CVSSv3 07/14/2021

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1786527.56.38.8
 
 
SAP NetWeaver Guided Procedures Administration Workset authorization0.00CVE-2021-33671
1786516.45.37.5
 
 
SAP NetWeaver AS for JAVA Http Service Monitoring Filter denial of service0.08CVE-2021-33670
1786636.36.3
 
 
 
Lexmark Printer Installation unquoted search path0.06CVE-2021-35469
1786625.55.55.5
 
 
Huawei HarmonyOS null pointer dereference0.00CVE-2021-22318
1786614.43.55.4
 
 
SAP Lumira Server Scripting cross site scripting0.03CVE-2021-33682
1786602.22.2
 
 
 
ARM Mbed TLS BASE64 PEM File Decoding information exposure0.06CVE-2021-24119
1786592.22.2
 
 
 
wolfSSL BASE64 PEM File Decoding timing discrepancy0.02CVE-2021-24116
1786587.06.87.2
 
 
SAP CRM missing authentication0.06CVE-2021-33676
1786576.36.3
 
 
 
SAP Web Dispatcher/Internet Communication Manager HTTP Header request smuggling0.00CVE-2021-33683
1786566.46.36.5
 
 
SAP 3D Visual Enterprise Viewer CGM File out-of-bounds write0.05CVE-2021-33681
1786555.44.36.5
 
 
SAP 3D Visual Enterprise Viewer CGM File buffer overflow0.04CVE-2021-33680
1786547.04.39.8
 
 
putil-merge Prototype code injection0.02CVE-2021-25953
1786534.53.55.5
 
 
Apache Ant ZIP Archive allocation of resources0.00CVE-2021-36374
1786505.35.3
 
 
 
SAP NetWeaver AS ABAP/ABAP Platform RFC Request out-of-bounds write0.06CVE-2021-33684
1786496.45.37.5
 
 
SAP NetWeaver ABAP Server/ABAP Platform information disclosure0.11CVE-2021-33677
1786485.94.37.5
 
 
Retty App hard-coded credentials0.03CVE-2021-20748
1786475.36.34.3
 
 
Retty App URL improper authorization0.00CVE-2021-20747
1786466.13.58.8
 
 
Software License Manager cross-site request forgery0.03CVE-2021-20782
1786454.83.56.1
 
 
voidtools Everything HTTP Header cross site scripting0.03CVE-2021-20784
1786446.13.58.8
 
 
Meta Data Filter & Taxonomies Filter cross-site request forgery0.04CVE-2021-20781
1786434.83.56.1
 
 
LINE Client WebView cross site scripting0.03CVE-2021-36214
1786425.03.56.5
 
 
Bento Ap4Atom.cpp null pointer dereference0.06CVE-2020-19722
1786416.05.56.5
 
 
Bento mp42aac Ap4TrunAtom.cpp out-of-bounds write0.04CVE-2020-19721
1786405.03.56.5
 
 
Bento AP4IkmsAtom.cpp null pointer dereference0.03CVE-2020-19720
1786395.03.56.5
 
 
Bento Ap4ElstAtom.cpp buffer overflow0.08CVE-2020-19719
1786385.03.56.5
 
 
Bento Ap4Atom.cpp null pointer dereference0.03CVE-2020-19718
1786375.03.56.5
 
 
Bento Ap48bdlAtom.cpp null pointer dereference0.03CVE-2020-19717
1786365.03.56.5
 
 
Exiv2 types.cpp Databuf buffer overflow0.00CVE-2020-19716
1786354.53.55.5
 
 
Exiv2 integer underflow0.05CVE-2020-19715
1786345.53.57.5
 
 
VMware ESXi OpenSLP out-of-bounds read0.03CVE-2021-21995
1786338.06.39.8
 
 
VMware ESXi Service Port 5989 improper authentication0.22CVE-2021-21994
1786324.03.74.3
 
 
Wire wire-ios-transport certificate validation0.03CVE-2021-32755
1786317.25.49.1
 
 
SolarWinds DameWare Mini Remote Control permission0.08CVE-2021-31217
1786305.44.36.5
 
 
MikroTik RouterOS lcdstat null pointer dereference0.04CVE-2020-20252
1786297.06.37.8
 
 
VMware Thinapp DLL Loader uncontrolled search path0.03CVE-2021-22000
1786287.65.59.8
 
 
Pillow/Python Imaging Library Convert.c buffer overflow0.03CVE-2021-34552
1786278.88.88.8
 
 
IBM Cloud Pak for Applications access control0.03CVE-2021-20423
1786264.83.75.9
 
 
IBM Cloud Pak for Applications inadequate encryption0.03CVE-2021-20369
1786253.73.7
 
 
 
IBM Cloud Pak for Applications inadequate encryption0.03CVE-2021-20360
1786244.43.55.4
 
 
IBM Cloud Pak for Applications Web UI cross site scripting0.02CVE-2021-20368
1786234.43.55.4
 
 
IBM Cloud Pak for Applications Web UI cross site scripting0.08CVE-2021-20366
1786224.43.55.4
 
 
IBM Cloud Pak for Applications Web UI cross site scripting0.02CVE-2021-20365
1786214.43.55.4
 
 
IBM Cloud Pak for Applications Web UI cross site scripting0.06CVE-2021-20364
1786204.43.55.4
 
 
IBM Cloud Pak for Applications Web UI cross site scripting0.00CVE-2021-20363
1786194.43.55.4
 
 
IBM Cloud Pak for Applications Web UI cross site scripting0.05CVE-2021-20362
1786184.43.55.4
 
 
IBM Cloud Pak for Applications Web UI cross site scripting0.03CVE-2021-20361
1786174.85.34.3
 
 
IBM Cloud Pak for Applications information exposure0.05CVE-2021-20424
1786166.45.37.5
 
 
IBM Cloud Pak for Applications Memory information disclosure0.03CVE-2021-20422

Do you know our Splunk app?

Download it now for free!