CVSSv3 04/16/2021

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1731535.35.3
 
 
 
vscode-bazel JSON Config File file inclusion0.00CVE-2021-22539
1731525.05.0
 
 
 
vscode-rpm-spec Extension Workspace Configuration Remote Code Execution0.00CVE-2021-31414
1731516.36.3
 
 
 
Tenda G1/G3 umountUSBPartition formSetUSBPartitionUmount os command injection0.06CVE-2021-27692
1731506.36.3
 
 
 
Tenda G0/G1/G3 setDebugCfg formSetDebugCfg os command injection0.06CVE-2021-27691
1731496.36.3
 
 
 
Atlassian Connect Spring Boot Lifecycle Endpoint improper authentication0.05CVE-2021-26074
1731486.36.3
 
 
 
Atlassian Connect Express Lifecycle Endpoint improper authentication0.00CVE-2021-26073
1731473.53.5
 
 
 
Synology QTS/QuTS Hero/QuTScloud File Station cross site scripting0.06CVE-2018-19942
1731463.03.0
 
 
 
Wfilter ICF User-Agent Header cross site scripting0.06CVE-2021-3243
1731455.55.5
 
 
 
dio Package HTTP Method injection0.06CVE-2021-31402
1731446.36.3
 
 
 
Apache OpenOffice Hyperlink Remote Code Execution0.07CVE-2021-30245
1731434.34.3
 
 
 
WordPress Editor information disclosure0.17CVE-2021-29450
1731424.34.3
 
 
 
Pi-hole Admin Portal cross site scripting0.17CVE-2021-29448
1731416.36.3
 
 
 
WordPress Media Library Parser xml external entity reference0.17CVE-2021-29447
1731404.34.3
 
 
 
Matrix Sydent resource consumption0.12CVE-2021-29433
1731394.64.6
 
 
 
Matrix Sydent Email input validation0.06CVE-2021-29432
1731384.34.3
 
 
 
Matrix Sydent HTTP GET Request server-side request forgery0.06CVE-2021-29431
1731375.35.3
 
 
 
Matrix Sydent HTTP Request resource consumption0.06CVE-2021-29430
1731362.62.6
 
 
 
Centreon Centreon Web cross-site request forgery0.06CVE-2021-28055
1731358.06.39.8
 
 
LightCMS External Image NEditorController.php Remote Privilege Escalation0.17CVE-2021-27112
1731344.34.3
 
 
 
HPE IceWall SSO Domain Gateway Option Module cross site scripting0.06CVE-2021-26582
1731333.73.7
 
 
 
Fielcoin Lotus BLS Signature Validation VerifyCompressed signature verification0.06CVE-2021-21405
1731326.36.3
 
 
 
QED ResourceXpress URL input validation0.06CVE-2020-28898
1731313.53.5
 
 
 
GNU Binutils BFD Library memory allocation0.06CVE-2021-3487
1731305.55.5
 
 
 
ezXML XML File Parser libezxml.a ezxml_internal_dtd out-of-bounds write0.06CVE-2021-31229
1731298.08.0
 
 
 
Textpattern Plug-In unrestricted upload0.06CVE-2021-30209
1731286.36.3
 
 
 
Adobe Photoshop JSX File Parser buffer overflow0.06CVE-2021-28549
1731276.36.3
 
 
 
Adobe Photoshop JSX File Parser buffer overflow0.06CVE-2021-28548
1731263.13.1
 
 
 
b2evolution evoadm.php sql injection0.06CVE-2021-28242
1731253.53.5
 
 
 
Tribal Systems Zenario CMS admin_boxes.ajax.php cross site scripting0.06CVE-2021-27673
1731243.13.1
 
 
 
Tribal Systems Zenario CMS admin_boxes.ajax.php sql injection0.06CVE-2021-27672
1731235.35.3
 
 
 
Adobe Bridge Genuine Software Service improper authorization0.06CVE-2021-21096
1731225.35.3
 
 
 
Adobe Bridge out-of-bounds write0.00CVE-2021-21095
1731215.35.3
 
 
 
Adobe Bridge out-of-bounds write0.12CVE-2021-21094
1731205.35.3
 
 
 
Adobe Bridge memory corruption1.87CVE-2021-21093
1731195.35.3
 
 
 
Adobe Bridge buffer overflow0.13CVE-2021-21092
1731183.33.3
 
 
 
Adobe Bridge out-of-bounds read0.00CVE-2021-21091
1731174.34.3
 
 
 
Adobe ColdFusion cross site scripting0.07CVE-2021-21087
1731167.37.3
 
 
 
Ceph CEPHX_GET_AUTH_SESSION_KEY Request improper authentication0.08CVE-2021-20288
1731156.36.3
 
 
 
Cosori Smart Air Fryer CS158-AF JSON Object backdoor0.35CVE-2020-28593
1731146.36.3
 
 
 
Cosori Smart Air Fryer CS158-AF JSON Object heap-based overflow0.13CVE-2020-28592
1731137.37.3
 
 
 
OpenClinic GA getAssets.jsp sql injection0.00CVE-2020-27239
1731127.37.3
 
 
 
Tilde OpenClinic GA getAssets.jsp sql injection0.07CVE-2020-27238
1731117.37.3
 
 
 
OpenClinic GA getAssets.jsp sql injection0.09CVE-2020-27237

Do you know our Splunk app?

Download it now for free!