CVSSv3 12/27/2021

CVSSv3 Base

≤10
≤20
≤34
≤426
≤54
≤630
≤78
≤80
≤90
≤100

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤34
≤426
≤54
≤637
≤71
≤80
≤90
≤100

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤20
≤34
≤426
≤54
≤630
≤78
≤80
≤90
≤100

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤71
≤80
≤90
≤100

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDCNAVendResVulnerabilityCTICVE
1893716.36.3
 
 
 
 
Apache APISIX Dashboard Manager API missing authentication0.43CVE-2021-45232
1893706.36.3
 
 
 
 
Avast Antivirus Trusted Process access control0.05CVE-2021-45339
1893696.36.3
 
 
 
 
Avast Antivirus access control0.06CVE-2021-45338
1893684.74.7
 
 
 
 
Avast Antivirus Self-Defense Driver wsc_proxy.exe access control0.00CVE-2021-45337
1893675.35.3
 
 
 
 
Avast Antivirus Sandbox access control0.00CVE-2021-45336
1893666.36.3
 
 
 
 
Avast Antivirus Sandbox permission0.06CVE-2021-45335
1893656.56.3
 
6.8
 
 
vim use after free0.11CVE-2021-4173
1893643.53.5
 
 
 
 
WP RSS Aggregator Plugin System Info Admin Dashboard wprss_dismiss_addon_notice cross site scripting0.00CVE-2021-24988
1893633.53.5
 
 
 
 
WordPress Download Manager Plugin Template Data wpdm_save_template cross site scripting0.00CVE-2021-24969
1893622.42.4
 
 
 
 
Smart Floating & Sticky Buttons Plugin Parameter cross site scripting0.06CVE-2021-24992
1893613.53.5
 
 
 
 
WPFront User Role Editor Plugin Admin Dashboard cross site scripting0.00CVE-2021-24984
1893603.53.5
 
 
 
 
Gwolle Guestbook Plugin Admin Page cross site scripting0.00CVE-2021-24980
1893593.53.5
 
 
 
 
Paid Memberships Pro Plugin Admin Page cross site scripting0.06CVE-2021-24979
1893584.34.3
 
 
 
 
Contact Form & Lead Form Elementor Builder Plugin cross site scripting0.00CVE-2021-24967
1893572.42.4
 
 
 
 
Build Beautiful Conversational Forms Plugin Publish ID Setting cross site scripting0.06CVE-2021-24902
1893564.34.3
 
 
 
 
Tickera Plugin Booked Event cross site scripting0.00CVE-2021-24797
1893556.36.3
 
 
 
 
Rich Reviews Plugin GET Parameter sql injection0.00CVE-2021-24753
1893546.36.3
 
 
 
 
WP Guppy Plugin REST API Endpoint authorization0.06CVE-2021-24997
1893532.62.6
 
 
 
 
Simple JWT Login Plugin Password Creation str_shuffle inadequate encryption0.00CVE-2021-24998
1893525.55.5
 
 
 
 
vec-const Crate memory corruption0.00CVE-2021-45680
1893515.55.5
 
 
 
 
rusqlite Crate commit_hook use after free0.00CVE-2021-45717
1893505.55.5
 
 
 
 
tokio Crate memory corruption0.00CVE-2021-45710
1893495.55.5
 
 
 
 
crypto2 Crate Chacha20 Privilege Escalation0.00CVE-2021-45709
1893485.55.5
 
 
 
 
nix Crate groups getgrouplist out-of-bounds write0.00CVE-2021-45707
1893472.62.6
 
 
 
 
zeroize_derive Crate information disclosure0.00CVE-2021-45706
1893465.55.5
 
 
 
 
nanorand Crate Reference TlsWyRand memory corruption0.00CVE-2021-45705
1893455.55.5
 
 
 
 
metrics-util Crate AtomicBucket<T> memory corruption0.00CVE-2021-45704
1893443.53.5
 
 
 
 
tectonic_xdv Crate process uninitialized pointer0.00CVE-2021-45703
1893433.53.5
 
 
 
 
ckb Crate Nervos CKB Blockchain denial of service0.11CVE-2021-45700
1893425.55.5
 
 
 
 
ckb Crate Nervos CKB Blockchain get_block_template Privilege Escalation0.00CVE-2021-45698
1893415.55.5
 
 
 
 
molecule Crate FixVec Privilege Escalation0.00CVE-2021-45697
1893405.55.5
 
 
 
 
sha2 Crate AVX2-accelerated Backend Privilege Escalation0.00CVE-2021-45696
1893393.53.5
 
 
 
 
rdiff Crate Window uninitialized pointer0.00CVE-2021-45694
1893383.53.5
 
 
 
 
messagepack-rs Crate deserialize_extension_others uninitialized pointer0.30CVE-2021-45692
1893373.53.5
 
 
 
 
messagepack-rs Crate deserialize_string uninitialized pointer0.30CVE-2021-45691
1893363.53.5
 
 
 
 
messagepack-rs Crate deserialize_binary uninitialized pointer0.31CVE-2021-45690
1893353.53.5
 
 
 
 
gfx-auxil Crate read_spirv uninitialized pointer1.33CVE-2021-45689
1893343.53.5
 
 
 
 
ash Crate read_spv uninitialized pointer0.00CVE-2021-45688
1893333.53.5
 
 
 
 
csv-sniffer Crate preamble_skipcount uninitialized pointer0.95CVE-2021-45686
1893323.53.5
 
 
 
 
columnar Crate read_typed_vec uninitialized pointer0.00CVE-2021-45685

32 more entries are not shown

Do you need the next level of professionalism?

Upgrade your account now!