CVSSv3 02/25/2020info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCVE
1505228.57.39.8
 
 
ISPConfig sql injectionCVE-2020-9398
1505216.54.38.8
 
 
pricing-table-by-supsystic Plugin cross site request forgeryCVE-2020-9394
1505206.55.87.2
 
 
pricing-table-by-supsystic Plugin cross site scriptingCVE-2020-9393
1505195.44.36.5
 
 
MiContact Center Business with Site Based Security SDK information disclosureCVE-2020-9379
1505186.85.68.1
 
 
Gurux GXDLMS Director Code Execution directory traversalCVE-2020-8810
1505175.55.58.1
 
 
Gurux GXDLMS Director Update files.xml Remote Code ExecutionCVE-2020-8809
1505167.87.87.8
 
 
Druva inSync Mac OS Client Python privilege escalationCVE-2019-4000
1505156.85.97.8
 
 
Druva inSync Windows Client OS Command Injection privilege escalationCVE-2019-3999
1505135.45.35.5
 
 
Linux Kernel GNU C Library Heap-based memory corruptionCVE-2020-9391
1505126.25.37.1
 
 
Linux Kernel floppy.c set_fdc memory corruptionCVE-2020-9383
1505114.13.44.8
 
 
10Web Photo Gallery Plugin Stored cross site scriptingCVE-2020-9335
1505104.74.15.4
 
 
Envira Photo Gallery Plugin Stored cross site scriptingCVE-2020-9334
1505095.24.36.1
 
 
WpJobBoard Plugin Add Job Form Persistent cross site scriptingCVE-2020-9019
1505084.84.35.3
 
 
LiteCart cross site request forgeryCVE-2020-9018
1505076.75.58.0
 
 
LiteCart Customer Profile CSV Injection privilege escalationCVE-2020-9017
1505064.74.15.4
 
 
BlackBoard Learn/PeopleTool Profile Editor Stored cross site scriptingCVE-2020-9008
1505058.57.39.8
 
 
OpenSMTPD mta_session.c memory corruptionCVE-2020-8794
1505044.03.34.7
 
 
OpenSMTPD makemap.c information disclosureCVE-2020-8793
1505037.37.37.2
 
 
Moxa AWK-3131A Web Authentication weak authenticationCVE-2019-5165
1505027.56.38.8
 
 
Moxa AWK-3131A iw_webs memory corruptionCVE-2019-5162
1505017.56.38.8
 
 
Moxa AWK-3131A iw_webs Code Execution memory corruptionCVE-2019-5153
1505004.34.37.5
 
 
Moxa AWK-3131A serviceAgent Integer Underflow denial of serviceCVE-2019-5148
1504995.55.58.8
 
 
Moxa AWK-3131A iw_console Code Execution Format StringCVE-2019-5143
1504985.94.77.2
 
 
Moxa AWK-3131A Network Configuration command injectionCVE-2019-5142
1504977.56.38.8
 
 
Moxa AWK-3131A iw_webs Code Injection privilege escalationCVE-2019-5141
1504967.56.38.8
 
 
Moxa AWK-3131A iwwebs Reflected privilege escalationCVE-2019-5140
1504956.25.37.1
 
 
Moxa AWK-3131A Utilities Default Key weak encryptionCVE-2019-5139
1504948.16.39.9
 
 
Moxa AWK-3131A Encrypted Diagnostic Script command injectionCVE-2019-5138
1504936.45.37.5
 
 
Moxa AWK-3131A serviceAgent Default Key weak encryptionCVE-2019-5137
1504928.88.88.8
 
 
Moxa AWK-3131A iw_console privilege escalationCVE-2019-5136
1504915.35.35.3
 
 
IBM QRadar Advisor information disclosureCVE-2019-4672
1504906.45.37.5
 
 
IBM QRadar Advisor Watson weak encryptionCVE-2019-4557
1504893.53.54.8
 
 
Solarwinds Orion Platform Settings Screen HTML Injection cross site scriptingCVE-2019-12863
1504886.45.37.5
 
 
Zint libzint upcean.c denial of serviceCVE-2020-9385
1504797.26.38.1
 
 
CardGate Payments Plugin PIN Callback cardgate.php privilege escalationCVE-2020-8819
1504787.26.38.1
 
 
CardGate Payments Plugin Callback.php privilege escalationCVE-2020-8818

Do you need the next level of professionalism?

Upgrade your account now!