CVSSv3 06/03/2020info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCVE
1561106.76.37.2
 
 
ClearPass Policy Manager Web UI Administrative Interface Command privilege escalationCVE-2020-7117
1561096.76.37.2
 
 
ClearPass Policy Manager Web UI Administrative Interface Command privilege escalationCVE-2020-7116
1561088.57.39.8
 
 
ClearPass Policy Manager Web Interface weak authenticationCVE-2020-7115
1561074.43.55.4
 
 
Kibana TSVB Visualization Stored cross site scriptingCVE-2020-7015
1561067.56.38.8
 
 
Elasticsearch Incomplete Fix CVE-2020-7009 privilege escalationCVE-2020-7014
1561057.56.38.8
 
 
Kibana TSVB Prototype privilege escalationCVE-2020-7013
1561047.56.38.8
 
 
Kibana Upgrade Assistant Code privilege escalationCVE-2020-7012
1561035.24.36.1
 
 
Elastic App Search Reference UI cross site scriptingCVE-2020-7011
1561025.63.77.5
 
 
Elastic Cloud on Kubernetes Random Number Generator weak authenticationCVE-2020-7010
1561015.36.34.3
 
 
Google Chrome Notification privilege escalationCVE-2020-6504
1561004.34.36.5
 
 
Google Chrome information disclosureCVE-2020-6503
1560996.36.36.5
 
 
Google Chrome Security UI spoofingCVE-2020-6502
1560986.46.36.5
 
 
Google Chrome Content Security Policy privilege escalationCVE-2020-6501
1560976.46.36.5
 
 
Google Chrome interstitials Address spoofingCVE-2020-6500
1560966.46.36.5
 
 
Google Chrome AppCache privilege escalationCVE-2020-6499
1560956.46.36.5
 
 
Google Chrome User Interface Domain spoofingCVE-2020-6498
1560946.36.36.5
 
 
Google Chrome Omnibox Domain spoofingCVE-2020-6497
1560937.56.38.8
 
 
Google Chrome Payments Use-After-Free memory corruptionCVE-2020-6496
1560925.75.06.5
 
 
Google Chrome Developer Tools Sandbox privilege escalationCVE-2020-6495
1560916.46.36.5
 
 
Google Chrome Security UI Address spoofingCVE-2020-6494
1560907.96.39.6
 
 
Google Chrome Use-After-Free memory corruptionCVE-2020-6493
1560897.56.38.8
 
 
Google Chrome v8 Heap-based memory corruptionCVE-2020-6453
1560887.56.38.8
 
 
Google Chrome v8 Out-of-Bounds memory corruptionCVE-2020-6419
1560874.65.14.0
 
 
OctoberCMS ImportExportController CSV Injection privilege escalationCVE-2020-5299
1560863.73.44.0
 
 
OctoberCMS ImportExportController Reflected cross site scriptingCVE-2020-5298
1560855.06.53.4
 
 
OctoberCMS Permission File Upload privilege escalationCVE-2020-5297
1560845.14.16.2
 
 
OctoberCMS Permission denial of serviceCVE-2020-5296
1560834.44.14.8
 
 
OctoberCMS Permission information disclosureCVE-2020-5295
1560825.44.36.5
 
 
IBM Security Guardium Solr Dashboard denial of serviceCVE-2020-4307
1560814.52.36.7
 
 
IBM Security Guardium Default Key weak encryptionCVE-2020-4190
1560805.35.35.3
 
 
IBM Security Guardium Login Page information disclosureCVE-2020-4187
1560795.44.76.1
 
 
IBM Security Guardium Web UI cross site scriptingCVE-2020-4182
1560788.88.88.8
 
 
IBM Security Guardium Command privilege escalationCVE-2020-4180
1560778.57.39.8
 
 
IBM Security Guardium Default Key weak encryptionCVE-2020-4177
1560766.16.35.9
 
 
WatermelonDB databaseadapterdestroyDeletedRecords sql injectionCVE-2020-4035
1560754.83.75.9
 
 
Cisco Identity Services Engine syslog Crash denial of serviceCVE-2020-3353
1560745.96.35.4
 
 
Cisco Prime Infrastructure Web-based Management Interface sql injectionCVE-2020-3339
1560734.43.35.5
 
 
Cisco Application Services Engine Key Store information disclosureCVE-2020-3335
1560726.37.35.3
 
 
Cisco Application Services Engine API privilege escalationCVE-2020-3333
1560713.84.33.3
 
 
Cisco WebEx Network Recording Player/Webex Player ARF File denial of serviceCVE-2020-3322
1560703.84.33.3
 
 
Cisco WebEx Network Recording Player/Webex Player ARF File denial of serviceCVE-2020-3321
1560693.84.33.3
 
 
Cisco WebEx Network Recording Player/Webex Player ARF File denial of serviceCVE-2020-3319
1560684.34.34.3
 
 
Cisco Digital Network Architecture Logging Cleartext information disclosureCVE-2020-3281
1560675.96.35.4
 
 
Cisco Unified Contact Center Express API Subsystem privilege escalationCVE-2020-3267
1560668.57.39.8
 
 
Cisco IOS privilege escalationCVE-2020-3258
1560657.26.38.1
 
 
Cisco IOS IOx Application Environment privilege escalationCVE-2020-3257
1560647.26.38.1
 
 
Cisco IOS IOx Application Environment privilege escalationCVE-2020-3238
1560635.85.36.3
 
 
Cisco ISO IOx Application Environment privilege escalationCVE-2020-3237
1560626.04.37.7
 
 
Cisco IOS/IOS XE SNMP Subsystem denial of serviceCVE-2020-3235
1560617.05.38.8
 
 
Cisco IOS Virtual Console Default Credentials weak authenticationCVE-2020-3234

Do you need the next level of professionalism?

Upgrade your account now!