CVSSv3 03/23/2020info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1520756.36.3
 
 
 
Microsoft Windows Type 1 Font Parser privileges management0.01
1520738.57.39.8
 
 
WeeChat buffer overflow0.05CVE-2020-9760
1520726.45.37.5
 
 
WeeChat null pointer dereference0.01CVE-2020-9759
1520717.37.37.3
 
 
pricing-table-by-supsystic Plugin Permission Check privileges management0.06CVE-2020-9392
1520707.27.86.5
 
 
Parallels Desktop IOCTL array index0.04CVE-2020-8876
1520698.37.88.8
 
 
Parallels Desktop IOCTL array index0.06CVE-2020-8875
1520687.16.77.5
 
 
Parallels integer overflow0.03CVE-2020-8874
1520676.24.28.2
 
 
Parallels Desktop xHCI toctou0.00CVE-2020-8873
1520664.12.36.0
 
 
Parallels Desktop out-of-bounds read0.02CVE-2020-8872
1520657.46.78.2
 
 
Parallels Desktop VGA Virtual Device out-of-bounds write0.05CVE-2020-8871
1520648.57.39.8
 
 
Quest Foglight Evolve hard-coded credentials0.06CVE-2020-8868
1520635.36.34.3
 
 
Horde Groupware Webmail Edition add.php unrestricted upload0.00CVE-2020-8866
1520626.36.36.3
 
 
Horde Groupware Webmail Edition edit.php path traversal0.05CVE-2020-8865
1520617.56.38.8
 
 
D-Link DIR-867/DIR-878/DIR-882 comparison0.05CVE-2020-8864
1520607.56.38.8
 
 
D-Link DIR-867/DIR-878/DIR-882 unknown vulnerability0.06CVE-2020-8863
1520595.35.35.3
 
 
ELOG Electronic Logbook null pointer dereference0.01CVE-2020-8859
1520586.66.86.4
 
 
Zoho ManageEngine AssetExplorer Upgrade improper validation of integrity check value0.01CVE-2020-8838
1520576.76.37.2
 
 
Artica Pandora FMS File Repository unrestricted upload0.00CVE-2020-8511
1520565.35.35.3
 
 
Artica Pandora FMS Chat History information disclosure0.05CVE-2020-8497
1520555.94.77.2
 
 
Artica Pandora FMS File Manager unrestricted upload0.04CVE-2020-7935
1520545.24.36.1
 
 
Schneider Electric Andover Continuum Web Server cross site scripting0.08CVE-2020-7482
1520535.24.36.1
 
 
Schneider Electric Andover Continuum Web Server cross site scripting0.03CVE-2020-7481
1520528.57.39.8
 
 
Schneider Electric Andover Continuum Code Generation code injection0.00CVE-2020-7480
1520516.55.37.8
 
 
IGSS IGSSupdate missing authentication0.00CVE-2020-7479
1520506.45.37.5
 
 
IGSS IGSSupdate path traversal0.01CVE-2020-7478
1520496.45.37.5
 
 
Quantum Ethernet Network module 140NOE771x1 Modbus unusual condition0.00CVE-2020-7477
1520486.55.37.8
 
 
ZigBee Installation Kit untrusted search path0.00CVE-2020-7476
1520478.57.39.8
 
 
Modicon /EcoStruxure Control ExpertUnity Pro/M340/M580 Downstream Component injection0.00CVE-2020-7475
1520466.55.37.8
 
 
ProSoft Configurator DLL uncontrolled search path0.00CVE-2020-7474
1520458.57.39.8
 
 
Rockwell Automation FactoryTalk Services Platform .NET Remoting Endpoint RNADiagnosticsSrv.exe deserialization0.06CVE-2020-6967
1520447.05.88.3
 
 
UPS Companion Software Eval unknown vulnerability0.02CVE-2020-6650
1520437.56.38.8
 
 
Google Chrome Audio use after free0.04CVE-2020-6449
1520427.56.38.8
 
 
Google Chrome Audio use after free0.04CVE-2020-6429
1520417.56.38.8
 
 
Google Chrome Audio use after free0.01CVE-2020-6428
1520407.56.38.8
 
 
Google Chrome Audio use after free0.05CVE-2020-6427
1520396.46.36.5
 
 
Google Chrome v8 memory corruption0.01CVE-2020-6426
1520385.96.35.4
 
 
Google Chrome Policy Enforcement input validation0.01CVE-2020-6425
1520377.56.38.8
 
 
Google Chrome use after free0.05CVE-2020-6424
1520367.56.38.8
 
 
Google Chrome WebGL use after free0.04CVE-2020-6422
1520357.56.38.8
 
 
Google Chrome Same Origin Policy input validation0.02CVE-2020-6420

Interested in the pricing of exploits?

See the underground prices here!