CVSSv3 06/08/2020info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1562928.57.39.8
 
 
Huawei Secospace USG9500 improper authentication0.04CVE-2020-9099
1562916.54.38.8
 
 
Couchbase Server REST API cross-site request forgery0.05CVE-2020-9042
1562906.45.37.5
 
 
Couchbase Server/Couchbase Sync Gateway Slowloris denial of service0.06CVE-2020-9041
1562897.47.37.5
 
 
Couchbase Server Java SDK Hostname Verification certificate validation0.07CVE-2020-9040
1562885.96.35.4
 
 
OpenSearch Web Browser Scheme default permission0.00CVE-2020-8954
1562878.67.49.9
 
 
Nextcloud Talk code injection0.04CVE-2020-8180
1562866.55.67.4
 
 
Node.js Certificate Verification TLS certificate validation0.05CVE-2020-8172
1562854.43.55.4
 
 
angular.js Regex cross site scripting0.07CVE-2020-7676
1562847.56.38.8
 
 
Zoom Client Shared Code Snippet path traversal0.07CVE-2020-6110
1562838.06.39.8
 
 
Zoom Client Message path traversal0.05CVE-2020-6109
1562827.47.37.5
 
 
WhiteSource Application Vulnerability Management Log login injection0.00CVE-2020-5304
1562816.86.37.3
 
 
IBM Maximo Asset Management server-side request forgery0.00CVE-2020-4529
1562806.04.77.4
 
 
Bolt CMS File Upload Stored cross site scripting0.07CVE-2020-4041
1562797.25.88.6
 
 
Bolt CMS cross-site request forgery0.04CVE-2020-4040
1562786.04.77.4
 
 
graphql-playground-html renderPlaygroundPage Reflected cross site scripting0.05CVE-2020-4038
1562773.53.53.5
 
 
OTRS BCC Recipient information disclosure0.04CVE-2020-1775
1562766.25.07.5
 
 
D-Link DSL 2730-U/DIR-600M DNS Resolver privileges management0.00CVE-2020-13960
1562756.55.37.8
 
 
Citrix Workspace App Privileges webio.dll default permission0.00CVE-2020-13885
1562746.55.37.8
 
 
Citrix Workspace App Privileges citrix.exe default permission0.06CVE-2020-13884
1562736.55.37.8
 
 
WinGate Installation default permission0.04CVE-2020-13866
1562724.02.55.5
 
 
ARM Armv8-A Core Speculative Execution information disclosure0.06CVE-2020-13844
1562714.95.34.4
 
 
LinuxTV xawtv v4l-conf.c dev_open permission assignment0.05CVE-2020-13696
1562707.47.37.5
 
 
PHPMailer escape output0.06CVE-2020-13625
1562697.47.37.5
 
 
rejetto HFS Virtual File buffer overflow0.00CVE-2020-13432
1562687.06.37.8
 
 
VideoLAN VLC Media Player H.264 Annex-B Video hxxx_nal.c hxxx_AnnexB_to_xVC out-of-bounds write0.00CVE-2020-13428
1562675.44.46.5
 
 
LibreOffice Form input validation0.09CVE-2020-12803
1562664.84.35.3
 
 
LibreOffice Stealth Mode information disclosure0.02CVE-2020-12802
1562658.57.39.8
 
 
drag-and-drop-multiple-file-upload-contact-form-7 Plugin File Upload unrestricted upload0.06CVE-2020-12800
1562648.57.49.6
 
 
Realtek ADSL PON Modem SoC SDK hard-coded credentials0.04CVE-2020-12773
1562639.39.39.3
 
 
Open Connectivity Foundation UPnP Specification Subscription Request default permission0.07CVE-2020-12695
1562624.43.35.5
 
 
dbus DBusServer denial of service0.04CVE-2020-12049
1562614.75.04.3
 
 
nmcli Command Line Interface improper authentication0.05CVE-2020-10754
1562605.76.84.6
 
 
Huawei Mobile Phone Factory Reset Protection privileges management0.04CVE-2019-19412

Do you want to use VulDB in your project?

Use the official API to access entries easily!