CVSSv3 02/25/2021

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1704035.94.77.2
 
 
Nagios XI Web System graphtemplates.php code injection0.06CVE-2021-3273
1704026.36.3
 
 
 
Adobe Bridge TTF File out-of-bounds write0.00CVE-2021-21066
1704016.36.3
 
 
 
Adobe Bridge TTF File out-of-bounds write0.07CVE-2021-21065
1704002.72.7
 
 
 
Magento UPWARD-php/UPWARD Connector YAML File path traversal0.00CVE-2021-21064
1703997.98.87.0
 
 
openSUSE cyrus-sasl temp file0.09CVE-2020-8032
1703986.85.58.1
 
 
Dropbear Filename scp.c unknown vulnerability0.08CVE-2020-36254
1703974.83.56.1
 
 
comrak Crate cross site scripting0.07CVE-2021-27671
1703967.65.59.8
 
 
Appspace jsonprequest server-side request forgery0.06CVE-2021-27670
1703954.94.35.5
 
 
Cisco AnyConnect Secure Mobility Client Interprocess Communication denial of service0.05CVE-2021-1450
1703946.97.36.5
 
 
Cisco Application Services Engine missing authentication0.08CVE-2021-1396
1703938.57.39.8
 
 
Cisco Application Services Engine missing authentication0.00CVE-2021-1393
1703929.18.310.0
 
 
Cisco ACI Multi-Site Orchestrator API Endpoint privileges management0.00CVE-2021-1388
1703918.07.58.6
 
 
Cisco NX-OS IPv6 memory leak0.05CVE-2021-1387
1703906.95.08.8
 
 
Cisco FXOS/NX-OS UDLD out-of-bounds write0.08CVE-2021-1368
1703894.34.3
 
 
 
Cisco NX-OS Protocol Independent Multicast denial of service0.00CVE-2021-1367
1703887.37.3
 
 
 
Cisco NX-OS Service Port 9075 file access0.05CVE-2021-1361
1703875.45.4
 
 
 
Cisco Nexus 9000 SFP Interface access control0.07CVE-2021-1231
1703867.57.5
 
 
 
Cisco Nexus 9000 BGP UPDATE Message denial of service0.05CVE-2021-1230
1703855.35.35.3
 
 
Cisco NX-OS ICMPv6 memory leak0.07CVE-2021-1229
1703845.45.4
 
 
 
Cisco Nexus 9000 ACI Mode access control0.05CVE-2021-1228
1703835.63.18.1
 
 
Cisco NX-OS NX-API cross-site request forgery0.07CVE-2021-1227
1703824.43.55.4
 
 
LightCMS SensitiveWords cross site scripting0.00CVE-2021-3355
1703813.95.32.5
 
 
GNU C Library nscd netgroupcache.c double free0.06CVE-2021-27645
1703808.06.39.8
 
 
Advantech BB-ESWGP506-2SFP-T hard-coded credentials0.05CVE-2021-22667
1703796.36.3
 
 
 
OpenSLP Service Port 427 heap-based overflow0.05CVE-2021-21974
1703785.55.5
 
 
 
VMware vCenter Server/Cloud Foundation vSphere Client server-side request forgery0.08CVE-2021-21973
1703776.36.3
 
9.8
 
VMware vCenter Server/Cloud Foundation vSphere Client Remote Privilege Escalation0.06CVE-2021-21972

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!