CVSSv3 05/06/2021

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1746146.36.3
 
 
 
MapServer access control0.00CVE-2021-32062
1746133.73.7
 
 
 
openmptcprouter-vps-admin omr-admin.py timing discrepancy0.06CVE-2021-31245
1746125.55.5
 
 
 
GitLab Community Edition/Enterprise Edition Dependency Proxy unknown vulnerability0.06CVE-2021-22211
1746116.36.3
 
 
 
ShapeShift KeepKey Hardware Wallet Message ethereum.c ethereum_extractThorchainSwapData buffer overflow0.00CVE-2021-31616
1746105.55.5
 
 
 
NXP LPC55S6x ROM Patch Peripheral access control0.17CVE-2021-31532
1746095.35.3
 
 
 
Vaadin EmailValidator resource consumption0.06CVE-2021-31409
1746087.37.3
 
 
 
Jellyfin API Endpoint Download server-side request forgery0.00CVE-2021-29490
1746073.53.5
 
 
 
Business Directory Plugin cross-site request forgery0.06CVE-2021-24178
1746063.53.5
 
 
 
Business Directory Plugin cross-site request forgery0.06CVE-2021-24251
1746053.53.5
 
 
 
Business Directory Plugin Form Field cross site scripting0.07CVE-2021-24250
1746043.53.5
 
 
 
Business Directory Plugin cross-site request forgery0.00CVE-2021-24249
1746033.53.5
 
 
 
Contact Form Check Tester Plugin Dashboard cross site scripting0.06CVE-2021-24247
1746023.53.5
 
 
 
Workscout Core Plugin AJAX Action workscout_send_message_chat cross site scripting0.00CVE-2021-24246
1746013.53.5
 
 
 
Stop Spammers Plugin cross site scripting0.06CVE-2021-24245
1746003.53.5
 
 
 
WPBakery Page Builder Clipboard Plugin AJAX Action cross site scripting0.06CVE-2021-24243
1745995.55.5
 
 
 
WPBakery Page Builder Clipboard Plugin AJAX Action authorization0.00CVE-2021-24244
1745983.53.5
 
 
 
OpenID Connect Generic Client Plugin cross site scripting0.06CVE-2021-24214
1745973.53.5
 
 
 
Business Directory Plugin & Easy Listing Directories cross-site request forgery0.00CVE-2021-24179
1745967.37.3
 
 
 
stdlib ipaddress input validation0.17CVE-2021-29921
1745955.55.5
 
 
 
Linux Kernel KVM API out-of-bounds write0.11CVE-2021-3501
1745944.02.55.5
 
 
Cisco AnyConnect Secure Mobility Client Interprocess Communication input validation0.06CVE-2021-1519
1745933.43.4
 
 
 
Cisco SD-WAN CLI Command file access0.13CVE-2021-1512
1745927.47.07.8
 
 
Cisco AnyConnect Secure Mobility Client temp file0.25CVE-2021-1496
1745913.33.3
 
 
 
Cisco Wide Area Application Services CLI exposure of resource0.12CVE-2021-1438
1745907.47.07.8
 
 
Cisco AnyConnect Secure Mobility Client temp file0.25CVE-2021-1430
1745897.47.07.8
 
 
Cisco AnyConnect Secure Mobility Client temp file0.19CVE-2021-1429
1745887.47.07.8
 
 
Cisco AnyConnect Secure Mobility Client temp file0.18CVE-2021-1428
1745877.47.07.8
 
 
Cisco AnyConnect Secure Mobility Client temp file0.00CVE-2021-1427
1745867.47.07.8
 
 
Cisco AnyConnect Secure Mobility Client temp file0.18CVE-2021-1426
1745856.36.3
 
 
 
Cisco Video Surveillance 8000 Discovery Protocol Packet memory corruption0.00CVE-2021-1521
1745844.34.3
 
 
 
Cisco SD-WAN vManage Software API Endpoint access control0.12CVE-2021-1515
1745833.53.5
 
 
 
Cisco SD-WAN vManage Software Web-based Interface cross site scripting0.13CVE-2021-1507
1745824.34.3
 
 
 
Cisco Web Security Appliance Web-based Management Interface cross site scripting0.07CVE-2021-1490
1745816.36.3
 
 
 
Cisco SD-WAN vManage Software Web-based Messaging Service Interface access control0.06CVE-2021-1284
1745808.06.39.8
 
 
Online Book Store edit_book.php sql injection0.00CVE-2020-19114
1745798.06.39.8
 
 
Online Book Store admin_delete.php sql injection0.06CVE-2020-19112
1745787.37.3
 
 
 
Online Book Store admin_verify.php improper authentication0.06CVE-2020-19111
1745778.06.39.8
 
 
Online Book Store book.php sql injection0.06CVE-2020-19110
1745768.06.39.8
 
 
Online Book Store admin_edit.php sql injection0.06CVE-2020-19109
1745758.06.39.8
 
 
Online Book Store bookPerPub.php sql injection0.06CVE-2020-19108
1745748.06.39.8
 
 
Online Book Store edit_book.php sql injection0.00CVE-2020-19107
1745737.37.3
 
 
 
Cisco SD-WAN vManage Software Application access control0.12CVE-2021-1508
1745727.37.3
 
 
 
Cisco SD-WAN vManage Software Application access control0.12CVE-2021-1506
1745717.37.3
 
 
 
Cisco SD-WAN vManage Software Application access control0.17CVE-2021-1505
1745707.37.3
 
 
 
Cisco SD-WAN vManage Software Application access control0.17CVE-2021-1468
1745699.89.8
 
 
 
Cisco SD-WAN vManage Software access control0.52CVE-2021-1275
1745685.35.3
 
 
 
Cisco SD-WAN vManage Software Cluster Management Interface information disclosure0.12CVE-2021-1535
1745676.36.3
 
 
 
Cisco BroadWorks Messaging Server XML Data xml external entity reference0.00CVE-2021-1530
1745664.34.3
 
 
 
Content Security Management Appliance Web-based Management Interface information disclosure0.12CVE-2021-1516
1745655.35.3
 
 
 
Cisco SD-WAN vDaemon denial of service0.00CVE-2021-1513

Interested in the pricing of exploits?

See the underground prices here!