CVSSv3 06/10/2021info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1768276.86.8
 
 
 
NetSetMan Pro Save Log to File Local Privilege Escalation0.79CVE-2021-34546
1768267.87.8
 
 
 
McAfee Agent uncontrolled search path1.49CVE-2021-31840
1768256.36.3
 
 
 
McAfee Agent MA Event Folder privileges management1.29CVE-2021-31839
1768244.43.55.4
 
 
Trace Financial CRESTBridge cross site scripting0.99CVE-2020-24668
1768234.43.55.4
 
 
Trace Financial CRESTBridge cross site scripting0.89CVE-2020-24663
1768223.53.5
 
 
 
Irzip stream.c lzma_decompress_buf use after free0.99CVE-2021-27347
1768216.36.3
 
 
 
F5 BIG-IP APM/BIG-IP APM Clients Windows Installer Service permission1.19CVE-2021-23022
1768205.55.5
 
 
 
MongoDB Go Driver BSON injection0.89CVE-2021-20329
1768197.56.38.8
 
 
Trace Financial CRESTBridge sql injection0.89CVE-2020-24671
1768187.56.38.8
 
 
Trace Financial CRESTBridge sql injection0.99CVE-2020-24667
1768174.34.3
 
 
 
XScreenSaver Video Output update_screen_layout buffer overflow0.49CVE-2021-34557
1768167.37.3
 
 
 
LabCup Save API improper authentication0.60CVE-2021-33031
1768153.53.5
 
 
 
Irzip stream.c ucompthread null pointer dereference0.40CVE-2021-27345
1768143.53.5
 
 
 
Irzip stream.c lzo_decompress_buf null pointer dereference0.50CVE-2020-25467
1768133.53.5
 
 
 
Kiuwan Plugin Query Parameter cross site scripting0.50CVE-2021-21666
1768123.53.5
 
 
 
XebiaLabs XL Deploy Plugin cross-site request forgery0.79CVE-2021-21665
1768113.53.5
 
 
 
TP-Link TL-SG2005/TL-SG2008 cross-site request forgery0.60CVE-2021-31659
1768103.53.5
 
 
 
PRTG Network Monitor editsettings cross-site request forgery0.70CVE-2021-34547
1768094.64.6
 
 
 
XebiaLabs XL Deploy Plugin authorization1.06CVE-2021-21664
1768084.64.6
 
 
 
XebiaLabs XL Deploy Plugin authorization0.58CVE-2021-21663
1768073.53.5
 
 
 
XebiaLabs XL Deploy Plugin authorization0.67CVE-2021-21662
1768065.55.5
 
 
 
Kubernetes CLI Plugin HTTP Endpoint authorization0.69CVE-2021-21661
1768053.53.5
 
 
 
SmartStream Transaction Lifecycle Management Reconciliation Premium cross site scripting0.67CVE-2020-24662
1768043.53.5
 
 
 
Grant Averett Cerberus FTP Server Web Client cross site scripting1.09CVE-2019-25046
1768035.55.5
 
 
 
Annex Cloud Loyalty Experience Platform Campaign access control0.50CVE-2021-31929
1768025.55.5
 
 
 
Annex Cloud Loyalty Experience Platform access control0.59CVE-2021-31928
1768014.64.6
 
 
 
Annex Cloud Loyalty Experience Platform resource injection0.69CVE-2021-31927
1768005.55.5
 
 
 
TP-Link TL-SG2005/TL-SG2008 Device Description Interface array index0.60CVE-2021-31658
1767995.55.5
 
 
 
LANCOM R&S Unified Firewall path traversal0.77CVE-2021-31538
1767985.55.5
 
 
 
F5 BIG-IP APM/BIG-IP APM Clients Windows Installer cachecleaner.dll uncontrolled search path0.96CVE-2021-23023
1767975.55.5
 
 
 
ZTE ZXHN HS562 Cloud-End App access control0.60CVE-2021-21736
1767964.34.3
 
 
 
ZTE ZXHN H168N Wizard Page information disclosure0.50CVE-2021-21735
1767954.34.3
 
 
 
OpenDMARC Header Field null pointer dereference0.39CVE-2021-34555
1767946.36.3
 
 
 
Google Chrome Network Service use after free0.79CVE-2021-30553
1767936.36.3
 
 
 
Google Chrome Extension use after free1.06CVE-2021-30552
1767926.36.3
 
 
 
Google Chrome V8 type confusion7.83CVE-2021-30551
1767916.36.3
 
 
 
Google Chrome Accessibility use after free0.77CVE-2021-30550
1767906.36.3
 
 
 
Google Chrome Spell Check use after free0.59CVE-2021-30549
1767896.36.3
 
 
 
Google Chrome Loader use after free0.99CVE-2021-30548
1767886.36.3
 
 
 
Google Chrome ANGLE out-of-bounds write0.59CVE-2021-30547
1767876.36.3
 
 
 
Google Chrome Autofill use after free0.79CVE-2021-30546
1767866.36.3
 
 
 
Google Chrome Extension use after free0.69CVE-2021-30545
1767856.36.3
 
 
 
Google Chrome BFCache use after free1.73CVE-2021-30544
1767844.74.7
 
 
 
Bridgecrew Checkov Terraform File deserialization0.79CVE-2021-3040
1767833.53.5
 
 
 
RESTEasy URL Encoding cross site scripting0.69CVE-2021-20293
1767828.88.8
 
 
 
Zoho ManageEngine ServiceDesk Plus Disallowed Input List Remote Privilege Escalation0.67CVE-2021-20081
1767818.88.8
 
 
 
Palo Alto Cortex XDR Agent uncontrolled search path0.59CVE-2021-3041
1767804.34.3
 
 
 
CubeCoders AMP Java Version Setting unknown vulnerability0.58CVE-2021-34539
1767792.72.7
 
 
 
Palo Alto Prisma Cloud Compute Console debug log file0.88CVE-2021-3039
1767786.36.3
 
 
 
set-getter Prototype code injection0.96CVE-2021-25949

Do you know our Splunk app?

Download it now for free!