CVSSv3 06/16/2020info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1568295.24.36.1
 
 
Micro Focus ArcSight Enterprise Security Manager cross site scripting0.00CVE-2020-9522
1568288.57.39.8
 
 
Netflix Conductor Java Bean Validation injection0.00CVE-2020-9296
1568276.45.37.5
 
 
Fortinet FortiManager CLI hard-coded credentials0.00CVE-2020-9289
1568266.46.36.5
 
 
OX App Suite server-side request forgery0.00CVE-2020-8544
1568257.57.57.5
 
 
OX App Suite resource consumption0.00CVE-2020-8543
1568244.74.15.4
 
 
OX App Suite cross site scripting0.00CVE-2020-8542
1568236.46.36.5
 
 
OX App Suite xml external entity reference0.00CVE-2020-8541
1568226.45.37.5
 
 
Schneider Electric Easergy T300 cleartext storage0.00CVE-2020-7513
1568219.89.89.8
 
 
Schneider Electric Easergy T300 Remote Code Execution0.04CVE-2020-7512
1568205.63.77.5
 
 
Schneider Electric Easergy T300 risky encryption0.00CVE-2020-7511
1568196.45.37.5
 
 
Schneider Electric Easergy T300 Private Key information disclosure0.00CVE-2020-7510
1568185.94.77.2
 
 
Schneider Electric Easergy T300 privileges management0.04CVE-2020-7509
1568176.73.79.8
 
 
Schneider Electric Easergy T300 Brute Force excessive authentication0.00CVE-2020-7508
1568166.45.37.5
 
 
Schneider Electric Easergy T300 Login resource consumption0.00CVE-2020-7507
1568156.45.37.5
 
 
Schneider Electric Easergy T300 file information disclosure0.00CVE-2020-7506
1568145.94.77.2
 
 
Schneider Electric Easergy T300 Integrity Check code download0.00CVE-2020-7505
1568135.35.35.3
 
 
Schneider Electric Easergy T300 input validation0.04CVE-2020-7504
1568126.54.38.8
 
 
Schneider Electric Easergy T300 cross-site request forgery0.00CVE-2020-7503
1568116.45.37.5
 
 
Schneider Electric Modicon M218 Logic Controller out-of-bounds write0.06CVE-2020-7502
1568107.56.38.8
 
 
Schneider Electric Vijeo Designer Basic/Vijeo Designer hard-coded credentials0.07CVE-2020-7501
1568098.57.39.8
 
 
Schneider Electric U.motion Server/Touch Panel sql injection0.00CVE-2020-7500
1568086.46.36.5
 
 
Schneider Electric U.motion Server/Touch Panel Access Control access control0.00CVE-2020-7499
1568078.57.39.8
 
 
Schneider Electric Modicon PLC Unity Loader/OS Loader hard-coded credentials0.00CVE-2020-7498
1568068.57.39.8
 
 
Schneider Electric EcoStruxure Operator Terminal Expert path traversal0.00CVE-2020-7497
1568056.55.37.8
 
 
Schneider Electric EcoStruxure Operator Terminal Expert argument injection0.00CVE-2020-7496
1568045.45.35.5
 
 
Schneider Electric EcoStruxure Operator Terminal Expert path traversal0.06CVE-2020-7495
1568036.55.37.8
 
 
Schneider Electric EcoStruxure Operator Terminal Expert path traversal0.08CVE-2020-7494
1568027.57.37.8
 
 
Schneider Electric EcoStruxure Operator Terminal Expert sql injection0.00CVE-2020-7493
1568015.44.36.5
 
 
Proface GP-Pro EX Password weak password0.06CVE-2020-7492
1568005.15.05.3
 
 
IBM MQ Appliance/IBM MQ AMQP Channels Certificate privileges management0.00CVE-2020-4320
1567994.83.75.9
 
 
IBM MQ/MQ Appliance Data Conversion denial of service0.07CVE-2020-4310
1567986.35.37.3
 
 
Sanitize Gem cross site scripting0.07CVE-2020-4054
1567974.24.63.7
 
 
Helm Plugin Installation path traversal0.00CVE-2020-4053
1567965.34.36.3
 
 
Wiki.js Stored cross site scripting0.07CVE-2020-4052
1567956.97.36.5
 
 
Zammad Domain Based Assignment authorization0.00CVE-2020-14214
1567945.96.35.4
 
 
Zammad Ticket authorization0.00CVE-2020-14213
1567937.56.38.8
 
 
FFmpeg aviobuf.c avio_get_str out-of-bounds write0.04CVE-2020-14212
1567925.24.36.1
 
 
MONITORAPP AIWAF-VE/AIWAF-4000 Reflected cross site scripting0.03CVE-2020-14210
1567915.95.46.5
 
 
Trezor One/Model T Bitcoin signature verification0.00CVE-2020-14199
1567908.18.18.1
 
 
FasterXML jackson-databind org.jsecurity.realm.jndi.JndiRealmFactory Serialized deserialization0.00CVE-2020-14195
1567895.74.57.0
 
 
Pulse Secure Client PulseSecureService.exe toctou0.06CVE-2020-13162
1567885.35.35.3
 
 
Beckhoff TwinCAT RT Network Driver Memory information disclosure0.00CVE-2020-12494
1567874.34.34.3
 
 
Micro Focus ArcSight Management Center information disclosure0.00CVE-2020-11841
1567864.34.34.3
 
 
Micro Focus ArcSight Management Center information disclosure0.00CVE-2020-11840
1567854.43.55.4
 
 
Micro Focus ArcSight Management Center cross site scripting0.00CVE-2020-11838
1567844.22.46.1
 
 
Alias Robotics RVD KUKA Controller routine0.00CVE-2020-10268
1567838.57.39.8
 
 
Google Android crus_sp_shared_ioctl memory corruption0.00CVE-2020-0235
1567826.55.37.8
 
 
Google Android msm-cirrus-playback.c crus_afe_get_param out-of-bounds write0.00CVE-2020-0234
1567819.89.89.8
 
 
Google Android abc_pcie_issue_dma_xfer_sync use after free0.06CVE-2020-0232
1567809.38.89.8
 
 
Google Android Kernel privileges management0.07CVE-2020-0223

Do you know our Splunk app?

Download it now for free!