CVSSv2 October 2020info

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

PublishedVDBNVDVendResVulnerabilityCTICVE
10/31/20207.77.2
 
 
Microsoft Windows Kernel Cryptography Driver cng.sys CfgAdtpFormatPropertyBlock buffer overflow0.16CVE-2020-17087
10/30/20205.05.0
 
 
codemirror Regular Expression incorrect regex0.05CVE-2020-7760
10/30/20205.86.5
 
 
Pimcore sql injection0.23CVE-2020-7759
10/30/20202.64.0
 
 
F5 BIG-IP IPSec Tunnel inadequate encryption0.07CVE-2020-5938
10/30/20202.37.1
 
 
F5 BIG-IP AFM Traffic Management Microkernel denial of service0.06CVE-2020-5937
10/30/20205.04.3
 
 
Big BIG-IP LTM Traffic Management Microkernel resource consumption0.00CVE-2020-5936
10/30/20202.34.3
 
 
F5 BIG-IP MQTT Traffic denial of service0.04CVE-2020-5935
10/30/20202.33.3
 
 
F5 BIG-IP APM SLO URL denial of service0.00CVE-2020-5934
10/30/20202.37.8
 
 
F5 BIG-IP HTTP Compression resource consumption0.00CVE-2020-5933
10/30/20204.03.5
 
 
F5 BIG-IP ASM Configuration Utility cross site scripting0.00CVE-2020-5932
10/30/20202.35.0
 
 
F5 BIG-IP OneConnect Profile resource consumption0.16CVE-2020-5931
10/30/20204.93.3
 
 
IBM Resilient SOAR authentication spoofing0.02CVE-2020-4864
10/30/20207.59.3
 
 
IBM i2 Analyst Notebook memory corruption0.09CVE-2020-4724
10/30/20207.59.3
 
 
IBM i2 Analyst Notebook memory corruption0.05CVE-2020-4723
10/30/20207.59.3
 
 
IBM i2 Analyst Notebook memory corruption0.04CVE-2020-4722
10/30/20207.59.3
 
 
IBM i2 Analyst Notebook Memory memory corruption0.08CVE-2020-4721
10/30/20204.96.4
 
 
FastReport GetProcAddress inadequate encryption0.02CVE-2020-27998
10/30/20204.97.5
 
 
SmartStoreNET unknown vulnerability0.11CVE-2020-27996
10/30/20205.27.5
 
 
Zoho ManageEngine Applications Manager MyPage.do sql injection0.02CVE-2020-27995
10/30/20202.75.0
 
 
Hrsale pathname traversal0.33CVE-2020-27993
10/30/20205.29.0
 
 
EyesOfNetwork AutoDiscovery Module autodiscovery.php os command injection0.11CVE-2020-27887
10/30/20205.87.5
 
 
EyesOfNetwork eonweb Web Interface functions.php username_available sql injection0.09CVE-2020-27886
10/30/20204.04.3
 
 
WSO2 API Manager cross site scripting0.06CVE-2020-27885
10/30/20202.12.1
 
 
Click Studios Passwordstate PIN Generator information disclosure0.05CVE-2020-27747
10/30/20206.57.5
 
 
Western Digital My Cloud NAS access control0.07CVE-2020-27744
10/30/20201.72.1
 
 
Trend Micro Antivirus information exposure0.07CVE-2020-27015
10/30/20202.36.9
 
 
Trend Micro Antivirus Web Threat Protection race condition0.06CVE-2020-27014
10/30/20204.03.5
 
 
Sal machine_list cross site scripting0.04CVE-2020-26205
10/30/20205.25.0
 
 
Commvault CommCell pathname traversal0.06CVE-2020-25780
10/30/20204.05.0
 
 
Ansible Community Private Key openssl_privatekey_info log file0.18CVE-2020-25646
10/30/20204.03.5
 
 
WSO2 Enterprise Integrator BPMN Explorer Task cross site scripting0.04CVE-2020-25516
10/30/20204.04.3
 
 
Broadleaf Scripting HTTP POST cross site scripting0.07CVE-2020-21266
10/30/20201.72.1
 
 
Samba Winbind service null pointer dereference0.06CVE-2020-14323
10/30/20202.65.0
 
 
IBM Security Directory Server Authorization Token missing secure attribute0.07CVE-2019-4563
10/30/20205.05.0
 
 
IBM Security Directory Server information exposure0.01CVE-2019-4547
10/30/20207.59.3
 
 
Rapid7 Metasploit APK File command injection0.11CVE-2020-7384
10/29/20205.05.0
 
 
chart.js Options Parameter code injection0.04CVE-2020-7746
10/29/20202.64.3
 
 
Synology Router Manager Set-Cookie Header cookie without 'httponly' flag0.00CVE-2020-27658
10/29/20202.64.3
 
 
Synology Router Manager DDNS channel accessible0.06CVE-2020-27657
10/29/20202.64.3
 
 
Synology DiskStation Manager DDNS channel accessible0.05CVE-2020-27656

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!