CVSSv3 01/19/2021info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1681134.83.56.1
 
 
MISP global_menu.ctp cross site scripting0.06CVE-2021-3184
1681126.96.37.5
 
 
Files.com Fat Client improper authentication0.00CVE-2021-3183
1681116.75.58.0
 
 
D-Link DCS-5220 buffer overflow0.00CVE-2021-3182
1681105.95.36.5
 
 
Mutt Email Message rfc822.c memory allocation0.00CVE-2021-3181
1681094.83.56.1
 
 
MISP Galaxy Cluster Element index.ctp cross site scripting0.00CVE-2021-25325
1681084.83.56.1
 
 
MISP Galaxy Cluster View view.ctp cross site scripting0.00CVE-2021-25324
1681077.76.39.1
 
 
MISP Password weak password0.06CVE-2021-25323
1681066.85.58.1
 
 
Micro Focus Application Lifecycle Management xml external entity reference0.00CVE-2021-22498
1681055.63.77.5
 
 
IBM Planning Analytics TLS Communication certificate validation0.04CVE-2020-4881
1681045.35.35.3
 
 
IBM Planning Analytics unknown vulnerability0.00CVE-2020-4873
1681034.43.35.5
 
 
IBM Planning Analytics information disclosure0.00CVE-2020-4871
1681026.23.59.0
 
 
Mautic Social Monitoring cross site scripting0.00CVE-2020-35129
1681016.23.59.0
 
 
Mautic Javascript File cross site scripting0.00CVE-2020-35128
1681007.25.68.8
 
 
fastify-csrf Package cookie without 'httponly' flag0.07CVE-2020-28482
1680995.87.34.3
 
 
socket.io Packet CORS unknown vulnerability0.00CVE-2020-28481
1680988.57.39.8
 
 
jointjs Package util.setByPath code injection0.07CVE-2020-28480
1680975.63.77.5
 
 
jointjs Package unsetByPath denial of service0.03CVE-2020-28479
1680967.56.38.8
 
 
Zoho ManageEngine Applications Manager sql injection0.06CVE-2020-27733
1680955.13.56.8
 
 
Pixelimity setting.php cross-site request forgery0.00CVE-2020-23522
1680946.13.58.8
 
 
CMS edit.php cross-site request forgery0.00CVE-2020-23342
1680934.83.75.9
 
 
Microchip Libraries for Applications PKCS information disclosure0.00CVE-2020-20950
1680925.35.3
 
 
 
gsap Package denial of service0.06CVE-2020-28478
1680915.35.3
 
 
 
immer Package denial of service0.06CVE-2020-28477
1680908.57.39.8
 
 
aws-sdk shared-ini-file-loader INI File Parser injection0.06CVE-2020-28472
1680896.46.36.5
 
 
Linux Kernel NFS Export nfs3xdr.c no_subtree_check path traversal0.08CVE-2021-3178
1680888.57.39.8
 
 
Python callproc.c PyCArg_repr buffer overflow0.07CVE-2021-3177
1680876.36.3
 
 
 
Hgiga EIP Online Registration sql injection0.00CVE-2021-22852
1680867.37.3
 
 
 
Hgiga EIP Document Management Page sql injection0.00CVE-2021-22851
1680857.55.39.8
 
 
HGiga EIP permission assignment0.05CVE-2021-22850
1680844.83.56.1
 
 
GROWI cross site scripting0.00CVE-2021-20619
1680835.44.36.5
 
 
Atlassian Confluence Server/Data Center Avatar Upload denial of service0.09CVE-2020-29450
1680824.43.35.5
 
 
McAfee Agent Update denial of service0.00CVE-2020-7343
1680816.55.57.5
 
 
Archive_Tar Tar.php pathname traversal0.05CVE-2020-36193
1680805.86.35.3
 
 
Source Integration Plugin Private Project view.php access control0.00CVE-2020-36192
1680798.88.8
 
 
 
Email-Worm.Win32.Agent.gi Microsoft ASPI Manager aspimgr.exe buffer overflow0.06
1680786.36.3
 
 
 
Backdoor.Win32.NetBull.11.a Service Port 23444 infected.exe stack-based overflow0.00
1680776.36.3
 
 
 
Constructor.Win32.SMWG.c VBS Script sucke.vbs permission0.00
1680766.36.3
 
 
 
Constructor.Win32.SMWG.a VBS Script sucke.vbs permission0.00
1680756.36.3
 
 
 
Newfuture Trojan Fast_sms Server permission0.00

Interested in the pricing of exploits?

See the underground prices here!