CVSSv3 01/16/2021

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1680586.55.37.8
 
 
Docker Desktop Community certificate validation0.00CVE-2021-3162
1680577.56.38.8
 
 
OneDev KubernetesResource REST Endpoint path traversal0.00CVE-2021-21251
1680565.44.36.5
 
 
OneDev XML Document XmlBuildSpecMigrator.migrate information disclosure0.00CVE-2021-21250
1680557.56.38.8
 
 
OneDev YAML Parser deserialization0.05CVE-2021-21249
1680547.56.38.8
 
 
OneDev injection0.05CVE-2021-21248
1680537.56.38.8
 
 
OneDev AJAX Event Listener improper authentication0.00CVE-2021-21247
1680526.45.37.5
 
 
OneDev REST UserResource Endpoint {id} authorization0.05CVE-2021-21246
1680518.57.39.8
 
 
OneDev AttachmentUploadServlet request.getInputStream unrestricted upload0.06CVE-2021-21245
1680508.57.39.8
 
 
OneDev Bean Message injection0.04CVE-2021-21244
1680498.57.39.8
 
 
OneDev Kubernetes REST Endpoint improper authentication0.04CVE-2021-21243
1680488.57.39.8
 
 
OneDev AttachmentUploadServlet deserialization0.00CVE-2021-21242
1680476.14.57.8
 
 
Git LFS git.exe untrusted search path0.00CVE-2021-21237
1680467.87.8
 
 
 
Juniper Junos telnetd.real unnecessary privileges0.00CVE-2021-0223
1680456.56.5
 
 
 
Juniper Junos Protocol Packet denial of service0.06CVE-2021-0222
1680446.56.5
 
 
 
Juniper Junos IRB Interface denial of service0.07CVE-2021-0221
1680433.13.1
 
 
 
Juniper Junos Space Network Management Platform credentials storage0.07CVE-2021-0220
1680427.87.8
 
 
 
Juniper Junos Package Validation Subsystem command injection0.00CVE-2021-0219
1680418.48.4
 
 
 
Juniper Junos License-Check Daemon command injection0.00CVE-2021-0218
1680408.88.8
 
 
 
Juniper Junos DHCP Packet memory corruption0.00CVE-2021-0217
1680396.56.5
 
 
 
Juniper Junos 802.1X Authenticator Port Interface resource consumption0.00CVE-2021-0215
1680383.33.3
 
 
 
Juniper Networks Contrail information disclosure0.00CVE-2021-0212
1680378.68.6
 
 
 
Juniper Junos Routing Protocol denial of service0.08CVE-2021-0211
1680364.34.3
 
 
 
Juniper Junos J-Web information disclosure0.00CVE-2021-0210
1680356.56.5
 
 
 
Juniper Junos BGP UPDATE uninitialized pointer0.07CVE-2021-0209
1680344.34.3
 
 
 
Juniper Junos Routing Protocol denial of service0.07CVE-2021-0208
1680335.35.3
 
 
 
Juniper Junos denial of service0.05CVE-2021-0207
1680327.57.5
 
 
 
Juniper Junos Packet Forwarding Engine denial of service0.05CVE-2021-0206
1680317.37.3
 
 
 
Juniper MX IDS 32 access control0.00CVE-2021-0205
1680303.33.3
 
 
 
Juniper Junos dexp information disclosure0.00CVE-2021-0204
1680295.35.3
 
 
 
Juniper EX/QFX5K RTG denial of service0.09CVE-2021-0203
1680285.35.3
 
 
 
Juniper EX9200 IRB Interface memory leak0.07CVE-2021-0202
1680276.04.37.7
 
 
Simple Board Job Plugin pathname traversal0.04CVE-2020-35749
1680264.43.55.4
 
 
FV Flowplayer Video Player list-table.php fv_wp_fvvideoplayer_src cross site scripting0.00CVE-2020-35748
1680256.96.37.5
 
 
Erlang OTP X.509 Certificate certificate validation0.06CVE-2020-35733
1680245.84.67.0
 
 
Malwarebytes Launch Daemon posix_spawn race condition0.12CVE-2020-25533
1680236.96.37.5
 
 
Aruba AirWave Glass server-side request forgery0.00CVE-2020-24641
1680227.65.59.8
 
 
Aruba Airwave Glass Environment input validation0.00CVE-2020-24640
1680217.65.59.8
 
 
Aruba Airwave Glass Java deserialization0.00CVE-2020-24639
1680207.27.27.2
 
 
Aruba Airwave Glass glassadmin CLI Remote Privilege Escalation0.04CVE-2020-24638
1680194.83.56.1
 
 
ownCloud Forgot Password cross site scripting0.00CVE-2020-16255
1680184.43.55.4
 
 
SolarWinds Web Help Desk Schedule Name cross site scripting0.00CVE-2019-16961
1680175.35.3
 
 
 
Backdoor.Win32.Nucleroot.t MaskPE xmllite.dll buffer overflow0.00
1680165.35.3
 
 
 
Backdoor.Win32.Nucleroot.bi MaskPE buffer overflow0.00

Do you want to use VulDB in your project?

Use the official API to access entries easily!