CVSSv3 02/24/2020info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1505146.46.36.5
 
 
Google Chrome v8 type confusion0.00CVE-2020-6418
1504875.45.45.4
 
 
Widgets Extension permission assignment0.00CVE-2020-9382
1504867.47.37.5
 
 
Total.js CMS POST Request admin.js exposure of resource0.00CVE-2020-9381
1504858.57.39.8
 
 
TP-LINK TL-WR849N Traceroute os command injection0.06CVE-2020-9374
1504846.45.37.5
 
 
sympa Parameter resource consumption0.00CVE-2020-9369
1504838.57.39.8
 
 
GNU screen Escape buffer overflow0.08CVE-2020-9366
1504827.47.37.5
 
 
Pure-FTPd utils.c pure_strcmp out-of-bounds read0.00CVE-2020-9365
1504816.55.37.8
 
 
Sophos Endpoint Protection AV Parsing Engine input validation0.00CVE-2020-9363
1504806.55.37.8
 
 
Quick Heal Total Security AV Parsing Engine input validation0.05CVE-2020-9362
1504778.57.39.8
 
 
Yarn path traversal0.00CVE-2020-8131
1504766.85.68.1
 
 
Rake FileList os command injection0.05CVE-2020-8130
1504756.75.57.9
 
 
Dropwizard-Validation Self-validating injection0.00CVE-2020-5245
1504745.73.48.0
 
 
BuddyPress REST API Endpoint access control0.06CVE-2020-5244
1504736.46.36.5
 
 
DNN Permission unrestricted upload0.00CVE-2020-5188
1504727.56.38.8
 
 
DNN path traversal0.07CVE-2020-5187
1504714.74.15.4
 
 
DNN cross site scripting0.06CVE-2020-5186
1504709.89.89.8
 
 
IBM Spectrum Protect Plus HTTP injection0.05CVE-2020-4222
1504699.89.89.8
 
 
IBM Spectrum Protect Plus HTTP injection0.00CVE-2020-4213
1504689.89.89.8
 
 
IBM Spectrum Protect Plus HTTP injection0.00CVE-2020-4212
1504679.89.89.8
 
 
IBM Spectrum Protect Plus HTTP injection0.00CVE-2020-4211
1504669.89.89.8
 
 
IBM Spectrum Protect Plus HTTP injection0.00CVE-2020-4210
1504656.46.36.5
 
 
Kylin REST API sql injection0.05CVE-2020-1937
1504646.17.34.8
 
 
Apache Tomcat Header Parsing request smuggling0.06CVE-2020-1935
1504634.34.34.3
 
 
IBM Maximo Asset Management information disclosure0.00CVE-2019-4745
1504624.84.35.3
 
 
IBM Spectrum Protect Plus information disclosure0.00CVE-2019-4703
1504616.26.36.1
 
 
IBM Sterling B2B Integrator Standard Edition redirect0.00CVE-2019-4595
1504606.34.78.0
 
 
McAfee Web Advisor Web Interface code injection0.00CVE-2019-3670
1504594.64.64.6
 
 
Miele XGW 3000 ZigBee Gateway Change privileges management0.07CVE-2019-20481
1504584.03.54.6
 
 
Miele XGW 3000 ZigBee Gateway Admin Panel cross-site request forgery0.00CVE-2019-20480
1504577.56.38.8
 
 
zsh setuid dropped privileges0.06CVE-2019-20044
1504568.57.39.8
 
 
Pacman sync.c apply_deltas injection0.00CVE-2019-18183
1504558.57.39.8
 
 
Pacman conf.c download_with_xfercommand injection0.09CVE-2019-18182
1504545.25.64.8
 
 
Apache Tomcat Header request smuggling0.00CVE-2019-17569
1504535.24.36.1
 
 
motors-car-dealership-classified-listings Plugin options.php Stored cross site scripting0.00CVE-2019-17229
1504526.97.36.5
 
 
motors-car-dealership-classified-listings Plugin options.php insufficient verification of data authenticity0.00CVE-2019-17228
1504517.56.38.8
 
 
Centreon Web improper authentication0.00CVE-2019-15299
1504505.24.36.1
 
 
Netgear Nighthawk X10-R900 Stored cross site scripting0.05CVE-2019-12513
1504495.24.36.1
 
 
Netgear Nighthawk X10-R900 HTTP Header Stored cross site scripting0.00CVE-2019-12512
1504488.57.39.8
 
 
Netgear Nighthawk X10-R900 SOAP Endpoint os command injection0.00CVE-2019-12511
1504477.76.39.1
 
 
Netgear Nighthawk X10-R900 SOAP API server_sa improper authentication0.08CVE-2019-12510
1504468.57.39.8
 
 
compile-sass index.js setupCleanupOnExit(cssPath) injection0.07CVE-2019-10799
1504456.37.35.3
 
 
rdf-graph-array rdf.Graph.prototype.add privileges management0.00CVE-2019-10798
1504448.57.39.8
 
 
rpi gpio.js GPIO injection0.00CVE-2019-10796
1504438.06.39.8
 
 
Drobo 5N2 improper authentication0.00CVE-2018-14705
1504425.44.36.5
 
 
TOTOLINK A3002RU password.htm Password insecure storage of sensitive information0.05CVE-2018-13313

Do you want to use VulDB in your project?

Use the official API to access entries easily!