CVSSv3 03/10/2020info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1513936.75.58.0
 
 
Microsoft Dynamics NAV/Dynamics 365 Business Central code injection0.00CVE-2020-0905
1512995.75.36.1
 
 
WSC Plugin cross site scripting0.06CVE-2020-9440
1512987.47.37.5
 
 
Metasys Extended Application XML Data xml external entity reference0.03CVE-2020-9044
1512975.24.36.1
 
 
Siemens Spectrum Power cross site scriting0.04CVE-2020-7579
1512964.74.74.7
 
 
SAP Fiori Launchpad Reflected cross site scriting0.03CVE-2020-6210
1512956.76.37.2
 
 
SAP Disclosure Management privileges management0.04CVE-2020-6209
1512946.25.07.5
 
 
SAP Business Intelligence Platform code injection0.02CVE-2020-6208
1512939.18.310.0
 
 
SAP Solution Manager privileges management0.02CVE-2020-6207
1512924.74.74.7
 
 
SAP Cloud Platform Error Message Reflected cross site scriting0.02CVE-2020-6206
1512915.44.76.1
 
 
SAP NetWeaver AS ABAP Reflected cross site scriting0.00CVE-2020-6205
1512905.36.34.3
 
 
SAP Treasury/Risk Management privileges management0.00CVE-2020-6204
1512897.86.69.1
 
 
SAP NetWeaver UDDI Server File API path traversal0.06CVE-2020-6203
1512885.55.55.5
 
 
SAP NetWeaver Application Server LDAP unknown vulnerability0.02CVE-2020-6202
1512875.44.76.1
 
 
SAP Commerce Reflected cross site scriting0.07CVE-2020-6201
1512864.74.15.4
 
 
SAP Commerce AngularJS Template cross site scriting0.02CVE-2020-6200
1512855.96.35.4
 
 
SAP ERP/EAPPGLO/S-4HANA/S4CORE View privileges management0.02CVE-2020-6199
1512848.57.39.8
 
 
SAP Solution Manager Diagnostics Agent missing encryption0.02CVE-2020-6198
1512833.53.33.8
 
 
SAP Enable Now Session Token information disclosure0.02CVE-2020-6197
1512826.45.37.5
 
 
SAP BusinessObjects Mobile denial of service0.00CVE-2020-6196
1512814.84.35.4
 
 
SAP Enable Now Session ID Cookie information disclosure0.02CVE-2020-6178
1512806.65.57.7
 
 
dojox jqMix Prototype code injection0.05CVE-2020-5259
1512796.65.57.7
 
 
Dojo deepCopy Prototype code injection0.03CVE-2020-5258
1512786.55.37.8
 
 
NetHack hilite_status memory corruption0.00CVE-2020-5254
1512776.55.37.8
 
 
NetHack Configuration File privileges management0.05CVE-2020-5253
1512764.74.15.4
 
 
IBM InfoSphere Information Server Web UI cross site scripting0.02CVE-2020-4162
1512754.43.55.4
 
 
Ramp AltitudeCDN Altimeter ipmapping.jsp Stored cross site scripting0.02CVE-2020-10372
1512748.58.19.0
 
 
SK Hynix/Micron/Samsung DDR4/LPDDR4 Rowhammer Target Row Refresh/TRRespass input validation0.04CVE-2020-10255
1512734.43.35.5
 
 
Google Android ActivityManagerService.java getProcessPss information disclosure0.02CVE-2020-0087
1512726.55.37.8
 
 
Google Android Permission Check PanService.java setBluetoothTethering authorization0.02CVE-2020-0085
1512716.55.37.8
 
 
Google Android Permission Check NotificationManagerService.java authorization0.03CVE-2020-0084
1512706.45.37.5
 
 
Google Android sta_network.cpp setRequirePmfInternal denial of service0.03CVE-2020-0083
1512696.55.37.8
 
 
Google Android MediaTek Command Queue Driver out-of-bounds write0.02CVE-2020-0069
1512685.85.36.4
 
 
Google Android netlink Driver out-of-bounds write0.03CVE-2020-0066
1512676.35.37.3
 
 
Google Android Surfaceflinger privileges management0.00CVE-2020-0063
1512666.45.37.5
 
 
Google Android Euicc information disclosure0.02CVE-2020-0062
1512654.43.35.5
 
 
Google Android Pixel Recorder authorization0.02CVE-2020-0061
1512644.95.34.4
 
 
Google Android SmsProvider.java query sql injection0.02CVE-2020-0060
1512634.43.35.5
 
 
Google Android btm_ble_batchscan.cc btm_ble_batchscan_filter_track_adv_vse_cback out-of-bounds read0.03CVE-2020-0059
1512623.83.34.4
 
 
Google Android l2c_main.cc l2c_rcv_acl_data out-of-bounds read0.00CVE-2020-0058
1512614.43.35.5
 
 
Google Android btm_inq.cc btm_process_inq_results out-of-bounds read0.00CVE-2020-0057

Do you know our Splunk app?

Download it now for free!