CVSSv3 January 2021info

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

C3BM Index »

Our unique C3BM Index (CVSSv3 Base Meta Index) cumulates the CVSSv3 Meta Base Scores of all entries over time. Comparing this index to the amount of disclosed vulnerabilities helps to pinpoint the most important events.

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

PublishedBaseVDBNVDVendResVulnerabilityCTICVE
01/22/20215.35.3
 
 
 
jquery-ui Dialog injection1.82CVE-2020-28488
01/22/20213.53.5
 
 
 
Hyweb HyCMS-J1 Backend Edit cross site scripting2.57CVE-2021-22849
01/22/20216.36.3
 
 
 
Hyweb HyCMS-J1 API injection2.46CVE-2021-22847
01/22/20214.34.3
 
 
 
CSI snapshot-controller Volume Snapshot null pointer dereference2.94-CVE-2020-8569
01/22/20212.22.2
 
 
 
Secrets Store CSI Driver pods path traversal2.94-CVE-2020-8568
01/22/20214.24.2
 
 
 
Secrets Store CSI Driver Vault Plugin pods path traversal2.67-CVE-2020-8567
01/22/20213.13.1
 
 
 
Kubernetes API Server permission3.00-CVE-2020-8554
01/22/20216.36.3
 
 
 
Backdoor.Win32.Hupigon.adef HTTP POST Request user32.dll buffer overflow3.21-
01/22/20213.73.7
 
 
 
OnlineVotingSystem Password Hash hash without salt3.16-CVE-2021-21253
01/22/20213.13.1
 
 
 
PySAML2 CryptoBackendXmlSec1 Backend xmlsec1 signature verification4.49-CVE-2021-21239
01/22/20214.34.3
 
 
 
PySAML2 XML Signature signature verification4.39-CVE-2021-21238
01/22/20213.73.7
 
 
 
IBM Security Identity Governance and Intelligence HSTS cleartext transmission4.76-CVE-2020-4969
01/22/20213.73.7
 
 
 
IBM Security Identity Governance and Intelligence inadequate encryption4.39-CVE-2020-4968
01/22/20213.73.7
 
 
 
IBM Security Identity Governance and Intelligence Token missing secure attribute4.28-CVE-2020-4966
01/22/20215.65.6
 
 
 
IBM Security Identity Governance and Intelligence improper authentication4.39-CVE-2020-4958
01/22/20214.74.7
 
 
 
OpenMage Import/Export unrestricted upload3.58-CVE-2020-26295
01/22/20214.74.7
 
 
 
OpenMage Import/Export unrestricted upload3.85-CVE-2020-26285
01/21/20216.36.3
 
 
 
Qualcomm Snapdragon Auto Audio integer underflow4.17CVE-2020-3691
01/21/20213.33.3
 
 
 
Qualcomm Admin Services access control3.74CVE-2020-3687
01/21/20216.36.3
 
 
 
Qualcomm Snapdragon Auto Music Playback out-of-bounds read3.60CVE-2020-3686
01/21/20215.55.5
 
 
 
Qualcomm Snapdragon Auto memory corruption4.06CVE-2020-3685
01/21/20215.55.5
 
 
 
Qualcomm Snapdragon Auto WLAN Driver out-of-bounds read3.09CVE-2020-11225
01/21/20215.55.5
 
 
 
Qualcomm Snapdragon Compute Audio Driver double free3.12CVE-2020-11217
01/21/20216.36.3
 
 
 
Qualcomm Snapdragon Auto Video Driver buffer overflow3.01CVE-2020-11216
01/21/20215.55.5
 
 
 
Qualcomm Snapdragon Auto VSA Attribute out-of-bounds read2.67CVE-2020-11215
01/21/20215.55.5
 
 
 
Qualcomm Snapdragon Auto NDL Attribute buffer overflow2.91CVE-2020-11214
01/21/20215.55.5
 
 
 
Qualcomm Snapdragon Auto Service Descriptor out-of-bounds read2.38CVE-2020-11213
01/21/20215.55.5
 
 
 
Qualcomm Snapdragon Auto NAN Beacon Attribute out-of-bounds read2.27CVE-2020-11212
01/21/20215.55.5
 
 
 
Qualcomm Snapdragon Auto RPS Parser buffer overflow2.72CVE-2020-11200
01/21/20216.36.3
 
 
 
Qualcomm Snapdragon Auto Stream Info Update integer overflow1.55CVE-2020-11197
01/21/20215.55.5
 
 
 
Qualcomm Snapdragon Auto WLAN Driver out-of-bounds read1.82CVE-2020-11185
01/21/20215.55.5
 
 
 
Qualcomm Snapdragon Auto Display Service buffer overflow1.61CVE-2020-11183
01/21/20215.55.5
 
 
 
Qualcomm Snapdragon Compute CVP Process out-of-bounds read1.98CVE-2020-11181
01/21/20215.55.5
 
 
 
Qualcomm Snapdragon Auto Command out-of-bounds read1.00CVE-2020-11180
01/21/20214.64.6
 
 
 
Qualcomm Snapdragon Auto buffer overflow0.75CVE-2020-11179
01/21/20216.36.3
 
 
 
Qualcomm Snapdragon Auto L2CAP Packet Length memory corruption0.75CVE-2020-11167
01/21/20214.64.6
 
 
 
Qualcomm Snapdragon Auto HAL Layer race condition0.91CVE-2020-11152
01/21/20215.55.5
 
 
 
Qualcomm Snapdragon Auto IOCTL use after free0.90CVE-2020-11151
01/21/20215.55.5
 
 
 
Qualcomm Snapdragon Auto Camera Driver out-of-bounds read0.91CVE-2020-11150
01/21/20213.53.5
 
 
 
Qualcomm Snapdragon Auto Camera Driver out-of-bounds read0.81CVE-2020-11149
01/21/20215.55.5
 
 
 
Qualcomm Snapdragon Auto HIDL use after free0.70CVE-2020-11148
01/21/20215.55.5
 
 
 
Qualcomm Snapdragon Auto IOCTL array index0.82CVE-2020-11146
01/21/20213.53.5
 
 
 
Qualcomm Snapdragon Auto Delta Extension Header divide by zero0.86CVE-2020-11145
01/21/20215.55.5
 
 
 
Qualcomm Snapdragon Auto DL ROHC Packet Decompression buffer overflow0.75CVE-2020-11144
01/21/20216.36.3
 
 
 
Qualcomm Snapdragon Auto Music Playback out-of-bounds read0.91CVE-2020-11143
01/21/20216.36.3
 
 
 
Qualcomm Snapdragon Auto Music Playback out-of-bounds read0.95CVE-2020-11140
01/21/20213.53.5
 
 
 
Qualcomm Snapdragon Auto Frame out-of-bounds read1.02CVE-2020-11139
01/21/20214.34.3
 
 
 
Qualcomm Snapdragon Auto Music Playback uninitialized pointer1.01CVE-2020-11138
01/21/20213.53.5
 
 
 
Qualcomm Snapdragon Auto Integer Multiplication out-of-bounds read1.27CVE-2020-11137
01/21/20215.55.5
 
 
 
Qualcomm Snapdragon Auto Audio Driver buffer overflow0.69CVE-2020-11136

Do you want to use VulDB in your project?

Use the official API to access entries easily!