CVSSv3 06/07/2021

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1764233.53.5
 
 
 
Accela Civic Platform Parameter hostSignon.do cross site scripting0.65CVE-2021-33904
1764223.53.5
 
 
 
Zoho ManageEngine Key Manager Plus User-Management Page cross site scripting0.50CVE-2021-28382
1764214.34.3
 
 
 
PageLayer Color Settings cross site scripting0.60CVE-2020-36384
1764204.34.3
 
 
 
PageLayer Parameter cross site scripting0.80CVE-2020-36383
1764196.36.3
 
 
 
Sharp NEC UN462A HTTP Request buffer overflow0.80CVE-2021-20699
1764185.55.5
 
 
 
Red Hat WildFly EJBContext Principle privileges management0.50CVE-2020-1719
1764177.37.3
 
 
 
ArcGIS Server sql injection0.75CVE-2021-29099
1764168.88.8
 
 
 
Sharp NEC UN462A HTTP Request Remote Privilege Escalation0.80CVE-2021-20698
1764153.53.5
 
 
 
iFlyChat Plugin APP ID Setting cross site scripting0.55CVE-2021-24343
1764142.42.4
 
 
 
Easy Preloader Plugin cross site scripting0.64CVE-2021-24344
1764133.53.5
 
 
 
JNews Theme POST Request ?ajax-request=jnews cross site scripting0.54CVE-2021-24342
1764126.36.3
 
 
 
FlightLog Plugin POST sql injection0.64CVE-2021-24336
1764115.35.3
 
 
 
Wireshark DVB-S2-BB Dissector denial of service0.84CVE-2021-22222
1764106.36.3
 
 
 
WP Statistics Plugin esc_sql sql injection0.84CVE-2021-24340
1764096.36.3
 
 
 
Video Embed Plugin GET Parameter sql injection0.49CVE-2021-24337
1764083.73.7
 
 
 
IBM DataPower Gateway GET Request information disclosure0.39CVE-2020-5008
1764075.55.5
 
 
 
Linux Kernel ucma.c ucma_migrate_id use after free0.49CVE-2020-36385
1764063.13.1
 
 
 
IBM WebSphere Application Server Network Deployment path traversal0.51CVE-2021-20517
1764055.55.5
 
 
 
Nginx Autoindex Module integer overflow0.65CVE-2017-20005
1764043.53.5
 
 
 
2sic 2sxc ui.html cross site scripting0.70CVE-2020-26885
1764035.65.6
 
 
 
Tencent GameLoop Update cleartext transmission0.56CVE-2021-33879
1764026.36.3
 
 
 
Backdoor.Win32.Neakse.bit permission0.00
1764015.05.0
 
 
 
Invoice Ninja AccountRepository.php deserialization0.45CVE-2021-33898
1764007.37.3
 
 
 
Trojan-Dropper.Win32.Googite.a Service Port 1202 backdoor0.05
1763997.37.3
 
 
 
Backdoor.Win32.Wollf.12 Service Port 7614 backdoor0.10

Want to stay up to date on a daily basis?

Enable the mail alert feature now!