CVSSv3 08/18/2021info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1811133.33.3
 
 
 
MediaTek MT6893 Memory Management Driver information disclosure0.03CVE-2021-0415
1811123.33.3
 
 
 
MediaTek MT6893 ASF Extractor out-of-bounds read0.03CVE-2021-0408
1811116.36.3
 
 
 
DotCMS vtl File access control0.02CVE-2020-18875
1811105.55.5
 
 
 
Live555 Command FramedSource.cpp assertion0.00CVE-2021-39283
1811095.55.5
 
 
 
Pimcore Data Object CSV Import csv injection0.05CVE-2021-37702
1811085.35.3
 
 
 
jsoup HTML Parser/XML Parser infinite loop0.25CVE-2021-37714
1811073.53.5
 
 
 
Yclas form.php cross site scripting0.05CVE-2021-38710
1811063.53.5
 
 
 
webTareas Parameter general_serv.php path traversal0.00CVE-2020-23069
1811056.36.3
 
 
 
SeaCMS sql injection0.00CVE-2021-37358
1811046.36.3
 
 
 
AiteCMS diy_list.php sql injection0.03CVE-2020-18746
1811034.34.3
 
 
 
Linux Kernel ARM SIGPAGE information disclosure0.08CVE-2021-21781
1811026.36.3
 
 
 
AT&T Xmill XML Decompression UncompressItem heap-based overflow0.03CVE-2021-21825
1810972.12.1
 
 
 
Octopus Server/Server Web Request Proxy information disclosure0.08CVE-2021-31820
1810965.35.3
 
 
 
Roller Regex request.getQueryString resource consumption0.00CVE-2021-33580
1810953.53.5
 
 
 
Quiz and Survey Master Plugin cross site scripting0.03CVE-2021-20792
1810943.53.5
 
 
 
Cybozu Garoon cross site scripting0.00CVE-2021-20774
1810933.53.5
 
 
 
Cybozu Garoon cross site scripting0.00CVE-2021-20771
1810923.53.5
 
 
 
Cybozu Garoon cross site scripting0.00CVE-2021-20770
1810913.53.5
 
 
 
Cybozu Garoon cross site scripting0.00CVE-2021-20769
1810903.53.5
 
 
 
Cybozu Garoon Full Text Search cross site scripting0.00CVE-2021-20767
1810893.53.5
 
 
 
Cybozu Garoon cross site scripting0.00CVE-2021-20766
1810883.53.5
 
 
 
Cybozu Garoon cross site scripting0.00CVE-2021-20765
1810873.53.5
 
 
 
Cybozu Garoon cross site scripting0.00CVE-2021-20753
1810864.34.3
 
 
 
Cybozu Garoon Comment access control0.03CVE-2021-20775
1810855.45.4
 
 
 
Cybozu Garoon Route access control0.03CVE-2021-20773
1810845.45.4
 
 
 
Cybozu Garoon Attachment access control0.00CVE-2021-20764
1810835.45.4
 
 
 
Cybozu Garoon E-Mail access control0.03CVE-2021-20762
1810823.83.8
 
 
 
Cybozu Garoon E-Mail access control0.00CVE-2021-20761
1810815.45.4
 
 
 
Cybozu Garoon User Profile access control0.00CVE-2021-20760
1810803.53.5
 
 
 
Cybozu Request cross-site request forgery0.00CVE-2021-20758
1810794.34.3
 
 
 
Cybozu Garoon Address access control0.00CVE-2021-20756
1810784.34.3
 
 
 
Cybozu Garoon Portal access control0.03CVE-2021-20755
1810776.36.3
 
 
 
Cybozu Garoon Workflow Data access control0.00CVE-2021-20754
1810764.34.3
 
 
 
Cybozu Garoon Bulletin Title information disclosure0.00CVE-2021-20772
1810756.36.3
 
 
 
Cybozu Garoon Scheduler/MultiReport access control0.00CVE-2021-20768
1810746.36.3
 
 
 
Cybozu Garoon Portal Data access control0.00CVE-2021-20763
1810736.36.3
 
 
 
Cybozu Garoon Portal Data access control0.00CVE-2021-20759
1810726.36.3
 
 
 
Cybozu Garoon Portal Data access control0.00CVE-2021-20757
1810716.36.3
 
 
 
Apache OFBiz unrestricted upload0.08CVE-2021-37608
1810703.53.5
 
 
 
SuiteCRM Web Interface cross site scripting0.00CVE-2021-39268
1810693.53.5
 
 
 
SuiteCRM Web Interface cross site scripting0.00CVE-2021-39267
1810686.36.3
 
 
 
Rukovoditel Project Management App Fields Page copy_selected sql injection0.05CVE-2020-13589
1810673.53.5
 
 
 
Rukovoditel Project Management App Fields Page heading_field_id cross-site request forgery0.00CVE-2020-13588
1810665.35.3
 
 
 
Google Android ExternalStorageProvider.java shouldBlockFromTree permission0.18CVE-2021-0645
1810655.35.3
 
 
 
Google Android sqlite3.c sqlite3_str_vappendf out-of-bounds write0.00CVE-2021-0646
1810645.35.3
 
 
 
Google Android StatsdStats.cpp noteAtomLogged out-of-bounds write0.03CVE-2021-0640
1810635.35.3
 
 
 
Google Android DevicePickerFragment.java sendDevicePickedtent Local Privilege Escalation0.00CVE-2021-0593
1810625.35.3
 
 
 
Google Android FLV Extractor out-of-bounds write0.03CVE-2021-0576
1810615.35.3
 
 
 
Google Android ASF Extractor out-of-bounds write0.00CVE-2021-0574
1810605.35.3
 
 
 
Google Android ASF Extractor out-of-bounds write0.00CVE-2021-0573

Do you know our Splunk app?

Download it now for free!