CVSSv3 02/04/2021info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1704674.64.6
 
4.6
 
Microsoft Edge unknown vulnerability0.16CVE-2021-24113
1692017.37.3
 
 
 
Decal Package extend Remote Code Execution0.00CVE-2020-28450
1692007.37.3
 
 
 
Decal Package set Remote Code Execution0.07CVE-2020-28449
1691996.36.3
 
 
 
Opart Devis resource injection0.06CVE-2020-16194
1691985.55.5
 
 
 
LG Mobile Devices USB laf Gadget use after free0.07CVE-2021-26689
1691975.55.5
 
 
 
LG Wing Mobile Devices Biometric Sensor unknown vulnerability0.00CVE-2021-26688
1691965.55.5
 
 
 
LG Mobile Device unknown vulnerability0.06CVE-2021-26687
1691957.37.3
 
 
 
SonicWall SSLVPN SMA100 sql injection0.05CVE-2021-20016
1691943.53.5
 
 
 
Rockwell Automation Flex IO ENIP Request Path Network Segment denial of service0.00CVE-2020-6088
1691936.36.3
 
 
 
SoftMaker Office PlanMaker heap-based overflow0.06CVE-2020-27249
1691926.36.3
 
 
 
SoftMaker Office PlanMaker heap-based overflow0.00CVE-2020-27248
1691916.36.3
 
 
 
SoftMaker Office PlanMaker heap-based overflow0.00CVE-2020-27247
1691903.73.7
 
 
 
HCL OneTest Performance excessive authentication0.00CVE-2020-14247
1691895.65.6
 
 
 
HCL OneTest Performance Basic Authentication improper authentication0.00CVE-2020-14246
1691885.35.3
 
 
 
HCL OneTest UI resource consumption0.06CVE-2020-14245
1691876.36.3
 
 
 
SoftMaker Office PlanMaker heap-based overflow0.00CVE-2020-13586
1691866.36.3
 
 
 
SoftMaker Office PlanMaker heap-based overflow0.00CVE-2020-13580
1691856.36.3
 
 
 
SoftMaker Office PlanMaker integer underflow0.00CVE-2020-13579
1691846.36.3
 
 
 
Bitcoin Core bitcoin-qt state issue0.00CVE-2021-3401
1691835.55.5
 
 
 
Favorites Component resource injection0.00CVE-2021-26024
1691823.53.5
 
 
 
Favorites Component cross site scripting0.00CVE-2021-26023
1691813.53.5
 
 
 
SquaredUp Dashboard cross site scripting0.79CVE-2020-9390
1691802.62.6
 
 
 
SquaredUp Login timing discrepancy0.59CVE-2020-9389
1691793.53.5
 
 
 
SquaredUp Dashboard cross-site request forgery0.46CVE-2020-9388
1691786.36.3
 
 
 
SolarWinds Serv-U Home Directory permission0.10CVE-2021-25276
1691773.33.3
 
 
 
SolarWinds Orion Platform SQL Server Backend access control0.09CVE-2021-25275
1691769.89.8
 
 
 
SolarWinds Orion Platform MSMQ permission0.05CVE-2021-25274
1691755.55.5
 
 
 
com.squareup:connect System Property prepareDownloadFilecreates temp file0.35CVE-2021-23331
1691743.53.5
 
 
 
NetApp Clustered Data ONTAP information disclosure0.00CVE-2020-8589
1691733.53.5
 
 
 
NetApp Clustered Data ONTAP information disclosure0.00CVE-2020-8588
1691723.53.5
 
 
 
Nextcloud Server Markdown cross site scripting0.00CVE-2020-8294
1691715.55.5
 
 
 
Realtek RTL8195A WPA2 Handshake ClientEAPOLKeyRecvd stack-based overflow0.09CVE-2020-25857
1691706.36.3
 
 
 
Realtek RTL8195A WPA2 Handshake DecWPA2KeyData stack-based overflow0.38CVE-2020-25856
1691693.53.5
 
 
 
JetBrains YouTrack Project information disclosure0.54CVE-2021-25771
1691686.36.3
 
 
 
Realtek RTL8195A WPA2 Handshake DecWPA2KeyData stack-based overflow1.57CVE-2020-25854
1691675.55.5
 
 
 
Realtek RTL8195A WPA2 Handshake CheckMic stack-based overflow0.91CVE-2020-25853
1691663.53.5
 
 
 
Alt-N MDaemon Webmail Contact List cross site scripting1.03CVE-2020-18724
1691654.34.3
 
 
 
Alt-N MDaemon Webmail File Attachment cross site scripting0.85CVE-2020-18723
1691646.36.3
 
 
 
Apache Shiro Spring Support improper authentication0.11CVE-2020-17523
1691632.62.6
 
 
 
Apache Cassandra missing encryption0.08CVE-2020-17516
1691626.36.3
 
 
 
Zoho ManageEngine Remote Access Plus User Administration Screen injection0.00CVE-2019-16268
1691615.55.5
 
 
 
JetBrains TeamCity User permission0.09CVE-2021-25778
1691605.55.5
 
 
 
JetBrains TeamCity Token Removal permission0.00CVE-2021-25777
1691593.53.5
 
 
 
JetBrains TeamCity ECR Token information disclosure0.00CVE-2021-25776
1691584.34.3
 
 
 
JetBrains TeamCity Access Token access control0.00CVE-2021-25775
1691573.53.5
 
 
 
JetBrains TeamCity GitHub Access Token information disclosure0.00CVE-2021-25774
1691563.53.5
 
 
 
JetBrains TeamCity cross site scripting0.00CVE-2021-25773
1691553.53.5
 
 
 
JetBrains TeamCity Server Integration denial of service0.43CVE-2021-25772
1691543.53.5
 
 
 
JetBrains YouTrack Project information disclosure0.55CVE-2021-25771
1691535.55.5
 
 
 
JetBrains YouTrack Template injection0.00CVE-2021-25770

Want to stay up to date on a daily basis?

Enable the mail alert feature now!