CVSSv3 04/29/2020info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1546256.23.58.9
 
 
PEGA Platform Comment Tag Stored cross site scripting0.03CVE-2020-8775
1546246.54.38.8
 
 
PEGA Platform ActionStringID Reflected cross site scripting0.02CVE-2020-8774
1546236.23.58.9
 
 
PEGA Platform Text Editor Stored cross site scripting0.06CVE-2020-8773
1546225.34.36.4
 
 
Handy Groupware ActiveX Control HShell.dll ShellExec os command injection0.04CVE-2020-7804
1546216.25.07.5
 
 
Oracle VM VirtualBox privileges management0.02CVE-2020-2575
1546207.56.38.8
 
 
TeamPass users.queries.php path traversal0.07CVE-2020-12479
1546196.45.37.5
 
 
TeamPass injection0.02CVE-2020-12478
1546187.47.37.5
 
 
TeamPass REST API getIp information disclosure0.08CVE-2020-12477
1546175.94.77.2
 
 
MonoX ffmpeg.exe privileges management0.02CVE-2020-12473
1546164.43.55.4
 
 
MonoX Stored cross site scripting0.02CVE-2020-12472
1546158.57.39.8
 
 
MonoX HTML5Upload.ashx deserialization0.07CVE-2020-12471
1546146.76.37.2
 
 
MonoX ASPX Template file access0.00CVE-2020-12470
1546136.46.36.5
 
 
Subrion CMS blocks.php deserialization0.04CVE-2020-12469
1546126.55.37.8
 
 
Subrion CMS injection0.04CVE-2020-12468
1546116.97.36.5
 
 
Subrion CMS session fixiation0.04CVE-2020-12467
1546106.55.37.8
 
 
Linux Kernel dma.c mt76_add_fragment out-of-bounds write0.00CVE-2020-12465
1546096.55.37.8
 
 
Linux Kernel message.c usb_sg_cancel use after free0.00CVE-2020-12464
1546085.24.36.1
 
 
ninja-forms Plugin cross-site request forgery0.07CVE-2020-12462
1546077.56.38.8
 
 
php-fusion maincore.php sql injection0.02CVE-2020-12461
1546064.43.35.5
 
 
Grafana grafana.ini information disclosure0.09CVE-2020-12459
1546054.43.35.5
 
 
Grafana grafana Credentials cleartext storage0.05CVE-2020-12458
1546047.87.87.8
 
 
G.SKILL Trident Z Lighting Control ene.sys privileges management0.03CVE-2020-12446
1546036.37.35.3
 
 
GitLab Mirror default permission0.01CVE-2020-12277
1546023.62.44.8
 
 
GitLab Notification Stored cross site scripting0.02CVE-2020-12276
1546016.37.35.3
 
 
GitLab API privileges management0.01CVE-2020-12275
1546007.56.38.8
 
 
Gigamon GigaVUE File Upload unrestricted upload0.00CVE-2020-12252
1545996.35.07.7
 
 
Gigamon GigaVUE Upload path traversal0.07CVE-2020-12251
1545987.56.38.8
 
 
Beeline Smart Box Advanced Settings os command injection0.00CVE-2020-12246
1545977.56.38.8
 
 
Open-AudIT File Upload unrestricted upload0.08CVE-2020-11943
1545968.57.39.8
 
 
Open-AudIT sql injection0.00CVE-2020-11942
1545956.15.37.0
 
 
Linux Kernel uaccess.c enable_sacf_uaccess race condition0.01CVE-2020-11884
1545947.05.38.8
 
 
Cerner Medico buffer overflow0.03CVE-2020-11677
1545937.05.38.8
 
 
Cerner Medico buffer overflow0.00CVE-2020-11676
1545927.05.38.8
 
 
Cerner Medico buffer overflow0.00CVE-2020-11675
1545916.54.38.8
 
 
Cerner Medico input validation0.02CVE-2020-11674
1545906.55.37.8
 
 
ESET Antivirus/Antispyware Module Module privileges management0.02CVE-2020-11446
1545895.55.06.1
 
 
Moonlight channel accessible0.00CVE-2020-11024
1545885.84.76.9
 
 
jQuery html cross site scripting0.25CVE-2020-11023
1545875.84.76.9
 
 
jQuery html cross site scripting0.07CVE-2020-11022
1545864.93.56.3
 
 
Actions http-client information disclosure0.02CVE-2020-11021

Do you know our Splunk app?

Download it now for free!