytl sVote sdm-ws-rest API preconfiguration improper authentication0.17CVE-2019-25020
02/27/20214.0
 
 
 
OpenText Content Server cross site scripting1.30CVE-2021-3010
02/27/20216.5
 
 
 
LMA ISIDA Retriever sql injection0.16CVE-2021-26904
02/27/20214.0
 
 
 
LMA ISIDA Retriever cross site scripting0.22CVE-2021-26903
02/26/20217.5
 
 
 
Mozilla Firefox memory corruption0.54CVE-2021-23979
02/26/20217.5
 
 
 
Mozilla Firefox/Firefox ESR/Thunderbird memory corruption0.59CVE-2021-23978
02/26/20217.5
 
 
 
Mozilla Firefox memory corruption0.59CVE-2021-23965
02/26/20217.5
 
 
 
Mozilla Firefox/Firefox ESR/Thunderbird memory corruption0.48CVE-2021-23964
02/26/20215.0
 
 
 
thecodingmachine Gotenberg html server-side request forgery0.43CVE-2021-23345
02/26/20215.8
 
 
 
ProSoft ICX35-HWC-A/ICX35-HWC-E Module Webpage access control0.26CVE-2021-22661

Do you want to use VulDB in your project?

Use the official API to access entries easily!