CVSSv3 05/04/2020info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1547393.93.74.2
 
 
Google Earth Pro khcrypt memory corruption0.06CVE-2020-8896
1547385.35.35.3
 
 
OKLOK Mobile Companion App information disclosure0.04CVE-2020-8792
1547376.46.36.5
 
 
OKLOK Mobile Companion App API information disclosure0.04CVE-2020-8791
1547366.73.79.8
 
 
OKLOK Mobile Companion App Password Requirements weak password0.00CVE-2020-8790
1547357.37.37.3
 
 
Dell Client Platform OS Recovery Image misconfiguration0.00CVE-2020-5343
1547345.56.34.6
 
 
RSA Archer redirect0.03CVE-2020-5337
1547334.44.34.6
 
 
RSA Archer cross site scripting0.04CVE-2020-5336
1547325.45.85.0
 
 
RSA Archer cross-site request forgery0.03CVE-2020-5335
1547316.44.78.2
 
 
RSA Archer DOM-Based cross site scripting0.04CVE-2020-5334
1547305.36.34.3
 
 
RSA Archer REST API improper authorization0.06CVE-2020-5333
1547295.94.77.2
 
 
RSA Archer os command injection0.05CVE-2020-5332
1547286.03.38.8
 
 
RSA Archer Cache/Log File information disclosure0.04CVE-2020-5331
1547275.96.35.4
 
 
IBM Spectrum Protect Plus path traversal0.00CVE-2020-4209
1547264.65.04.2
 
 
Soteria access control0.00CVE-2020-1732
1547247.47.37.5
 
 
service-api XML Data xml external entity reference0.00CVE-2020-12642
1547238.57.39.8
 
 
RoundCube Webmail Config Setting rcube_image.php argument injection0.00CVE-2020-12641
1547228.57.39.8
 
 
RoundCube Webmail rcube_plugin_api.php path traversal0.07CVE-2020-12640
1547215.24.36.1
 
 
PHPList template.php cross site scripting0.07CVE-2020-12639
1547205.45.35.5
 
 
TP-LINK Omada Controller Software eap-web-3.2.6.jar path traversal0.04CVE-2020-12475
1547197.56.38.8
 
 
TP-LINK NC260/NC450 os command injection0.04CVE-2020-12111
1547188.57.39.8
 
 
TP-LINK NC200/NC210/NC220/NC230/NC250/NC260/NC450 hard-coded credentials0.07CVE-2020-12110
1547177.56.38.8
 
 
TP-LINK NC200/NC210/NC220/NC230/NC250/NC260/NC450 os command injection0.05CVE-2020-12109
1547167.26.38.1
 
 
TeamPass REST API privileges management0.00CVE-2020-11671
1547156.45.37.5
 
 
OpenVPN Access Server Management Interface xml entity expansion0.04CVE-2020-11462
1547146.75.38.1
 
 
Zoom MSI Installer permission assignment0.04CVE-2020-11443
1547137.47.37.5
 
 
Ruby heap-based overflow0.09CVE-2020-10933
1547126.55.67.5
 
 
OKLOK Mobile Companion App Email Verification excessive authentication0.00CVE-2020-10876
1547113.33.33.3
 
 
QEMU virtiofsd resource consumption0.06CVE-2020-10717
1547104.23.15.3
 
 
Samba AD DC LDAP Server use after free0.07CVE-2020-10700
1547093.12.24.1
 
 
KeyCloak improper authorization0.05CVE-2020-10686
1547086.55.37.8
 
 
LCDS LAquis SCADA input validation0.00CVE-2020-10622
1547074.43.35.5
 
 
LCDS LAquis SCADA information disclosure0.00CVE-2020-10618
1547066.45.37.5
 
 
Doorkeeper authorized_applications.json information disclosure0.00CVE-2020-10187
1547057.47.37.5
 
 
CoSoSys Endpoint Protector Header Injection injection0.00CVE-2019-13285
1547044.43.35.5
 
 
Solarwinds Orion Platform Error information disclosure0.06CVE-2019-12864
1547036.46.36.5
 
 
TensorFlow BMP Decoder decode_bmp_op.cc DecodeBmp out-of-bounds read0.02CVE-2018-21233
1547028.17.88.4
 
 
SuSE Linux Enterprise Server 15 etc default permission0.00CVE-2020-8018
1547018.57.39.8
 
 
Apache Syncope Template injection0.07CVE-2020-1961
1547008.57.39.8
 
 
Apache Syncope Template code injection0.00CVE-2020-1959
1546996.37.35.3
 
 
Juniper Junos HTTP Service file inclusion0.05CVE-2020-1631
1546984.43.55.4
 
 
osTicket SLA Name class.sla.php cross site scripting0.03CVE-2020-12629
1546974.03.34.7
 
 
Linux Kernel Reference Counter namespace.c pivot_root race condition0.04CVE-2020-12114
1546966.45.37.5
 
 
Micro Focus Verastream Host Integrator information disclosure0.06CVE-2020-11842
1546954.43.55.4
 
 
Apache Syncope EndUser UI Login Page cross site scripting0.00CVE-2019-17557
1546946.95.38.6
 
 
Synology Router Manager Network Center crlf injection0.00CVE-2019-11823
1546938.57.39.8
 
 
Calibre-Web improper authentication0.00CVE-2020-12627
1546925.03.56.5
 
 
RoundCube Webmail cross-site request forgery0.04CVE-2020-12626
1546915.24.36.1
 
 
RoundCube Webmail rcube_washtml.php cross site scripting0.00CVE-2020-12625

Do you know our Splunk app?

Download it now for free!