CVSSv2 March 2021info

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

PublishedVDBNVDVendResVulnerabilityCTICVE
03/12/20214.9
 
 
 
fltk Crate Constructor out-of-bounds read3.02-CVE-2021-28308
03/12/20212.3
 
 
 
fltk Crate Window Icon null pointer dereference2.78-CVE-2021-28307
03/12/20212.3
 
 
 
fltk Crate Image null pointer dereference2.68-CVE-2021-28306
03/12/20214.9
 
 
 
diesel Crate SQLite Backend sqlite3_column_name use after free2.87-CVE-2021-28305
03/12/20217.5
 
 
 
Synology DiskStation Manager Web Request iscsi_snapshot_comm_core out-of-bounds read2.97-CVE-2021-27647
03/12/20217.5
 
 
 
Synology DiskStation Manager Web Request iscsi_snapshot_comm_core use after free2.39-CVE-2021-27646
03/12/20217.5
 
 
 
Synology DiskStation Manager Thread iscsi_snapshot_comm_core race condition2.49-CVE-2021-26569
03/12/20214.0
 
 
 
Barracuda Web Application Firewall Online Demo lookup.cgi ldap injection3.40-
03/12/20214.6
 
 
 
Camunda Modeler IPC Message writeFile state issue3.54-CVE-2021-28154
03/12/20214.6
 
 
 
GNOME GLib g_file_replace symlink3.78-CVE-2021-28153
03/12/20216.5
 
 
 
D-Link DIR-841 ping/ping6/traceroute jsonrpc command injection3.64-CVE-2021-28143
03/12/20216.5
 
 
 
Schneider Electric PowerLogic ION9000 memory corruption4.31-CVE-2021-22714
03/12/20212.7
 
 
 
Schneider Electric PowerLogic ION8600 memory corruption4.50-CVE-2021-22713
03/12/20215.2
 
 
 
Schneider Electric Interactive Graphical SCADA System Configuration Group File Def.exe buffer overflow4.36-CVE-2021-22712
03/12/20215.2
 
 
 
Schneider Electric Interactive Graphical SCADA System Configuration Group File Def.exe buffer overflow3.69-CVE-2021-22711
03/12/20216.5
 
 
 
Schneider Electric Interactive Graphical SCADA System Configuration Group File Def.exe buffer overflow3.93-CVE-2021-22710
03/12/20216.5
 
 
 
Schneider Electric Interactive Graphical SCADA System Configuration Group File Def.exe buffer overflow3.83-CVE-2021-22709
03/12/20216.5
 
 
 
MagicConnect Client untrusted search path1.88-CVE-2021-20674
03/12/20214.6
 
 
 
Linux Kernel Floppy Disk Drive Controller Driver fd0 race condition2.30-CVE-2021-20261
03/12/20214.9
 
 
 
JMS Client for RabbitMQ StreamMessage Data deserialization2.10-CVE-2020-36282
03/12/20215.2
 
 
 
Dan Bloomberg Leptonica colorquant1.c pixFewColorsOctcubeQuantMixed heap-based overflow2.06-CVE-2020-36281
03/12/20215.2
 
 
 
Dan Bloomberg Leptonica tiffio.c pixReadFromTiffStream heap-based overflow2.06-CVE-2020-36280
03/12/20215.2
 
 
 
Dan Bloomberg Leptonica adaptmap_reg.c rasteropGeneralLow heap-based overflow2.01-CVE-2020-36279
03/12/20215.2
 
 
 
Dan Bloomberg Leptonica ccbord.c findNextBorderPixel heap-based overflow2.59-CVE-2020-36278
03/12/20212.3
 
 
 
Dan Bloomberg Leptonica pixconv.c pixConvert2To8 denial of service1.92-CVE-2020-36277
03/12/20214.0
 
 
 
Quadbase EspressReports ES File Upload cross-site request forgery1.92-CVE-2020-24984
03/12/20215.0
 
 
 
Quadbase EspressReports ES POST Request cross-site request forgery2.20-CVE-2020-24983
03/12/20215.2
 
 
 
Wind River VxWorks DNS ipdnsc_decode_name stack-based overflow2.01-CVE-2016-20009
03/12/20216.0
 
 
 
food-and-drink-menu Plugin fdm_cart Cookie class-cart-manager.php load_cart_from_cookie deserialization2.30-CVE-2020-29045
03/12/20214.0
 
 
 
Bloomreach Experience Manager cross-site request forgery2.11-CVE-2020-14989
03/12/20214.9
 
 
 
Bloomreach Experience Manager Login Page unrestricted upload2.06-CVE-2020-14988
03/11/20219.0
 
 
 
D-Link DIR-3060 prog.cgi SetVirtualServerSettings command injection1.77CVE-2021-28144
03/11/20216.5
 
 
 
Progress Telerik UI for ASP.NET AJAX Telerik.Web.UI.WebResource.axd command injection1.29CVE-2021-28141
03/11/20214.0
 
 
 
ImpressCMS Profile content.php cross site scripting1.13CVE-2021-28088
03/11/20214.0
 
 
 
Batflat CMS Navigation cross site scripting1.13CVE-2021-27679
03/11/20214.0
 
 
 
Batflat CMS Snippets cross site scripting0.91CVE-2021-27678
03/11/20214.0
 
 
 
Batflat CMS Galleries cross site scripting0.80CVE-2021-27677
03/11/20214.0
 
 
 
CSZ CMS cross site scripting0.75CVE-2021-26776
03/11/20214.3
 
 
 
Flatpak File Forwarding injection1.03CVE-2021-21381
03/11/20214.0
 
 
 
IBM Tivoli Netcool/OMNIbus_GUI Web UI cross site scripting0.80CVE-2021-20336
03/11/20219.0
 
 
 
IBM DB2/DB2 Connect Server buffer overflow1.49CVE-2020-5025
03/11/20215.0
 
 
 
IBM DB2/DB2 Connect Server SSL Handshake denial of service1.15CVE-2020-5024
03/11/20216.5
 
 
 
IBM DB2/DB2 Connect Server permission1.01CVE-2020-4976
03/11/20215.8
 
 
 
Bloomreach Experience Manager Updater Editor Remote Privilege Escalation1.10CVE-2020-14987
03/11/20217.5
 
 
 
LUCY Security Awareness Software Migration Tool static unrestricted upload1.01CVE-2021-28132
03/11/20217.5
 
 
 
Envoy JWT Token improper authentication0.76CVE-2021-21378
03/11/20214.0
 
 
 
swagger-codegen Directory temp file0.66CVE-2021-21364
03/11/20216.5
 
 
 
swagger-codegen temp file0.76CVE-2021-21363
03/11/20214.9
 
 
 
Facebook HHVM Dynamic Property use after free0.57CVE-2020-1900
03/11/20214.9
 
 
 
Facebook HHVM Type Code unserialize uninitialized pointer0.57CVE-2020-1899

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!