CVSSv3 04/02/2021

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTICVE
1721405.55.5
 
 
 
 
wpa_supplicant/hostapd pkcs1.c Privilege Escalation0.03CVE-2021-30004
1721393.53.5
 
 
 
 
Nokia G-120W-F Administrative Interface cross site scripting0.02CVE-2021-30003
1721383.53.5
 
 
 
 
Linux Kernel Webcam v4l2-ioctl.c video_usercopy memory leak0.00CVE-2021-30002
1721375.55.5
 
 
 
 
LATRIX inandout.php sql injection0.05CVE-2021-30000
1721364.64.6
 
 
 
 
Apache CXF JWT Token server-side request forgery0.03CVE-2021-22696
1721353.53.5
 
 
 
 
Devolutions Server Type Document cross site scripting0.06CVE-2021-23925
1721343.53.5
 
 
 
 
Devolutions Server Diagnostic File information disclosure0.02CVE-2021-23924
1721336.36.3
 
 
 
 
Devolutions Server Windows Domain User improper authentication0.08CVE-2021-23923
1721323.53.5
 
 
 
 
Devolutions Remote Desktop Manager Webviews cross site scripting0.04CVE-2021-23922
1721315.55.5
 
 
 
 
Devolutions SERVER Password List Entry access control0.03CVE-2021-23921
1721304.34.3
 
 
 
 
node-etsy-client REST API information disclosure0.03CVE-2021-21421
1721295.05.0
 
 
 
 
vscode-stripe Repository injection0.05CVE-2021-21420
1721284.34.3
 
 
 
 
django-registration User Registration information exposure0.05CVE-2021-21416
1721273.53.5
 
 
 
 
Ansible Tower Modules log file0.04CVE-2021-3447
1721265.55.5
 
 
 
 
pikepdf Package XMP Metadata metadata.py xml external entity reference0.03CVE-2021-29421
1721256.36.3
 
 
 
 
eMPS Central Management sql injection0.06CVE-2021-28970
1721246.36.3
 
 
 
 
eMPS Email Search sql injection0.06CVE-2021-28969
1721233.53.5
 
 
 
 
Devolutions Remote Desktop Manager Administrative Reports cross site scripting0.05CVE-2021-28047
1721222.22.2
 
 
 
 
Pega Chat Access Group Portal access control0.04CVE-2021-27653
1721217.37.3
 
 
 
 
Kaspersky Internet Security Anti-Virus Protection protection mechanism0.00CVE-2021-26718
1721204.34.3
 
 
 
 
HPE Superdome Flex Server BMC Web Interface denial of service0.03CVE-2021-26581
1721193.53.5
 
 
 
 
HPE iLO Amplifier Pack cross site scripting0.02CVE-2021-26580
1721186.36.3
 
 
 
 
Atlassian Confluence Server/Confluence Data Center WidgetConnector Plugin server-side request forgery0.02CVE-2021-26072
1721173.53.5
 
 
 
 
GoCD backup cross-site request forgery0.04CVE-2021-25924
1721167.37.3
 
 
 
 
cURL/libcURL TLS 1.3 Handshake certificate validation0.03CVE-2021-22890
1721155.35.3
 
 
 
 
GitLab gitlab-vscode-extension Local Privilege Escalation0.05CVE-2021-22195
1721143.53.5
 
 
 
 
VMware Carbon Black Cloud Workload Appliance Administrative Interface information disclosure0.04CVE-2021-21982
1721134.34.3
 
 
 
 
Containers Storage Container Image locking0.03CVE-2021-20291
1721124.34.3
 
 
 
 
Zoho ManageEngine OpManager Spark Gateway denial of service0.03CVE-2021-20078
1721114.94.45.5
 
 
 
Huawei Smartphone Interface unknown vulnerability0.06CVE-2020-9149
1721104.94.45.5
 
 
 
Huawei Smartphone Interface denial of service0.03CVE-2020-9148
1721095.53.37.8
 
 
 
Huawei Smartphone Interface out-of-bounds read0.04CVE-2020-9147
1721083.33.3
 
 
 
 
Huawei Smartphone Interface memory leak0.03CVE-2020-9146
1721074.43.55.4
 
 
 
mblog profile cross site scripting0.00CVE-2020-19619
1721064.43.55.4
 
 
 
mblog editing cross site scripting0.07CVE-2020-19618
1721054.43.55.4
 
 
 
mblog profile cross site scripting0.06CVE-2020-19617
1721044.43.55.4
 
 
 
mblog Header Field editing cross site scripting0.06CVE-2020-19616
1721035.55.5
 
 
 
 
sunkaifei FlyCMS ImagesService.java saveUrlAs server-side request forgery0.03CVE-2020-19613
1721026.36.3
 
 
 
 
Trojan-Downloader.Win32.Delf.nzg Arquivos de Programas permission0.03
1721016.36.3
 
 
 
 
Trojan-Downloader.Win32.Delf.oxz RECYCLER permission0.02
1721006.36.3
 
 
 
 
Trojan-Downloader.Win32.Delf.ur Messenger permission0.03
1720994.34.3
 
 
 
 
PostgreSQL UPDATE Permission information exposure0.00CVE-2021-3393
1720986.36.3
 
 
 
 
Adobe Acrobat Reader PDF File improper validation of integrity check value0.03CVE-2021-28546
1720976.36.3
 
 
 
 
Adobe Acrobat Reader PDF File improper validation of integrity check value0.00CVE-2021-28545
1720965.35.3
 
 
 
 
Eclipse Jetty TLS Frame resource consumption0.04CVE-2021-28165
1720955.35.3
 
 
 
 
Eclipse Jetty Default Compliance Mode web.xml information disclosure0.00CVE-2021-28164
1720943.73.7
 
 
 
 
Eclipse Jetty Directory information disclosure0.06CVE-2021-28163
1720934.34.3
 
 
 
 
GitLab Community Edition/Enterprise Edition gitlab-shell denial of service0.00CVE-2021-22177
1720924.43.55.3
 
 
 
Academy Software Foundation OpenEXR Dwa Decompression null pointer dereference0.03CVE-2021-20296
1720917.37.3
 
 
 
 
ZeroMQ Server Decoder decoder_allocators.hpp out-of-bounds write0.04CVE-2021-20235

Do you need the next level of professionalism?

Upgrade your account now!