CVSSv3 07/09/2021info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1782233.53.5
 
 
 
Kaseya VSA cross site scripting1.34CVE-2021-30119
1782225.55.5
 
 
 
Kaseya VSA XML xml external entity reference1.02CVE-2021-30201
1782215.55.5
 
 
 
Kaseya VSA file inclusion1.21CVE-2021-30121
1782203.53.5
 
 
 
PublicCMS Submit Case cross site scripting0.45CVE-2020-21333
1782195.05.0
 
 
 
Vapor Data.init(base32Encoded:) deserialization0.57CVE-2021-32742
1782185.05.0
 
 
 
Kaseya VSA 2FA improper authentication1.08CVE-2021-30120
1782176.36.3
 
 
 
Kaseya VSA sql injection0.76CVE-2021-30117
1782166.36.3
 
 
 
Autodesk PDF File type confusion0.76CVE-2021-27038
1782156.36.3
 
 
 
Pimcore groupsActionGet Remote Privilege Escalation0.70CVE-2021-23405
1782145.05.0
 
 
 
Google Go pclntab_test.go dotest temp file0.75CVE-2012-2666
1782132.72.7
 
 
 
Ether Creative Ether Logs file access0.41CVE-2021-32752
1782124.34.3
 
 
 
gRPC Swift HTTP2 Frame HTTP2ToRawGRPCServerCodec recursion0.39CVE-2021-36154
1782114.34.3
 
 
 
gRPC Swift GRPCWebToHTTP2ServerCodec.swift state issue0.55CVE-2021-36153
1782106.36.3
 
 
 
Autodesk File buffer overflow1.56CVE-2021-27036
1782096.36.3
 
 
 
Autodesk PICT File heap-based overflow1.50CVE-2021-27034
1782086.36.3
 
 
 
Autodesk Design Review PDF File double free1.54CVE-2021-27033
1782074.34.3
 
 
 
Keycloak keycloak-model-infinispan RootAuthenticationSessionEntity allocation of resources1.63CVE-2021-3637
1782066.36.3
 
 
 
Panasonic FPWIN Pro Project File xml external entity reference1.41CVE-2021-32972
1782055.35.3
 
 
 
Rockwell Automation MicroLogix 1100 RUN Mode denial of service1.70CVE-2021-33012
1782046.36.3
 
 
 
Kaseya Virtual System Administrator Remote Privilege Escalation1.90CVE-2021-30118
1782036.36.3
 
 
 
Autodesk TIFF File buffer overflow1.56CVE-2021-27039
1782026.36.3
 
 
 
Autodesk File double free1.35CVE-2021-27037
1782016.36.3
 
 
 
Autodesk File buffer overflow1.50CVE-2021-27035
1782006.36.3
 
 
 
linuxptp ptp4l memory corruption1.59CVE-2021-3571
1781994.34.3
 
 
 
gRPC Swift LengthPrefixedMessageReader buffer overflow1.63CVE-2021-36155
1781985.55.5
 
 
 
PbootCMS upgradecontroller.php access control1.50CVE-2020-22535
1781974.34.3
 
 
 
IBM InfoSphere Information Server Web UI cross site scripting1.52CVE-2021-29712
1781966.36.3
 
 
 
IBM InfoSphere Information Server Back-End Database sql injection1.62CVE-2021-29730
1781956.36.3
 
 
 
linuxptp ptp4l memory corruption0.65CVE-2021-3570
1781946.36.3
 
 
 
Linux Kernel Joystick Devices Subsystem out-of-bounds write1.06CVE-2021-3612
1781937.87.8
 
 
 
WinWaste.NET permission0.59CVE-2021-34110
1781925.35.3
 
 
 
Samsung Members file inclusion0.19CVE-2021-25438
1781915.05.0
 
 
 
Metinfo sql injection0.33CVE-2020-20585
1781903.53.5
 
 
 
Baigo CMS Parameter cross site scripting1.21CVE-2020-20584
1781895.55.5
 
 
 
Samsung KME Module MDM Policy Management privileges management0.13CVE-2021-25442
1781885.35.3
 
 
 
Samsung AR Emoji Editor access control0.19CVE-2021-25441
1781875.35.3
 
 
 
Samsung FactoryCameraFB Access Control access control0.19CVE-2021-25440
1781865.35.3
 
 
 
Samsung Members access control0.13CVE-2021-25439
1781855.55.5
 
 
 
Samsung Tizen Factory Reset Policy improper authorization0.19CVE-2021-25433
1781843.53.5
 
 
 
Samsung Members Chat Data information disclosure0.32CVE-2021-25432
1781835.35.3
 
 
 
Samsung Cameralyzer access control0.19CVE-2021-25431
1781825.55.5
 
 
 
Samsung Smart Phone Bluetooth Application improper authentication0.32CVE-2021-25430
1781815.35.3
 
 
 
Samsung Smart Phone Bluetooth privileges management0.35CVE-2021-25429
1781804.34.3
 
 
 
Samsung Mobile Phone Bluetooth sql injection0.96CVE-2021-25427
1781795.55.5
 
 
 
Samsung Message SmsViewerActivity access control0.74CVE-2021-25426
1781786.36.3
 
 
 
AccuSoft ImageGear TIF bits_per_sample out-of-bounds write0.37CVE-2021-21794
1781776.36.3
 
 
 
AccuSoft ImageGear JPG Header sof_nb_comp out-of-bounds write0.21CVE-2021-21793
1781766.36.3
 
 
 
WebKit WebKitGTK GraphicsContext use after free0.31CVE-2021-21779
1781755.55.5
 
 
 
Samsung Tizen FOTA Service access control0.68CVE-2021-25437
1781745.55.5
 
 
 
Samsung Tizen FOTA Service input validation0.58CVE-2021-25436

Interested in the pricing of exploits?

See the underground prices here!