CVSSv3 01/15/2020info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1490647.56.38.8
 
 
Cacti data_input.php input validation0.07CVE-2020-7058
1490617.77.38.1
 
 
VMware Tools race condition0.03CVE-2020-3941
1490606.54.38.8
 
 
Sounds Plugin cross-site request forgery0.00CVE-2020-2098
1490597.56.38.8
 
 
Sounds Plugin Permission Check improper authorization0.00CVE-2020-2097
1490585.24.36.1
 
 
Gitlab Hook Plugin build_now Endpoint Reflected cross site scripting0.00CVE-2020-2096
1490574.34.34.3
 
 
Redgate SQL Change Automation Plugin config.xml Key credentials storage0.00CVE-2020-2095
1490565.36.34.3
 
 
Health Advisor by CloudBees Plugin Permission Check improper authorization0.00CVE-2020-2094
1490556.54.38.8
 
 
Health Advisor by CloudBees Plugin cross-site request forgery0.00CVE-2020-2093
1490547.56.38.8
 
 
Robot Framework Plugin XML Parser xml external entity reference0.07CVE-2020-2092
1490537.26.38.1
 
 
Amazon EC2 Plugin Permission Check improper authorization0.05CVE-2020-2091
1490526.54.38.8
 
 
Amazon EC2 Plugin cross-site request forgery0.00CVE-2020-2090
1490516.25.07.5
 
 
Apache Beam MongoDB Connector Certificate Verification certificate validation0.00CVE-2020-1929
1490505.44.36.5
 
 
Juniper Junos Space file inclusion0.04CVE-2020-1611
1490498.88.88.8
 
 
Juniper Junos JDHCPD stack-based overflow0.07CVE-2020-1609
1490487.57.57.5
 
 
Juniper Junos Subscriber Management denial of service0.00CVE-2020-1608
1490475.94.37.5
 
 
Juniper Junos J-Web cross site scripting0.06CVE-2020-1607
1490465.96.35.4
 
 
Juniper Junos J-Web path traversal0.00CVE-2020-1606
1490458.88.88.8
 
 
Juniper Junos JDHCPD os command injection0.00CVE-2020-1605
1490446.97.36.5
 
 
Juniper Junos IP Firewall Filter access control0.00CVE-2020-1604
1490438.68.68.6
 
 
Juniper Junos Routing Engine denial of service0.08CVE-2020-1603
1490426.76.37.1
 
 
Juniper Junos JDHCPD use after free0.00CVE-2020-1602
1490415.35.35.3
 
 
Juniper Junos pccd denial of service0.00CVE-2020-1601
1490406.56.56.5
 
 
Juniper Junos SNMP resource consumption0.09CVE-2020-1600
1490395.86.35.3
 
 
Microsoft Windows RDP Session Lockscreen authentication bypass0.06CVE-2019-9510
1490386.46.36.5
 
 
AutoMobility Distribution App MyCar Controls hard-coded credentials0.00CVE-2019-9493
1490377.56.38.8
 
 
Bitbucket Server/Data Center Post-Receive Hook permission assignment0.00CVE-2019-20097
1490365.35.35.3
 
 
Serpico input validation0.00CVE-2019-19859
1490353.62.44.8
 
 
Serpico UID Stored cross site scripting0.00CVE-2019-19858
1490346.46.36.5
 
 
Serpico Password Change insufficiently protected credentials0.00CVE-2019-19857
1490333.62.44.8
 
 
Serpico list_user Stored cross site scripting0.00CVE-2019-19856
1490323.62.44.8
 
 
Serpico list_user Stored cross site scripting0.00CVE-2019-19855
1490316.54.38.8
 
 
Serpico cross-site request forgery0.00CVE-2019-19854
1490295.44.36.5
 
 
OSIsoft PI Vision Access Control access control0.07CVE-2019-18275
1490283.62.44.8
 
 
OSIsoft PI Vision cross site scripting0.05CVE-2019-18273
1490276.54.38.8
 
 
OSIsoft PI Vision Administration Site cross-site request forgery0.00CVE-2019-18271
1490264.03.34.7
 
 
OSIsoft PI Vision Log Password log file0.00CVE-2019-18244
1490255.94.37.5
 
 
Adobe Experience Manager Expression Language information disclosure0.07CVE-2019-16469
1490245.94.37.5
 
 
Adobe Experience Manager User Interface information disclosure0.00CVE-2019-16468
1490235.24.36.1
 
 
Adobe Experience Manager Reflected cross site scripting0.00CVE-2019-16467
1490225.24.36.1
 
 
Adobe Experience Manager Reflected cross site scripting0.00CVE-2019-16466
1490216.45.37.5
 
 
ClamAV Antivirus MIME Parser input validation0.00CVE-2019-15961
1490207.56.38.8
 
 
Bitbucket Server/Data Center Edit-File Request permission assignment0.06CVE-2019-15012
1490197.56.38.8
 
 
Bitbucket Server/Data Center Input Field input validation0.05CVE-2019-15010
1490164.74.74.74.7
 
Oracle Secure Global Desktop missing encryption0.05CVE-2019-1547
1490155.24.76.14.7
 
Oracle Secure Global Desktop Web Server cross site scripting0.05CVE-2019-10092
1490145.35.35.35.3
 
Oracle VM VirtualBox information disclosure0.00CVE-2020-2693
1490136.06.06.06.0
 
Oracle VM VirtualBox information disclosure0.00CVE-2020-2727
1490126.16.16.16.1
 
Oracle Secure Global Desktop cross site scripting0.00CVE-2019-17091
1490116.46.46.46.4
 
Oracle VM VirtualBox unknown vulnerability0.00CVE-2020-2678
1490106.56.56.56.5
 
Oracle VM VirtualBox denial of service0.04CVE-2020-2725

Do you know our Splunk app?

Download it now for free!