CVSSv3 03/20/2020info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCVE
1519896.45.37.5
 
 
rConfig head.inc.php information disclosureCVE-2020-9425
1519883.84.33.3
 
 
Foxit Studio Photo EPS File information disclosureCVE-2020-8883
1519877.06.37.8
 
 
Foxit Studio Photo PSD File privilege escalationCVE-2020-8882
1519867.06.37.8
 
 
Foxit Studio Photo tif File privilege escalationCVE-2020-8881
1519857.06.37.8
 
 
Foxit Studio Photo tif File privilege escalationCVE-2020-8880
1519843.84.33.3
 
 
Foxit Studio Photo PSD File information disclosureCVE-2020-8879
1519837.06.37.8
 
 
Foxit Studio Photo PSD File privilege escalationCVE-2020-8878
1519823.84.33.3
 
 
Foxit Studio Photo PSD File information disclosureCVE-2020-8877
1519815.44.26.7
 
 
Nextcloud Desktop Client Code Injection privilege escalationCVE-2020-8140
1519805.44.36.5
 
 
Nextcloud Server Access Control download information disclosureCVE-2020-8139
1519796.46.36.5
 
 
Nextcloud Server IPv6 Server-Side Request ForgeryCVE-2020-8138
1519788.57.39.8
 
 
Blamer Code Injection privilege escalationCVE-2020-8137
1519773.53.57.5
 
 
fastify-multipart Crash denial of serviceCVE-2020-8136
1519765.55.59.8
 
 
uppy Package Server-Side Request ForgeryCVE-2020-8135
1519757.26.38.1
 
 
Ghost CMS Server-Side Request ForgeryCVE-2020-8134
1519748.57.39.8
 
 
Liferay Portal JSONWS Deserialization privilege escalationCVE-2020-7961
1519734.04.13.9
 
 
Huawei HEGE-560 Integrity Check privilege escalationCVE-2020-1879
1519725.45.35.5
 
 
Huawei Smartphone OxfordS-AN00A weak authenticationCVE-2020-1878
1519715.93.78.1
 
 
Huawei Secospace AntiDDoS8000 information disclosureCVE-2020-1864
1519704.35.33.3
 
 
Huawei CampusInsight/ManageOne Double-Free memory corruptionCVE-2020-1862
1519695.34.16.6
 
 
Huawei Mate 20/Mate 30 Pro Authorization privilege escalationCVE-2020-1796
1519683.44.32.4
 
 
Huawei Mate 20/Mate 30 Pro Digital Balance privilege escalationCVE-2020-1795
1519674.44.34.6
 
 
Huawei Mate 20/Mate 30 Pro weak authenticationCVE-2020-1794
1519664.44.34.6
 
 
Huawei Mate 20/Mate 30 Pro Applock weak authenticationCVE-2020-1793
1519655.74.57.0
 
 
Openshift MediaWiki privilege escalationCVE-2020-1709
1519645.74.57.0
 
 
Openshift postgresql-apb privilege escalationCVE-2020-1707
1519634.03.54.6
 
 
pki-core Token Processing Service Stored cross site scriptingCVE-2020-1696
1519628.57.39.8
 
 
svglib Package svg2rlg XML External EntityCVE-2020-10799
1519617.47.37.5
 
 
openITCOCKPIT DEVELOPMENT privilege escalationCVE-2020-10792
1519606.55.37.8
 
 
Insulet Omnipod ZXP425/Omnipod ZXR425 RF Communication weak authenticationCVE-2020-10597
1519595.44.36.5
 
 
Tesla Model 3 Driving Interface denial of serviceCVE-2020-10558
1519585.44.36.5
 
 
Synacor Zimbra zm-mailbox AutoCompleteGal.java information disclosureCVE-2020-10194
1519575.74.57.0
 
 
Openshift mediawiki-apb privilege escalationCVE-2019-19345
1519567.57.57.5
 
 
Xmidt cjwt Incorrect Control FlowCVE-2019-19324
1519558.57.39.8
 
 
Tellabs Optical Line Terminal Telnet/SSH Command privilege escalationCVE-2019-19148
1519536.16.16.1
 
 
Squid Web Proxy cachemgr.cgi privilege escalationCVE-2019-18860
1519528.57.39.8
 
 
Rock RMS vCard Access Control REST privilege escalationCVE-2019-18641
1519503.53.57.5
 
 
AbuseFilter Extension SpecialAbuseLog.php information disclosureCVE-2019-16528
1519496.86.86.8
 
 
homee Brain Cube UART Interface privilege escalationCVE-2019-16258
1519485.94.77.2
 
 
Rivet Killer Control Center KfeCo10X64.sys memory corruptionCVE-2019-15665
1519473.74.72.7
 
 
Rivet Killer Control Center KfeCo10X64.sys memory corruptionCVE-2019-15664
1519463.74.72.7
 
 
Rivet Killer Control Center KfeCo10X64.sys memory corruptionCVE-2019-15663
1519452.72.72.7
 
 
Rivet Killer Control Center KfeCo10X64.sys information disclosureCVE-2019-15662
1519445.94.77.2
 
 
Rivet Killer Control Center KfeCo10X64.sys memory corruptionCVE-2019-15661
1519439.89.89.8
 
 
LINBIT csync2 SSL daemon.c csync_daemon_session unknown vulnerabilityCVE-2019-15522
1519425.55.57.5
 
 
iNextrix ASTPP config.php weak encryptionCVE-2019-15075
1519415.15.05.3
 
 
GnuPG SHA1 weak authenticationCVE-2019-14855
1519405.75.36.1
 
 
Simple Link Directory Plugin qcopd-shortcode-generator.php get_the_title() cross site scriptingCVE-2019-13463
1519395.24.36.1
 
 
RainLoop Webmail XSS Protection Mechanism cross site scriptingCVE-2019-13389
1519375.55.59.8
 
 
WP Live Chat Support REST API privilege escalationCVE-2019-12498

Do you know our Splunk app?

Download it now for free!