CVSSv3 03/04/2020info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1508878.57.39.8
 
 
UNCTAD ASYCUDA World Java RMI Server inadequate encryption0.06CVE-2020-9761
1508866.45.37.5
 
 
Craft CMS Seomatic injection0.05CVE-2020-9757
1508858.06.39.8
 
 
Rubetek SmartHome Beacon Sniffing cleartext transmission0.08CVE-2020-9550
1508848.57.39.8
 
 
Humax HGA12R-02 BRGCAA Web-based Interface improper authentication0.09CVE-2020-9477
1508836.45.37.5
 
 
Arris TG1692A Login Page login Credentials insufficiently protected credentials0.07CVE-2020-9476
1508826.55.37.8
 
 
Appointment Booking Calendar Plugin injection0.04CVE-2020-9372
1508814.13.44.8
 
 
Appointment Booking Calendar Plugin cpabc_appointments.php Stored cross site scripting0.04CVE-2020-9371
1508805.35.35.3
 
 
Creative Contact Form Extension mailer.php path traversal0.05CVE-2020-9364
1508798.57.39.8
 
 
ZyXEL NAS weblogin.cgi os command injection0.00CVE-2020-9054
1508788.57.39.8
 
 
CNCF Envoy Access Control authorization0.00CVE-2020-8664
1508776.45.37.5
 
 
CNCF Envoy Pipeline resource consumption0.00CVE-2020-8661
1508768.57.39.8
 
 
CNCF Envoy TLS Inspector insufficient verification of data authenticity0.00CVE-2020-8660
1508756.45.37.5
 
 
CNCF Envoy Proxy resource consumption0.05CVE-2020-8659
1508746.54.38.8
 
 
phpipam result.php cross-site request forgery0.00CVE-2020-7988
1508736.45.37.5
 
 
HPE OneView Global Dashboard information disclosure0.00CVE-2020-7130
1508725.33.07.7
 
 
parser-server Regex improper authorization0.00CVE-2020-5251
1508715.35.35.3
 
 
Cisco Prime Collaboration Provisioning Web-based Management Interface information disclosure0.00CVE-2020-3193
1508705.75.36.1
 
 
Cisco Prime Collaboration Provisioning Web-based Management Interface cross site scripting0.00CVE-2020-3192
1508695.55.35.8
 
 
Cisco IOS XR IPsec Packet Processor resource consumption0.04CVE-2020-3190
1508684.54.34.8
 
 
Cisco TelePresence Management Suite Web-based Management Interface cross site scripting0.00CVE-2020-3185
1508674.34.34.3
 
 
Cisco Webex Meetings Client mDNS information disclosure0.05CVE-2020-3182
1508665.95.36.5
 
 
Cisco Email Security Appliance Advanced Malware Protection resource consumption0.08CVE-2020-3181
1508657.37.86.7
 
 
Cisco Remote PHY Device Software Linux Shell command injection0.00CVE-2020-3176
1508645.35.35.3
 
 
Cisco Email Security Appliance Web-based Management Interface input validation0.00CVE-2020-3164
1508635.45.45.4
 
 
Cisco Identity Services Engine Web-based Management Interface cross site scripting0.07CVE-2020-3157
1508626.55.67.4
 
 
Cisco Intelligent Proximity SSL certificate validation0.05CVE-2020-3155
1508617.78.27.1
 
 
Coscp Prime Network Registrar Web-based Interface cross-site request forgery0.00CVE-2020-3148
1508607.06.37.8
 
 
Cisco WebEx Network Recording Player/Webex Player input validation0.00CVE-2020-3128
1508597.06.37.8
 
 
Cisco WebEx Network Recording Player/Webex Player input validation0.00CVE-2020-3127
1508486.54.38.8
 
 
GeniXCMS Incomplete Fix cross-site request forgery0.03CVE-2020-10057
1508475.45.35.5
 
 
GNU C Library Double Function e_rem_pio2l.c memory corruption0.05CVE-2020-10029
1508467.47.37.5
 
 
D-Link DSL-2680 Web Administration Interface WlanMacFilter_1 improper authentication0.00CVE-2019-19226
1508457.47.37.5
 
 
D-Link DSL-2680 Web Administration Interface dns_1 improper authentication0.00CVE-2019-19225
1508446.45.37.5
 
 
D-Link DSL-2680 Web Administration Interface Config improper authentication0.04CVE-2019-19224
1508436.45.37.5
 
 
D-Link DSL-2680 Web Administration Interface reboot.html cross site scripting0.00CVE-2019-19223
1508424.43.55.4
 
 
D-Link DSL-2680 Web Administration Interface info.html Stored cross site scripting0.00CVE-2019-19222
1508416.45.37.5
 
 
Centreon refreshMacroAjax.php information disclosure0.00CVE-2019-17644
1508406.45.37.5
 
 
Centreon GetXMLHost4Services.php information disclosure0.00CVE-2019-17643
1508397.47.37.5
 
 
360 Router P0/Router F5C uri ofrouter App improper authentication0.00CVE-2019-3404
1508377.56.38.8
 
 
OpenBlocks IoT VX2 improper authentication0.05CVE-2020-5536
1508368.88.88.8
 
 
OpenBlocks IoT VX2 os command injection0.00CVE-2020-5535

Interested in the pricing of exploits?

See the underground prices here!