CVSSv3 02/19/2020info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1503776.55.37.8
 
 
Western Digital WesternDigitalSSDDashboardSetup.exe DLL uncontrolled search path0.07CVE-2020-8959
1503764.43.55.4
 
 
Hitron CODA-4582U Managed Device cross site scripting0.06CVE-2020-8824
1503758.57.39.8
 
 
Jyaml load deserialization0.00CVE-2020-8441
1503745.13.76.5
 
 
Puppet Enterprise puppet.conf certificate validation0.06CVE-2020-7942
1503726.45.37.5
 
 
coTURN null pointer dereference0.05CVE-2020-6062
1503718.57.39.8
 
 
coTURN out-of-bounds write0.05CVE-2020-6061
1503706.45.37.5
 
 
VMware vRealize Operations information disclosure0.03CVE-2020-3945
1503697.97.38.6
 
 
VMware vRealize Operations Trust Store improper authentication0.02CVE-2020-3944
1503688.57.39.8
 
 
VMware vRealize Operations JMX RMI Service input validation0.08CVE-2020-3943
1503675.23.76.8
 
 
Cisco Unified Contact Center Enterprise Live Data Server race condition0.03CVE-2020-3163
1503665.35.35.3
 
 
Cisco Meeting Server Extensible Messaging/Presence Protocol input validation0.00CVE-2020-3160
1503655.75.36.1
 
 
Cisco Finesse Web-based Management Interface cross site scripting0.06CVE-2020-3159
1503647.55.39.8
 
 
Cisco Smart Software Manager On-Prem High Availability Service hard-coded credentials0.02CVE-2020-3158
1503635.75.36.1
 
 
Cisco Identity Services Engine Log Stored cross site scripting0.05CVE-2020-3156
1503625.66.34.9
 
 
Cisco Cloud Web Security Web-based Management Interface sql injection0.00CVE-2020-3154
1503615.95.36.5
 
 
Cisco AnyConnect Secure Mobility Client uncontrolled search path0.00CVE-2020-3153
1503606.05.36.7
 
 
Cisco Enterprise NFV Infrastructure Software Signature Validation signature verification0.00CVE-2020-3138
1503595.23.76.8
 
 
Cisco Email Security Appliance Email Message Scanner resource consumption0.05CVE-2020-3132
1503587.05.38.8
 
 
Cisco Data Center Network Manager Web-based Management Interface cross-site request forgery0.02CVE-2020-3114
1503574.54.34.8
 
 
Cisco Data Center Network Manager Web-based Management Interface cross site scripting0.00CVE-2020-3113
1503567.56.38.8
 
 
Cisco Data Center Network Manager REST API Endpoint access control0.00CVE-2020-3112
1503556.24.18.4
 
 
Cisco UCS C-Series Rack Servers Signature Validation credentials management0.00CVE-2019-1950
1503545.73.58.0
 
 
TIBCO EBX Web Server Stored cross site scriting0.05CVE-2019-17333
1503536.54.38.8
 
 
SilverStripe GraphQL cross-site request forgery0.00CVE-2019-12437
1503524.34.34.3
 
 
SilverStripe URL Tools cross-site request forgery0.00CVE-2019-12246
1503516.46.36.5
 
 
WSO2 transport-http Netty response splitting0.00CVE-2019-10797
1503506.05.36.7
 
 
IBM DB2 Command privileges management0.05CVE-2020-4230
1503498.48.48.4
 
 
IBM DB2 memory corruption0.05CVE-2020-4204
1503485.44.36.5
 
 
IBM DB2 Command denial of service0.07CVE-2020-4200
1503475.44.36.5
 
 
IBM DB2 Command denial of service0.08CVE-2020-4161
1503466.45.37.5
 
 
IBM DB2 memory allocation0.00CVE-2020-4135
1503454.24.14.4
 
 
IBM Security Secret Server Update improper authentication0.02CVE-2019-4640
1503444.34.34.3
 
 
IBM Jazz Foundation information disclosure0.04CVE-2019-4457
1503434.74.15.4
 
 
IBM Maximo Asset Management Web UI cross site scriting0.00CVE-2019-4429
1503288.57.39.8
 
 
ruamel.yaml input validation0.04CVE-2019-20478
1503278.57.39.8
 
 
PyYAML load_all deserialization0.03CVE-2019-20477

Do you need the next level of professionalism?

Upgrade your account now!