CVSSv3 02/04/2020info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1496975.44.36.5
 
 
Tutor LMS Plugin cross-site request forgery0.00CVE-2020-8615
1496966.45.37.5
 
 
Squid Web Proxy NTLM Authentication ext_lm_group_acl input validation0.06CVE-2020-8517
1496957.37.37.3
 
 
Squid Web Proxy Reverse Proxy memory corruption0.06CVE-2020-8450
1496947.47.37.5
 
 
Squid Web Proxy exposure of resource0.06CVE-2020-8449
1496938.57.39.8
 
 
klona input validation0.00CVE-2020-8125
1496927.47.37.5
 
 
url-parse Security Check input validation0.00CVE-2020-8124
1496913.82.74.9
 
 
strapi Admin Console resource consumption0.00CVE-2020-8123
1496905.36.34.3
 
 
Nextcloud Server Expiration Date access control0.07CVE-2020-8122
1496895.83.58.1
 
 
Nextcloud Server access control0.09CVE-2020-8121
1496885.24.36.1
 
 
Nextcloud Server svg Generation Reflected cross site scripting0.00CVE-2020-8120
1496874.34.34.3
 
 
Nextcloud Server Preview improper authorization0.08CVE-2020-8119
1496866.27.45.0
 
 
Nextcloud Server Calendar Application server-side request forgery0.06CVE-2020-8118
1496854.34.34.3
 
 
Nextcloud Server Permission insufficient permissions or privileges0.00CVE-2020-8117
1496849.89.89.8
 
 
dot-prop Remote Code Execution0.00CVE-2020-8116
1496835.24.36.1
 
 
Revive Adserver afr.php Reflected cross site scripting0.03CVE-2020-8115
1496827.87.87.8
 
 
MariaDB privileges management0.06CVE-2020-7221
1496817.47.37.5
 
 
MiniSNMPD Connection out-of-bounds write0.00CVE-2020-6060
1496807.25.39.1
 
 
MiniSNMPD SNMP Packet out-of-bounds read0.00CVE-2020-6059
1496797.25.39.1
 
 
MiniSNMPD SNMP Packet out-of-bounds read0.00CVE-2020-6058
1496785.85.06.6
 
 
IBM WebSphere Application Server File Name privileges management0.04CVE-2020-4163
1496775.45.35.5
 
 
Python ZIP zipfile.py resource consumption0.06CVE-2019-9674
1496765.44.06.8
 
 
IBM Security Identity Manager hard-coded credentials0.06CVE-2019-4675
1496754.72.76.8
 
 
IBM Security Identity Manager path traversal0.06CVE-2019-4674
1496745.35.35.3
 
 
IBM Security Directory Server URL information disclosure0.06CVE-2019-4562
1496735.35.35.3
 
 
IBM Security Directory Server missing authentication0.00CVE-2019-4551
1496725.35.35.3
 
 
IBM Security Directory Server Debugging information disclosure0.07CVE-2019-4550
1496716.77.36.1
 
 
IBM Security Directory Server clickjacking0.06CVE-2019-4548
1496706.56.56.5
 
 
IBM Security Directory Server Blacklist privileges management0.00CVE-2019-4541
1496694.83.75.9
 
 
IBM Security Directory Server missing encryption0.03CVE-2019-4540
1496684.74.15.4
 
 
IBM Security Identity Manager Web UI cross site scriting0.00CVE-2019-4451
1496674.43.55.4
 
 
PandoraFMS Agent Management/Report Builder/Graph Builder cross site scripting0.06CVE-2019-19968
1496668.57.39.8
 
 
Samsung Mobile Phone Hypervisor EL2 out-of-bounds write0.06CVE-2019-19273
1496655.66.34.9
 
 
Nextcloud Server Group Admin input validation0.00CVE-2019-15624
1496645.35.35.3
 
 
Nextcloud Server Lookup Server information disclosure0.00CVE-2019-15623
1496632.42.42.4
 
 
Nextcloud App Query sql injection0.00CVE-2019-15622
1496626.46.36.5
 
 
Nextcloud Server Share permissions0.00CVE-2019-15621
1496612.72.72.7
 
 
Nextcloud Talk Access Control improper authentication0.00CVE-2019-15620
1496603.62.44.8
 
 
Nextcloud Server cross site scripting0.00CVE-2019-15619
1496593.62.44.8
 
 
NextCloud Updater Reflected cross site scripting0.00CVE-2019-15618
1496585.96.35.4
 
 
Nextcloud Server improper authentication0.06CVE-2019-15617
1496574.34.34.3
 
 
NextCloud DNS crlf injection0.05CVE-2019-15616
1496565.44.16.15.9
 
Nextcloud App Lock Protection access control0.09CVE-2019-15615
1496554.13.55.43.5
 
Nextcloud App cross site scripting0.00CVE-2019-15614
1496548.08.08.0
 
 
Nextcloud Server Workflow Rule input validation0.08CVE-2019-15613
1496535.04.15.9
 
 
Nextcloud Server 2FA Login Expired session fixiation0.00CVE-2019-15612
1496525.65.94.95.9
 
Nextcloud App information disclosure0.00CVE-2019-15611
1496515.36.34.3
 
 
Circles App Email Address improper authorization0.00CVE-2019-15610
1496506.45.37.5
 
 
Squid Web Proxy FTP Server information disclosure0.09CVE-2019-12528
1496498.57.39.8
 
 
im-metadata injection0.06CVE-2019-10788
1496488.57.39.8
 
 
im-resize index.js injection0.00CVE-2019-10787

Might our Artificial Intelligence support you?

Check our Alexa App!