CVSSv3 06/02/2021info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTICVE
1762643.53.5
 
 
 
 
FFmpeg af_acrossover.c config_input memory leak0.02CVE-2020-22056
1762634.34.3
 
 
 
 
FFmpeg dict.c av_dict_set memory leak0.05CVE-2020-22054
1762623.53.5
 
 
 
 
Infinispan GET Request cross-site request forgery0.03CVE-2020-10771
1762613.33.3
 
 
 
 
Avahi Client Connection client_work infinite loop0.07CVE-2021-3468
1762608.08.0
 
 
 
 
QEMU vhost-user-gpu out-of-bounds write0.04CVE-2021-3546
1762593.53.5
 
 
 
 
QEMU virtio vhost-user GPU Device vhost-user-gpu.c memory leak0.05CVE-2021-3544
1762583.53.5
 
 
 
 
noobaa-core HTML Document cross site scripting0.03CVE-2021-3529
1762573.53.5
 
 
 
 
GStreamer ID3v2 Tag out-of-bounds read0.06CVE-2021-3522
1762565.55.5
 
 
 
 
OVN-Kubernetes Egress Firewall authorization0.06CVE-2021-3499
1762555.55.5
 
 
 
 
Istio Routing Configuration improper authorization0.03CVE-2021-31921
1762545.55.5
 
 
 
 
AOMedia libaom grain_table.c use after free0.04CVE-2021-30474
1762535.55.5
 
 
 
 
merge-deep Library Prototype Object.prototype injection0.07CVE-2021-26707
1762522.72.7
 
 
 
 
McAfee Database Security Administrator Interface cleartext transmission0.03CVE-2021-23896
1762515.55.5
 
 
 
 
Eclipse Mojarra pathname traversal0.06CVE-2020-6950
1762503.53.5
 
 
 
 
QEMU hcd-dwc2 USB Host Controller Emulation hcd-dwc2.c dwc2_handle_packet divide by zero0.02CVE-2020-27661
1762495.55.5
 
 
 
 
LibRaw identify.cpp identify_process_dng_fields stack-based overflow0.03CVE-2020-24870
1762483.53.5
 
 
 
 
lrzsz zsdata information disclosure0.02CVE-2018-10195
1762473.53.5
 
 
 
 
OpenStack Swift Proxy-Server Log information disclosure0.02CVE-2017-8761
1762466.36.3
 
 
 
 
file cdf_read_ssat buffer overflow0.05CVE-2009-0948
1762455.05.0
 
 
 
 
file cdf_read_sat integer overflow0.05CVE-2009-0947
1762445.65.6
 
 
 
 
Fortinet FortiGate SSLVPN certificate validation0.07CVE-2021-24012
1762433.53.5
 
 
 
 
Openshift Container Platform Restricted Security Context Constraints allocation of resources0.07CVE-2020-14336
1762425.55.5
 
 
 
 
OpenShift kubeconfig privileges assignment0.03CVE-2020-35514
1762413.53.5
 
 
 
 
QEMU virtio vhost-user GPU Device virgl.c virgl_cmd_get_capset_info information disclosure0.00CVE-2021-3545
1762402.62.6
 
 
 
 
Satori go.uuid g.rand.Read weak prng0.04CVE-2021-3538
1762393.13.1
 
 
 
 
KDE Messagelib Encrypted Message viewer_p.cpp deleteAttachment missing encryption0.02CVE-2021-31855
1762383.53.5
 
 
 
 
Pillow BLP Data BlpImagePlugin denial of service0.04CVE-2021-28678
1762373.53.5
 
 
 
 
Pillow EPS File EPSImageFile resource consumption0.00CVE-2021-28677
1762363.53.5
 
 
 
 
Pillow FLI Data FliDecode infinite loop0.02CVE-2021-28676
1762353.53.5
 
 
 
 
Pillow Data Block PSDImagePlugin.PsdImageFile denial of service0.02CVE-2021-28675
1762343.53.5
 
 
 
 
Pillow j2ku_gray_i out-of-bounds read0.00CVE-2021-25288
1762333.53.5
 
 
 
 
Pillow j2ku_graya_la out-of-bounds read0.00CVE-2021-25287
1762323.53.5
 
 
 
 
Red Hat jboss-remoting Message resource consumption0.03CVE-2020-35510
1762313.53.5
 
 
 
 
QEMU ahci.c ahci_commit_buf denial of service0.02CVE-2019-12067
1762305.55.5
 
 
 
 
lz4 memmove out-of-bounds write0.04CVE-2021-3520
1762295.55.5
 
 
 
 
McAfee Database Security deserialization0.02CVE-2021-23895
1762286.36.3
 
 
 
 
McAfee Database Security deserialization0.05CVE-2021-23894
1762273.53.5
 
 
 
 
xnio Garbage Collection resource consumption0.00CVE-2020-14340
1762263.53.5
 
 
 
 
RESTEasy Route Cache resource consumption0.02CVE-2020-14326
1762253.53.5
 
 
 
 
Red Hat JBoss Enterprise Application Platform race condition0.03CVE-2020-14317
1762246.36.3
 
 
 
 
Xdg-utils xdg-open open_generic_xdg_mime Privilege Escalation0.00CVE-2015-1877
1762237.37.3
 
 
 
 
Red Hat Satellite improper authentication0.05CVE-2020-14380
1762226.36.3
 
 
 
 
Red Hat 3scale API Management Platform API Admin Portal permission0.02CVE-2020-14388
1762214.34.3
 
 
 
 
Red Hat Satellite VM information disclosure0.03CVE-2020-14371
1762203.53.5
 
 
 
 
Red Hat Satellite OMAPI Secret information disclosure0.02CVE-2020-14335
1762194.34.3
 
 
 
 
FFmpeg vf_tile.c filter_frame memory leak0.03CVE-2020-22051
1762184.34.3
 
 
 
 
FFmpeg wtvdec.c wtvfile_open_sector memory leak0.03CVE-2020-22049
1762174.34.3
 
 
 
 
FFmpeg framepool.c ff_frame_pool_get memory leak0.07CVE-2020-22048
1762164.34.3
 
 
 
 
FFmpeg float_dsp.c avpriv_float_dsp_allocl memory leak0.06CVE-2020-22046
1762153.53.5
 
 
 
 
GNU libiberty Symbol rust-demangle.c demangle_path recursion0.03CVE-2021-3530

Do you want to use VulDB in your project?

Use the official API to access entries easily!