CVSSv3 08/06/2021info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1802555.55.5
 
 
 
ProLink PRC2402M Administrative Interface login.cgi set_sys_init Privilege Escalation0.00CVE-2021-36708
1802545.55.5
 
 
 
ProLink PRC2402M Parameter adm.cgi os command injection0.00CVE-2021-36707
1802535.55.5
 
 
 
ProLink PRC2402M adm.cgi set_sys_cmd os command injection0.00CVE-2021-36706
1802525.55.5
 
 
 
JetBrains Hub Password Reset Privilege Escalation0.05CVE-2021-36209
1802513.53.5
 
 
 
Fortinet FortiAnalyzer/FortiManager Web Page Generation cross site scripting0.18CVE-2021-32597
1802503.53.5
 
 
 
NetApp Cloud Manager Active Directory Connection log file0.08CVE-2021-26999
1802493.53.5
 
 
 
NetApp Cloud Manager log file0.04CVE-2021-26998
1802486.36.3
 
 
 
Fortinet FortiAnalyzer GUI Interface access control0.18CVE-2021-32587
1802477.37.3
 
 
 
Dream Security PKI Security Solution Authorization Certificate certificate validation0.05CVE-2021-26606
1802466.36.3
 
 
 
D-Link DIR-615 C2 POST Request ping_response.cgi buffer overflow0.14CVE-2021-37388
1802454.94.9
 
 
 
JetBrains RubyMine Privilege Escalation0.05CVE-2021-37543
1802443.53.5
 
 
 
Chikitsa Patient Management System insert_patient_add_appointment cross site scripting0.05CVE-2021-38152
1802433.53.5
 
 
 
Chikitsa Patient Management System todos cross site scripting0.00CVE-2021-38151
1802423.53.5
 
 
 
Chikitsa Patient Management System add_user cross site scripting0.00CVE-2021-38149
1802416.36.3
 
 
 
Care2x Open Source Hospital Information Management nursing-station.php sql injection0.05CVE-2021-36351
1802403.53.5
 
 
 
Subrion CMS Image File cross site scripting0.00CVE-2020-22392
1802393.53.5
 
 
 
CMS Made Simple Fie Picker cross site scripting0.05CVE-2020-22732
1802384.34.3
 
 
 
Mattermost OAuth cross site scripting0.09CVE-2021-37859
1802374.34.3
 
 
 
F-Secure Safe Browser Address Bar clickjacking0.09CVE-2021-33596
1802366.36.3
 
 
 
Acronis True Image DLL Privilege Escalation0.99CVE-2021-32580
1802356.36.3
 
 
 
Acronis True Image Soft Link access control0.00CVE-2021-32578
1802346.36.3
 
 
 
Acronis True Image permission0.04CVE-2021-32577
1802336.36.3
 
 
 
Acronis True Image Soft Link access control0.00CVE-2021-32576
1802324.34.3
 
 
 
Secomea SiteManager information disclosure0.04CVE-2021-32003
1802314.34.3
 
 
 
Secomea SiteManager access control0.00CVE-2021-32002
1802305.55.5
 
 
 
Samsung SmartThings WebView file inclusion0.00CVE-2021-25447
1802295.65.6
 
 
 
libcurl macOS native TLS library Secure Transport tmp symlink0.00CVE-2021-22926
1802285.55.5
 
 
 
MuleSoft Mule xml external entity reference0.09CVE-2021-1630
1802275.55.5
 
 
 
Redmine Two-factor Authentication user session0.08CVE-2021-37156
1802263.53.5
 
 
 
nettle RSA Decryption denial of service0.00CVE-2021-3580
1802255.65.6
 
 
 
TOTOLINK A720R Telnet Service hard-coded credentials0.00CVE-2021-35327
1802243.53.5
 
 
 
TOTOLINK A720R Configuration File information disclosure0.00CVE-2021-35326
1802235.55.5
 
 
 
TOTOLINK A720R checkLoginUser stack-based overflow0.00CVE-2021-35325
1802226.36.3
 
 
 
TOTOLINK A720R Form_Login improper authentication0.00CVE-2021-35324
1802215.65.6
 
 
 
Acronis True Image/Agent/Cyber Protect certificate validation0.00CVE-2021-32581
1802205.05.0
 
 
 
Mozilla Thunderbird IMAP Server injection0.18CVE-2021-29969
1802195.55.5
 
 
 
EDK2 Privilege Escalation0.05CVE-2021-28216
1802185.35.3
 
 
 
ezPDFReader JSON-RPC input validation0.14CVE-2021-26605
1802175.55.5
 
 
 
Samsung Smart Touch Call Webview access control0.00CVE-2021-25448
1802165.55.5
 
 
 
Samsung SmartThings access control0.05CVE-2021-25446
1802155.55.5
 
 
 
Samsung Smart Phone improper authentication0.05CVE-2021-25445
1802142.62.6
 
 
 
Samsung Smart Phone Keymaster entropy0.00CVE-2021-25444
1802135.55.5
 
 
 
Samsung Smart Phone Driver conn_gadget use after free0.05CVE-2021-25443
1802124.34.3
 
 
 
Bosch IP Camera Web-based Interface cross-site request forgery0.05CVE-2021-23849
1802114.34.3
 
 
 
Citrix ADC/Gateway SAML Service Provider session fixiation0.36CVE-2021-22927
1802103.13.1
 
 
 
cURL Command Line Option information disclosure0.09CVE-2021-22925
1802093.13.1
 
 
 
cURL Metalink cleartext transmission0.09CVE-2021-22923
1802084.24.2
 
 
 
cURL Metalink insufficient verification of data authenticity0.16CVE-2021-22922
1802073.13.1
 
 
 
GitLab Enterprise Edition Single Sign On access control0.00CVE-2021-22240
1802065.55.5
 
 
 
CODESYS Development System ComponentModel Profile.FromFile deserialization0.00CVE-2021-21863

Do you want to use VulDB in your project?

Use the official API to access entries easily!