CVSSv3 01/07/2021info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1674018.08.0
 
 
 
EVOLUCARE ECS Imaging showfile.php os command injection0.00CVE-2021-3029
1674002.02.0
 
 
 
NXP SmartMX/P5x/A7x CryptoLib power side-channel0.22CVE-2021-3011
1673996.36.3
 
 
 
Mozilla Firefox memory corruption0.07CVE-2020-35114
1673986.36.3
 
 
 
Mozilla Firefox/Firefox ESR/Thunderbird memory corruption0.17CVE-2020-35113
1673975.05.0
 
 
 
Mozilla Firefox/Firefox ESR/Thunderbird Extension uncontrolled search path0.06CVE-2020-35112
1673964.34.3
 
 
 
Mozilla Firefox/Firefox ESR/Thunderbird Proxy information disclosure0.00CVE-2020-35111
1673956.36.3
 
 
 
MonoCMS Blog Access Control category.php access control0.00CVE-2020-28672
1673944.34.3
 
 
 
Mozilla Firefox Address Bar clickjacking0.07CVE-2020-26979
1673934.34.3
 
 
 
Mozilla Firefox/Firefox ESR/Thunderbird information disclosure0.05CVE-2020-26978
1673924.34.3
 
 
 
Mozilla Firefox URL Bar clickjacking0.07CVE-2020-26977
1673916.36.3
 
 
 
Mozilla Firefox Service Worker Remote Code Execution0.00CVE-2020-26976
1673905.35.3
 
 
 
Mozilla Firefox session fixiation0.00CVE-2020-26975
1673896.36.3
 
 
 
Mozilla Firefox/Firefox ESR/Thunderbird Table Wrapper heap-based overflow0.07CVE-2020-26974
1673885.55.5
 
 
 
Mozilla Firefox/Firefox ESR/Thunderbird CSS unknown vulnerability0.00CVE-2020-26973
1673876.36.3
 
 
 
Mozilla Firefox IPC Actor use after free0.00CVE-2020-26972
1673866.36.3
 
 
 
Mozilla Firefox/Firefox ESR/Thunderbird Video Driver heap-based overflow0.00CVE-2020-26971
1673856.36.3
 
 
 
Restaurant Reservation System reservation.inc.php sql injection0.00CVE-2020-26773
1673843.53.5
 
 
 
Formstone upload-target.php cross site scripting0.08CVE-2020-26768
1673833.53.5
 
 
 
CuteSoft Components Cute Editor for ASP.NET cross site scripting0.00CVE-2020-24903
1673824.34.3
 
 
 
Quixplorer cross site scripting0.00CVE-2020-24902
1673813.53.5
 
 
 
Krpano Panorama Viewer JS Load krpano.html cross site scripting0.00CVE-2020-24901
1673803.53.5
 
 
 
Krpano Panorama Viewer XML Load krpano.html cross site scripting0.09CVE-2020-24900
1673794.34.3
 
 
 
CairoSVG Regular Expression resource consumption0.00CVE-2021-21236
1673787.37.3
 
 
 
Node.js Transfer-Encoding request smuggling0.00CVE-2020-8287
1673773.53.5
 
 
 
Nextcloud Contacts SVG File cross site scripting0.00CVE-2020-8281
1673763.53.5
 
 
 
Nextcloud Contacts SVG cross site scripting0.00CVE-2020-8280
1673754.04.0
 
 
 
Citrix Secure Mail access control0.04CVE-2020-8275
1673746.36.3
 
 
 
Citrix Secure Mail code injection0.09CVE-2020-8274
1673735.55.5
 
 
 
Node.js TLS Socket Write use after free0.09CVE-2020-8265
1673723.53.5
 
 
 
actionpack Gem Developer Mode cross site scripting0.05CVE-2020-8264
1673713.53.5
 
 
 
MendixSSO OpenID Endpoint cross site scripting0.00CVE-2020-8160
1673706.36.3
 
 
 
FasterXML jackson-databind Remote Privilege Escalation0.07CVE-2020-36189
1673696.36.3
 
 
 
FasterXML jackson-databind Remote Privilege Escalation0.00CVE-2020-36188
1673686.36.3
 
 
 
FasterXML jackson-databind Remote Privilege Escalation0.05CVE-2020-36187
1673676.36.3
 
 
 
FasterXML jackson-databind Remote Privilege Escalation0.05CVE-2020-36186
1673666.36.3
 
 
 
FasterXML jackson-databind Remote Privilege Escalation0.00CVE-2020-36185
1673656.36.3
 
 
 
FasterXML jackson-databind Remote Privilege Escalation0.05CVE-2020-36184
1673645.55.5
 
 
 
FasterXML jackson-databind unknown vulnerability0.00CVE-2020-36183
1673635.55.5
 
 
 
FasterXML jackson-databind unknown vulnerability0.04CVE-2020-36182
1673625.55.5
 
 
 
FasterXML jackson-databind unknown vulnerability0.04CVE-2020-36181
1673615.55.5
 
 
 
FasterXML jackson-databind unknown vulnerability0.00CVE-2020-36180
1673605.55.5
 
 
 
FasterXML jackson-databind unknown vulnerability0.00CVE-2020-36179
1673594.74.7
 
 
 
TP-LINK TL-WR840N Web Interface oal_ipt_addBridgeIsolationRules os command injection0.00CVE-2020-36178
1673585.55.5
 
 
 
wolfSSL Digest rsa.c RsaPad_PSS out-of-bounds write0.00CVE-2020-36177
1673573.73.7
 
 
 
iThemes Security Plugin Password Requirements weak password0.06CVE-2020-36176
1673565.55.5
 
 
 
Ninja Forms Plugin Email Validation unknown vulnerability0.05CVE-2020-36175
1673553.53.5
 
 
 
Ninja Forms Plugin Services Integration cross-site request forgery0.04CVE-2020-36174
1673543.53.5
 
 
 
Ninja Forms Plugin submissions-table Field cross site scripting0.06CVE-2020-36173
1673533.53.5
 
 
 
Advanced Custom Fields Plugin Dropdown cross site scripting0.07CVE-2020-36172
1673525.55.5
 
 
 
Elementor Website Builder Plugin unrestricted upload0.06CVE-2020-36171

Might our Artificial Intelligence support you?

Check our Alexa App!