CVSSv3 11/05/2021

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTICVE
1861357.16.37.87.3
 
 
Vim stack-based overflow0.05CVE-2021-3928
1861346.86.3
 
7.3
 
 
Vim heap-based overflow0.06CVE-2021-3927
1861337.56.3
 
8.8
 
 
Grav Pathname path traversal0.00CVE-2021-3924
1861326.46.3
 
6.5
 
 
BookStack Pathname path traversal0.00CVE-2021-3916
1861313.53.5
 
 
 
 
PHPGurukul Shopping Parameter cross site scripting0.00CVE-2021-39412
1861303.53.5
 
 
 
 
PHPGurukul Hospital Management System Parameter cross site scripting0.00CVE-2021-39411
1861293.53.5
 
 
 
 
Sourcecodester Engineers Online Portal in PHP Quiz add_quiz.php cross site scripting0.08CVE-2021-42664
1861287.37.3
 
 
 
 
Sourcecodester Engineers Online Portal in PHP File Upload uploads improper authentication0.00CVE-2021-42671
1861276.36.3
 
 
 
 
Sourcecodester Engineers Online Portal in PHP dashboard_teacher.php unrestricted upload0.00CVE-2021-42669
1861267.37.3
 
 
 
 
Sourcecodester Engineers Online Portal in PHP Login Form index.php sql injection0.00CVE-2021-42665
1861254.34.3
 
 
 
 
SourceCodester Online Event Booking and Reservation System index.php injection0.00CVE-2021-42663
1861246.36.3
 
 
 
 
Sourcecodester Engineers Online Portal in PHP Parameter announcements_student.php sql injection0.00CVE-2021-42670
1861236.36.3
 
 
 
 
Sourcecodester Engineers Online Portal in PHP Parameter my_classmates.php sql injection0.09CVE-2021-42668
1861226.36.3
 
 
 
 
SourceCodester Online Event Booking and Reservation System views sql injection0.08CVE-2021-42667
1861216.36.3
 
 
 
 
Sourcecodester Engineers Online Portal in PHP Parameter quiz_question.php sql injection0.07CVE-2021-42666
1861203.53.5
 
 
 
 
Power Admin PA Server Monitor Console.exe cross site scripting0.07CVE-2021-26844
1861197.37.3
 
 
 
 
Sitecore deserialization0.07CVE-2021-42237
1861184.43.55.4
 
 
 
SourceCodester Online Event Booking and Reservation System cross site scripting0.00CVE-2021-42662
1861177.37.3
 
 
 
 
Backdoor.Win32.Optix.03.b Service Port 333 backdoor0.08
1861166.36.3
 
 
 
 
Backdoor.Win32.Jokerdoor Service Port 1111 stack-based overflow0.00
1861157.37.3
 
 
 
 
Backdoor.Win32.Ncx.b Service Port 99 os command injection0.08
1861146.36.3
 
 
 
 
Backdoor.Win32.Ncx.b Service Port 99 stack-based overflow0.08
1861135.94.77.2
 
 
 
MyBB Admin CP Settings Management injection0.07CVE-2021-43281
1861123.33.3
 
3.3
 
 
Samsung Pass Lockscreen improper authentication0.00CVE-2021-25505
1861115.53.55.47.7
 
 
GitLab Community Edition/Enterprise Edition DataDog cross site scripting0.00CVE-2021-22260
1861103.04.3
 
1.7
 
 
GitLab Community Edition/Enterprise Edition Merge Request information disclosure0.00CVE-2021-39911
1861094.74.2
 
5.3
 
 
GitLab Enterprise Edition CODEOWNERS access control0.00CVE-2021-39909
1861086.13.5
 
8.7
 
 
GitLab Community Edition/Enterprise Edition ipynb File cross site scripting0.06CVE-2021-39906
1861072.72.7
 
2.7
 
 
GitLab Community Edition/Enterprise Edition SCIM Token information disclosure0.00CVE-2021-39901
1861063.73.7
 
3.7
 
 
GitLab Community Edition/Enterprise Edition Project Export access control0.00CVE-2021-39898
1861053.54.3
 
2.6
 
 
GitLab Community Edition/Enterprise Edition Subgroup Member access control0.00CVE-2021-39897
1861045.65.3
 
5.9
 
 
Samsung Flow Application access control0.00CVE-2021-25509
1861034.63.5
 
5.7
 
 
Samsung Flow Mobile Application Notification Data improper authorization0.00CVE-2021-25507
1861023.63.3
 
4.0
 
 
Samsung Health Content Provider denial of service0.00CVE-2021-25506
1861013.63.3
 
4.0
 
 
Samsung Group Sharing Contact Information information disclosure0.25CVE-2021-25504
1861006.65.3
 
7.9
 
 
Samsung Property Settings privileges management0.06CVE-2021-25502
1860995.55.3
 
5.7
 
 
Samsung SecTelephonyProvider SCloudBnRReceiver access control0.00CVE-2021-25501
1860986.86.4
 
7.2
 
 
Samsung HDCP LDFW TEE input validation0.04CVE-2021-25500
1860975.64.7
 
6.5
 
 
GitLab Community Edition/Enterprise Edition API Call access control0.07CVE-2021-39903
1860965.36.3
 
4.3
 
 
GitLab Community Edition/Enterprise Edition Membership improper authorization0.00CVE-2021-39902
1860954.34.3
 
4.4
 
 
GitLab Community Edition/Enterprise Edition Migration Log log file0.00CVE-2021-39913
1860945.74.3
 
7.1
 
 
GraphQL IDE HTTP Schema Introspection cross site scripting0.00CVE-2021-41249
1860935.74.3
 
7.1
 
 
GraphQL IDE HTTP Schema Introspection cross site scripting0.00CVE-2021-41248
1860924.34.34.3
 
 
 
Sonatype Nexus Repository Manager server-side request forgery0.37CVE-2021-43293
1860915.35.3
 
5.3
 
 
GitLab Community Edition/Enterprise Edition TIFF Image memory allocation0.00CVE-2021-39912
1860905.35.3
 
5.3
 
 
GitLab Community Edition/Enterprise Edition EXIF Data resource consumption0.00CVE-2021-39907
1860894.34.3
 
4.3
 
 
GitLab Community Edition/Enterprise Edition API information disclosure0.07CVE-2021-39905
1860885.36.3
 
4.3
 
 
GitLab Community Edition/Enterprise Edition Merge Request access control0.00CVE-2021-39904
1860876.37.3
 
5.3
 
 
Samsung SmartThings API Key privileges management0.08CVE-2021-25508
1860864.43.9
 
5.0
 
 
Samsung HDCP input validation0.07CVE-2021-25503

10 more entries are not shown

Want to stay up to date on a daily basis?

Enable the mail alert feature now!