CVSSv3 05/22/2021

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1755203.53.5
 
 
 
Plone Products.CMFDiffTool inline_diff cross site scripting0.05CVE-2021-33513
1755193.53.5
 
 
 
Plone Upload cross site scripting0.00CVE-2021-33512
1755183.53.5
 
 
 
Plone Content Item cross site scripting0.05CVE-2021-33508
1755173.53.5
 
 
 
Zope Products.CMFCore/Products.PluggableAuthService cross site scripting0.00CVE-2021-33507
1755165.35.3
 
 
 
Dell Wyse Windows Embedded System authorization0.14CVE-2021-21552
1755158.88.8
 
 
 
Netgear GC108P setup.cgi os command injection0.10CVE-2021-33514
1755145.55.5
 
 
 
Plone lxml Parser server-side request forgery0.00CVE-2021-33511
1755133.53.5
 
 
 
libwebp resource consumption0.10CVE-2020-36332
1755123.53.5
 
 
 
libwebp ChunkAssignData out-of-bounds read0.05CVE-2020-36331
1755113.53.5
 
 
 
libwebp ChunkVerifyAndAssign out-of-bounds read0.00CVE-2020-36330
1755105.55.5
 
 
 
libwebp Thread use after free0.05CVE-2020-36329
1755095.55.5
 
 
 
libwebp WebPDecodeRGBInto heap-based overflow0.05CVE-2020-36328
1755085.55.5
 
 
 
libwebp ReadSymbol uninitialized resource0.05CVE-2018-25014
1755073.53.5
 
 
 
libwebp ShiftBytes out-of-bounds read0.10CVE-2018-25013
1755063.53.5
 
 
 
libwebp WebPMuxCreateInternal out-of-bounds read0.05CVE-2018-25012
1755055.55.5
 
 
 
libwebp PutLE16 heap-based overflow0.10CVE-2018-25011
1755043.53.5
 
 
 
libwebp ApplyFilter out-of-bounds read0.05CVE-2018-25010
1755033.53.5
 
 
 
libwebp WebPMuxCreateInternal out-of-bounds read0.05CVE-2018-25009
1755024.34.3
 
 
 
Dell EMC XtremIO XMS cross-site request forgery0.05CVE-2021-21549
1755015.35.3
 
 
 
Cisco Evolved Programmable Network CLI file inclusion0.19CVE-2021-1306
1755003.53.5
 
 
 
Cisco Finesse Web-based Management Interface cross site scripting0.10CVE-2021-1254
1754996.36.3
 
 
 
Cisco Finesse Web-based Management Interface redirect0.05CVE-2021-1358
1754987.27.2
 
 
 
Cisco DNA Spaces Connector os command injection0.05CVE-2021-1560
1754977.27.2
 
 
 
Cisco DNA Spaces Connector os command injection0.05CVE-2021-1559
1754966.76.7
 
 
 
Cisco DNA Spaces Connector CLI os command injection0.14CVE-2021-1558
1754956.76.7
 
 
 
Cisco DNA Spaces Connector CLI os command injection0.05CVE-2021-1557
1754944.74.7
 
 
 
Cisco Small Business Web-based Management Interface command injection0.05CVE-2021-1555
1754934.74.7
 
 
 
Cisco Small Business Web-based Management Interface command injection0.05CVE-2021-1554
1754924.74.7
 
 
 
Cisco Small Business Web-based Management Interface command injection0.05CVE-2021-1553
1754914.74.7
 
 
 
Cisco Small Business Web-based Management Interface command injection0.05CVE-2021-1552
1754904.74.7
 
 
 
Cisco Small Business Web-based Management Interface command injection0.00CVE-2021-1551
1754894.74.7
 
 
 
Cisco Small Business Web-based Management Interface command injection0.09CVE-2021-1550
1754884.74.7
 
 
 
Cisco Small Business Web-based Management Interface command injection0.00CVE-2021-1549
1754874.74.7
 
 
 
Cisco Small Business Web-based Management Interface command injection0.00CVE-2021-1548
1754864.74.7
 
 
 
Cisco Small Business Web-based Management Interface command injection0.04CVE-2021-1547
1754856.36.3
 
 
 
Cisco Modeling Labs HTTP Request argument injection0.05CVE-2021-1531
1754846.36.3
 
 
 
Cisco Prime Infrastructure Web-based Management Interface os command injection0.39CVE-2021-1487
1754834.34.3
 
 
 
Plone Event ical URL server-side request forgery0.19CVE-2021-33510
1754823.73.7
 
 
 
OpenID Provider weak prng0.00CVE-2008-3280
1754814.34.3
 
 
 
PuTTY Title denial of service0.19CVE-2021-33500
1754805.45.4
 
 
 
htmly path traversal0.00CVE-2020-23766
1754795.05.0
 
 
 
Emissary REST Endpoint WorkSpaceClientEnqueueAction.java deserialization0.00CVE-2021-32634
1754786.36.3
 
 
 
Plone Python Script Remote Privilege Escalation0.00CVE-2021-33509
1754773.73.7
 
 
 
IBM InfoSphere Information Server Query injection0.05CVE-2021-29681
1754765.55.5
 
 
 
Bludit Backup File plugin.php unrestricted upload0.19CVE-2020-23765
1754755.55.5
 
 
 
QibosoftX1 client_upgrade_edition.php code injection0.00CVE-2021-27811
1754743.53.5
 
 
 
PHPPYUN Alibaba Payment Interface alipay_function.php information disclosure0.00CVE-2020-23768
1754737.37.3
 
 
 
Backdoor.Win32.Singu.a Service Port 2211 buffer overflow0.05
1754727.37.3
 
 
 
Backdoor.Win32.SkyDance.216 Service Port 4000 buffer overflow0.00

Do you need the next level of professionalism?

Upgrade your account now!