CVSSv3 02/28/2020info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1507606.67.16.1
 
 
Export Users to CSV Plugin injection0.00CVE-2020-9466
1507598.57.39.8
 
 
EyesOfNetwork eonweb Web Interface sql injection0.08CVE-2020-9465
1507587.56.38.8
 
 
Centreon JSON os command injection0.00CVE-2020-9463
1507574.84.35.4
 
 
Webnus Modern Events Calendar Lite Plugin Stored cross site scripting0.03CVE-2020-9459
1507567.56.38.8
 
 
BlaB! AX/AX Pro/WS/WS Pro random values0.05CVE-2020-9449
1507555.24.36.1
 
 
GwtUpload File Upload cross site scripting0.09CVE-2020-9447
1507546.55.37.8
 
 
OpenVPN Connect win10 permissions0.05CVE-2020-9442
1507536.47.35.5
 
 
Avast Antivirus AV Parsing Engine authorization0.09CVE-2020-9399
1507528.57.39.8
 
 
pdf-image code injection0.06CVE-2020-8132
1507515.24.36.1
 
 
reveal.js cross site scripting0.06CVE-2020-8127
1507506.54.38.8
 
 
Mozilla IoT Gateway Reflected cross site scripting0.08CVE-2020-6804
1507495.96.35.4
 
 
Mozilla IoT Gateway Login Page redirect0.05CVE-2020-6803
1507486.56.56.5
 
 
Puma Gem Header response splitting0.07CVE-2020-5247
1507476.45.37.5
 
 
Huawei NIP6800/Secospace USG6600/Secospace USG9500 resource consumption0.05CVE-2020-1881
1507464.34.24.4
 
 
Huawei NIP6800/Secospace USG6600/Secospace USG9500 uninitialized pointer0.05CVE-2020-1877
1507457.47.37.5
 
 
Huawei NIP6800/Secospace USG6600/Secospace USG9500 out-of-bounds write0.09CVE-2020-1876
1507444.43.35.5
 
 
Huawei NIP6800/Secospace USG6600/Secospace USG9500 uninitialized pointer0.03CVE-2020-1875
1507434.43.35.5
 
 
Huawei NIP6800/Secospace USG6600/Secospace USG9500 uninitialized pointer0.09CVE-2020-1874
1507427.47.37.5
 
 
Huawei NIP6800/Secospace USG6600/Secospace USG9500 out-of-bounds read0.05CVE-2020-1873
1507413.83.34.4
 
 
Huawei CloudEngine 12800 information disclosure0.09CVE-2020-1861
1507406.96.37.5
 
 
Huawei NIP6800/Secospace USG6600/Secospace USG9500 Access Control input validation0.09CVE-2020-1860
1507396.55.37.8
 
 
Huawei PCManager privileges management0.05CVE-2020-1844
1507385.45.35.5
 
 
Huawei Honor V10 Driver out-of-bounds write0.05CVE-2020-1792
1507366.45.37.5
 
 
Avaya Equinox Management path traversal0.03CVE-2019-7007
1507357.15.98.4
 
 
BigFix Self-Service Application injection0.04CVE-2019-4301
1507345.14.55.7
 
 
SuSE Linux Enterprise Server Nagios symlink0.05CVE-2019-3698
1507337.47.37.5
 
 
Pablo Quick 'n Easy Web Server HTTP Service quickweb.exe double free0.06CVE-2019-19943
1507328.57.39.8
 
 
kill-port-process Package command injection0.05CVE-2019-15609
1507317.47.37.5
 
 
valib exposure of resource0.05CVE-2019-10805
1507308.57.39.8
 
 
serial-number exec injection0.06CVE-2019-10804
1507298.57.39.8
 
 
push-dir git Command os command injection0.06CVE-2019-10803
1507288.57.39.8
 
 
giting pull os command injection0.04CVE-2019-10802
1507278.57.39.8
 
 
enpeem exec injection0.05CVE-2019-10801
1507267.47.37.5
 
 
Hostapd EAP Mode random PRNG entropy0.06CVE-2019-10064
1507257.25.88.6
 
 
Qt WebSocket memory allocation0.07CVE-2018-21035

Interested in the pricing of exploits?

See the underground prices here!