CVSSv3 02/12/2021info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1698924.94.35.5
 
 
Telegram information disclosure0.06CVE-2021-27205
1698914.94.35.5
 
 
Telegram Passcode credentials storage0.06CVE-2021-27204
1698905.94.37.5
 
 
Sovremennye Delovye Tekhnologii FX Aggregator Terminal Client denial of service0.05CVE-2021-27188
1698895.94.37.5
 
 
Sovremennye Delovye Tekhnologii FX Aggregator Terminal Client login.sav credentials storage0.00CVE-2021-27187
1698887.76.39.1
 
 
Elecom File Manager pathname traversal0.00CVE-2021-20651
1698875.03.56.5
 
 
Elecom NCC-EWF100RMWH2 cross-site request forgery0.00CVE-2021-20650
1698865.25.64.8
 
 
Elecom WRC-300FEBK-S certificate validation0.09CVE-2021-20649
1698855.54.36.8
 
 
Elecom WRC-300FEBK-S os command injection0.05CVE-2021-20648
1698845.03.56.5
 
 
Elecom WRC-300FEBK-S cross-site request forgery0.00CVE-2021-20647
1698835.03.56.5
 
 
Elecom WRC-300FEBK-A cross-site request forgery0.00CVE-2021-20646
1698824.43.55.4
 
 
Elecom WRC-300FEBK-A cross site scripting0.05CVE-2021-20645
1698814.83.56.1
 
 
Elecom WRC-1467GHBK-A Web Setup Page cross site scripting0.04CVE-2021-20644
1698806.96.37.5
 
 
Elecom LD-PS-U1 access control0.05CVE-2021-20643
1698795.44.36.5
 
 
Logitec LAN-W300N-RS URL denial of service0.00CVE-2021-20642
1698785.03.56.5
 
 
Logitec LAN-W300N-RS cross-site request forgery0.00CVE-2021-20641
1698775.54.36.8
 
 
Logitec LAN-W300N-PGRB buffer overflow0.06CVE-2021-20640
1698765.54.36.8
 
 
Logitec LAN-W300N-PGRB os command injection0.05CVE-2021-20639
1698755.54.36.8
 
 
Logitec LAN-W300N-PGRB os command injection0.04CVE-2021-20638
1698745.44.36.5
 
 
Logitec LAN-W300N-PR5B URL denial of service0.05CVE-2021-20637
1698735.03.56.5
 
 
Logitec LAN-W300N-PR5B cross-site request forgery0.05CVE-2021-20636
1698724.32.16.5
 
 
Logitec LAN-WH450N-GR information disclosure0.00CVE-2021-20635
1698715.94.37.5
 
 
Joe Schofield get-ip-range package resource consumption0.05CVE-2021-27191
1698704.43.55.4
 
 
PEEL Shopping Cart change_params.php cross site scripting0.00CVE-2021-27190
1698695.53.57.5
 
 
Pelco Digital Sentry Server XML External Entity out-of-bounds read0.05CVE-2021-27184
1698685.53.57.5
 
 
Teradici PCoIP Soft Client null pointer dereference0.00CVE-2021-25690
1698678.06.39.8
 
 
Teradici PCoIP Soft Client out-of-bounds write0.00CVE-2021-25689
1698664.53.55.5
 
 
Teradici PCoIP Agent log file0.05CVE-2021-25688
1698655.85.56.1
 
 
Action Pack Host Authorization Middleware redirect0.05CVE-2021-22881
1698645.53.57.5
 
 
ActiveRecord PostgreSQL Adapter resource consumption0.05CVE-2021-22880
1698637.65.59.8
 
 
Advantech iView sql injection0.05CVE-2021-22658
1698625.53.57.5
 
 
Advantech iView pathname traversal0.06CVE-2021-22656
1698616.96.37.5
 
 
Advantech iView sql injection0.00CVE-2021-22654
1698608.06.39.8
 
 
Advantech iView Configuration missing authentication0.00CVE-2021-22652
1698596.76.37.2
 
 
VMware vSphere Replication command injection0.04CVE-2021-21976
1698587.37.3
 
 
 
Adminer adminer.php server-side request forgery0.05CVE-2021-21311
1698574.63.45.9
 
 
next-auth Prisma Database Adapter authentication spoofing0.05CVE-2021-21310
1698567.04.39.8
 
 
Lucee Server Admin authorization0.07CVE-2021-21307
1698553.42.64.3
 
 
Wire Video Capture information disclosure0.05CVE-2021-21301
1698546.85.68.1
 
 
hyper Crate Transfer-Encoding request smuggling0.00CVE-2021-21299
1698536.36.3
 
 
 
Adobe Acrobat Reader PDF File memory corruption0.00CVE-2021-21063
1698526.36.3
 
 
 
Adobe Acrobat Reader PDF File memory corruption0.00CVE-2021-21062
1698514.34.3
 
 
 
Adobe Acrobat PDF File use after free0.05CVE-2021-21061
1698504.34.3
 
 
 
Adobe Acrobat information disclosure0.05CVE-2021-21060
1698496.36.3
 
 
 
Adobe Acrobat Reader PDF File memory corruption0.00CVE-2021-21059
1698486.36.3
 
 
 
Adobe Acrobat Reader PDF File memory corruption0.05CVE-2021-21058
1698474.34.3
 
 
 
Adobe Acrobat Reader PDF File null pointer dereference0.05CVE-2021-21057
1698465.35.3
 
 
 
Adobe Dreamweaver untrusted search path0.05CVE-2021-21055
1698456.36.3
 
 
 
Adobe Illustrator out-of-bounds write0.06CVE-2021-21054
1698446.36.3
 
 
 
Adobe Illustrator out-of-bounds write0.05CVE-2021-21053
1698436.36.3
 
 
 
Adobe Animate out-of-bounds write0.00CVE-2021-21052

Interested in the pricing of exploits?

See the underground prices here!