CVSSv3 02/23/2021info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1703166.96.37.5
 
 
stunnel certificate validation0.95CVE-2021-20230
1703154.85.34.3
 
 
PostgreSQL Query authorization1.13CVE-2021-20229
1703148.38.87.8
 
 
Linux Kernel Object io_uring use after free1.17CVE-2021-20226
1703135.25.54.8
 
 
Undertow HTTP Request 1.x request smuggling1.08CVE-2021-20220
1703127.77.38.1
 
 
Openshift Installer Kublet missing authentication0.87CVE-2021-20198
1703117.16.38.0
 
 
ipTIME NAS-I Bulletin Manage unrestricted upload1.13CVE-2020-7847
1703104.34.34.3
 
 
IBM Planning Analytics information disclosure1.13CVE-2020-4953
1703098.57.39.8
 
 
theme-core utils.js command injection0.95CVE-2020-28432
1703088.57.39.8
 
 
wc-cmd index.js command injection1.04CVE-2020-28431
1703078.06.39.8
 
 
nuance-gulp-build-common index.js command injection1.08CVE-2020-28430
1703068.57.39.8
 
 
geojson2kml index.js command injection1.04CVE-2020-28429
1703054.13.54.8
 
 
fastadmin cross site scripting1.04CVE-2020-26609
1703047.56.38.8
 
 
Advantech WebAccess/SCADA WADashboard external reference1.13CVE-2020-25161
1703037.06.37.8
 
 
WECON LeviStudioU Project File buffer overflow0.87CVE-2020-16243
1703026.45.57.3
 
 
Keycloak HTTP Header authentication bypass0.91CVE-2020-14359
1703014.34.34.3
 
 
Rendertron Screenshot server-side request forgery0.91CVE-2020-8902
1703004.83.56.1
 
 
NanoHTTPD HTTP GET RouterNanoHTTPD.java GeneralHandler cross site scripting0.74CVE-2020-13697
1702997.35.59.1
 
 
netplex json-smart-v1/json-smart-v2 unusual condition1.13CVE-2021-27568
1702984.83.75.9
 
 
CIRA Canadian Shield App certificate validation0.91CVE-2021-27189
1702974.84.74.9
 
 
Nozomi Guardian/CMC Web GUI path traversal0.74CVE-2021-26725
1702964.74.7
 
 
 
Nozomi Guardian/CMC Web GUI os command injection0.91CVE-2021-26724
1702957.56.38.8
 
 
Atlassian JIRA Server for Slack Plugin Endpoint injection1.22CVE-2021-26068
1702944.43.35.5
 
 
Keybase Desktop Client Cache information disclosure1.13CVE-2021-23827
1702936.04.37.8
 
 
Luxion KeyShot Project File null pointer dereference1.09CVE-2021-22649
1702927.06.37.8
 
 
Luxion KeyShot Project File out-of-bounds write0.91CVE-2021-22647
1702917.06.37.8
 
 
Luxion KeyShot Network Share dll Remote Privilege Escalation1.00CVE-2021-22645
1702907.06.37.8
 
 
Luxion KeyShot Project File out-of-bounds read1.26CVE-2021-22643
1702897.56.38.8
 
 
Google Chrome Web Sockets use after free1.04CVE-2021-21157
1702887.56.38.8
 
 
Google Chrome V8 heap-based overflow0.96CVE-2021-21156
1702877.96.39.6
 
 
Google Chrome Tab Strip heap-based overflow1.35CVE-2021-21155
1702867.96.39.6
 
 
Google Chrome Tab Strip heap-based overflow1.13CVE-2021-21154
1702857.56.38.8
 
 
Google Chrome GPU Process stack-based overflow1.00CVE-2021-21153
1702847.56.38.8
 
 
Google Chrome Media heap-based overflow1.17CVE-2021-21152
1702837.96.39.6
 
 
Google Chrome Payments use after free0.87CVE-2021-21151
1702827.96.39.6
 
 
Google Chrome HTML Page use after free1.00CVE-2021-21150
1702817.56.38.8
 
 
Google Chrome Data Transfer buffer overflow1.30CVE-2021-21149
1702805.35.55.0
 
 
Atlassian atlassian-gadgets HTTP Request MessageBundleWhiteList server-side request forgery1.17CVE-2020-36232
1702795.24.36.1
 
 
Gist Chatbot Chatbox cross site scripting0.87CVE-2020-35852
1702785.35.35.3
 
 
Atlassian JIRA Server/Data Center CachingResourceDownloadRewriteRule information disclosure0.74CVE-2020-29453
1702775.35.35.3
 
 
Atlassian Confluence Server/Confluence Data Center ConfluenceResourceDownloadRewriteRule information disclosure1.34CVE-2020-29448
1702765.45.35.5
 
 
libxls XLS Cell Parser xls2csv.c null pointer dereference1.09CVE-2020-27819
1702754.86.33.3
 
 
ImageMagick quantum-private.h integer overflow1.08CVE-2020-27768
1702747.56.38.8
 
 
FontForge SFD File Parser out-of-bounds write1.21CVE-2020-25690

Want to stay up to date on a daily basis?

Enable the mail alert feature now!