CVSSv3 06/11/2021info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1768796.36.3
 
 
 
OpenPLC ScadaBR JSP File view_edit.shtm unrestricted upload0.90CVE-2021-26828
1768786.56.5
 
 
 
Xen initialization0.69CVE-2021-28687
1768776.36.3
 
 
 
Schneider Electric IGSS Definition CGF File Def.exe path traversal0.35CVE-2021-22762
1768766.36.3
 
 
 
Schneider Electric IGSS Definition Def.exe memory corruption0.35CVE-2021-22761
1768754.34.3
 
 
 
Schneider Electric IGSS Definition CGF File Def.exe out-of-bounds read0.42CVE-2021-22757
1768744.34.3
 
 
 
Schneider Electric IGSS Definition CGF File Def.exe out-of-bounds read0.42CVE-2021-22756
1768736.36.3
 
 
 
Schneider Electric IGSS Definition CGF File Def.exe out-of-bounds write0.35CVE-2021-22755
1768725.35.3
 
 
 
Mitsubishi Electricssion MELSEC iQ-R series CPU Module MELSOFT Transmission Port resource consumption0.42CVE-2021-20591
1768714.34.3
 
 
 
NetApp E-Series SANtricity OS Controller Software Configuration information disclosure0.49CVE-2021-26996
1768703.53.5
 
 
 
actionpack Gem Action Controller authenticate_with_http_token resource consumption0.35CVE-2021-22904
1768693.53.5
 
 
 
actionpack Gem Mime Type Parser resource consumption0.28CVE-2021-22902
1768683.53.5
 
 
 
Drupal Form API cross-site request forgery0.28CVE-2020-13663
1768673.53.5
 
 
 
Drupal Forms cross site scripting0.67CVE-2020-13688
1768665.55.5
 
 
 
actionpack Gem Host Authorization Middleware redirect1.27CVE-2021-22903
1768653.33.3
 
 
 
IBM QRadar Analyst Workflow App information disclosure0.86CVE-2021-20396
1768647.37.3
 
 
 
cURL TLS 1.3 Session Ticket use after free1.16CVE-2021-22901
1768635.65.6
 
 
 
IBM Financial Transaction Manager xml external entity reference0.58CVE-2020-5003
1768623.13.1
 
 
 
WoWonder Parameter recover.php random values1.25CVE-2021-27200
1768612.62.6
 
 
 
Xen Speculative Execution information disclosure1.16CVE-2021-28689
1768606.36.3
 
 
 
IBM WebSphere Application Server SAML Web Inbound Trust Association Interceptor access control1.72CVE-2021-29754
1768593.13.1
 
 
 
NetApp E-Series SANtricity OS Controller Software information exposure0.28CVE-2021-26997
1768586.36.3
 
 
 
Facebook WhatsApp/WhatsApp Business Filename Validation path traversal0.28CVE-2021-24035
1768575.05.0
 
 
 
Flask-Unchained URL Validation _validate_redirect_url1.23CVE-2021-23393
1768565.55.5
 
 
 
JerryScript re-parser.c re_parse_char_escape heap-based overflow0.22CVE-2020-23323
1768555.55.5
 
 
 
JerryScript parser_parse_object_initializer assertion0.15CVE-2020-23322
1768545.55.5
 
 
 
JerryScript lit-strings.c lit_read_code_unit_from_utf8 heap-based overflow1.15CVE-2020-23321
1768535.55.5
 
 
 
JerryScript parser_parse_function_arguments assertion0.84CVE-2020-23320
1768525.55.5
 
 
 
JerryScript js-parser-statm.c parser_parse_try_statement_end assertion0.28CVE-2020-23314
1768515.55.5
 
 
 
JerryScript js-scanner-util.c scanner_literal_is_created assertion0.99CVE-2020-23313
1768505.55.5
 
 
 
JerryScript js-parser-expr.c parser_parse_object_initializer initialization0.37CVE-2020-23311
1768495.55.5
 
 
 
JerryScript js-parser-statm.c:733 parser_parse_function_statement assertion0.44CVE-2020-23310
1768485.55.5
 
 
 
JerryScript js-parser-statm.c parser_parse_statements assertion1.15CVE-2020-23309
1768475.55.5
 
 
 
JerryScript js-parser-expr.c parser_parse_expression assertion0.95CVE-2020-23308
1768465.55.5
 
 
 
JerryScript ecma-regexp-object.c ecma_regexp_match stack-based overflow0.45CVE-2020-23306
1768455.55.5
 
 
 
JerryScript jmem-poolman.c jmem_pools_collect_empty heap-based overflow0.21CVE-2020-23303
1768445.55.5
 
 
 
JerryScript ecma-helpers-string.c ecma_ref_ecma_string use after free0.45CVE-2020-23302
1768433.13.1
 
 
 
QNAP QSS out-of-bounds read0.68CVE-2021-28801
1768425.55.5
 
 
 
JerryScript ecma-helpers.c ecma_bytecode_ref use after free0.28CVE-2021-26199
1768415.55.5
 
 
 
JerryScript ecma-helpers.c ecma_deref_bigint memory corruption1.04CVE-2021-26198
1768405.55.5
 
 
 
JerryScript main-utils.c main_print_unhandled_exception memory corruption0.28CVE-2021-26197
1768395.55.5
 
 
 
JerryScript js-lexer.c lexer_parse_number heap-based overflow0.44CVE-2021-26195
1768385.55.5
 
 
 
JerryScript ecma-helpers.c ecma_is_lexical_environment use after free0.85CVE-2021-26194
1768374.34.3
 
 
 
Apport Report File denial of service0.70CVE-2021-25684
1768365.55.5
 
 
 
JerryScript parser_emit_cbc_backward_branch assertion1.03CVE-2020-23319
1768356.36.3
 
 
 
JerryScript js-parser.c parser_parse_source assertion0.95CVE-2020-23312
1768346.36.3
 
 
 
QNAP Helpdesk access control1.08CVE-2021-28814
1768333.33.3
 
 
 
QNAP QSS source code0.49CVE-2021-28805
1768328.08.0
 
 
 
Apport stat get_starttime input validation0.31CVE-2021-25683
1768318.08.0
 
 
 
Apport status get_pid_info input validation0.31CVE-2021-25682
1768304.34.3
 
 
 
Backdoor.Win32.Zombam.gen HTML Web UI cross site scripting0.21

Interested in the pricing of exploits?

See the underground prices here!