CVSSv3 06/24/2020info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1572566.45.37.5
 
 
Apache Traffic Server HTTP2 memory corruption0.05CVE-2020-9494
1572557.47.37.5
 
 
SAS Software go-rpmutils CPIO Extraction path traversal0.04CVE-2020-7667
1572546.75.58.0
 
 
ZTE U31R20 FTP Server privileges management0.09CVE-2020-6870
1572536.14.47.8
 
 
NVIDIA Windows GPU Display Driver Control Panel privileges management0.04CVE-2020-5962
1572524.83.75.9
 
 
IBM Security Secret Server HSTS information disclosure0.04CVE-2020-4413
1572515.35.35.3
 
 
IBM Security Secret Server Installation File information disclosure0.04CVE-2020-4342
1572502.72.72.7
 
 
IBM Security Secret Server Error Message information disclosure0.04CVE-2020-4341
1572492.72.72.7
 
 
IBM Security Secret Server Error Message information disclosure0.04CVE-2020-4327
1572485.44.76.1
 
 
IBM Security Secret Server Web UI cross site scriting0.08CVE-2020-4323
1572475.87.34.3
 
 
IBM Security Secret Server clickjacking0.00CVE-2020-4322
1572462.73.22.2
 
 
django-basic-auth-ip-whitelist String Comparison timing discrepancy0.00CVE-2020-4071
1572458.38.87.8
 
 
VMware ESXi/Fusion/Workstation SVGA Device off-by-one0.00CVE-2020-3969
1572448.58.88.2
 
 
VMware ESXi/Workstation/Fusion SVGA Device use after free0.05CVE-2020-3962
1572437.05.38.8
 
 
Supermicro X10DRH-iT Web Interface config_user.cgi cross-site request forgery0.08CVE-2020-15046
1572423.62.44.8
 
 
php-fusion site_links.php cross site scripting0.00CVE-2020-15041
1572414.43.55.4
 
 
SeedProd coming-soon Plugin cross site scripting0.04CVE-2020-15038
1572404.84.74.9
 
 
Bludit plugin-backup-download path traversal0.06CVE-2020-15026
1572393.32.24.4
 
 
ntp ntpd memory allocation0.03CVE-2020-15025
1572386.97.36.5
 
 
PlaySMS session fixiation0.00CVE-2020-15018
1572375.24.36.1
 
 
GleamTech FileUltimate FileExplorer cross site scripting0.00CVE-2020-15015
1572366.54.38.8
 
 
BlogCMS changepass.php cross-site request forgery0.05CVE-2020-15014
1572355.36.34.3
 
 
GNU Mailman Private Archive Login Page private.py injection0.20CVE-2020-15011
1572348.57.39.8
 
 
id Tech 1 Engine m_misc.c M_LoadDefaults buffer overflow0.00CVE-2020-15007
1572334.43.55.4
 
 
Bludit logo-upload.php Stored cross site scripting0.00CVE-2020-15006
1572326.46.36.5
 
 
MediaWiki Private Wiki img_auth.php information disclosure0.08CVE-2020-15005
1572318.57.39.8
 
 
DrayTek Vigor3900/Vigor2960/Vigor300B out-of-bounds write0.00CVE-2020-14473
1572308.57.39.8
 
 
DrayTek Vigor3900/Vigor2960/Vigor300B execution code injection0.00CVE-2020-14472
1572298.57.39.8
 
 
Xiaomi R3600 Web Interface injection0.00CVE-2020-14095
1572288.57.39.8
 
 
Xiaomi R3600 Web Interface injection0.06CVE-2020-14094
1572275.24.36.1
 
 
Navigate CMS Edit User Page Stored cross site scripting0.00CVE-2020-14018
1572265.02.67.5
 
 
Navigate CMS sessions cleartext storage0.00CVE-2020-14017
1572255.35.35.3
 
 
Navigate CMS Password Reset User password recovery0.00CVE-2020-14016
1572246.45.37.5
 
 
Navigate CMS Password Reset password recovery0.00CVE-2020-14015
1572234.43.55.4
 
 
Navigate CMS navigate.php Reflected cross site scripting0.00CVE-2020-14014
1572224.43.55.4
 
 
Solarwinds Orion Alert cross site scripting0.00CVE-2020-14007
1572214.43.55.4
 
 
Solarwinds Orion Responsible Team cross site scripting0.05CVE-2020-14006
1572207.56.38.8
 
 
Solarwinds Orion Event code injection0.06CVE-2020-14005
1572196.45.37.5
 
 
the acf-to-rest-api Plugin Permalink information disclosure0.00CVE-2020-13700
1572188.57.39.8
 
 
Bitrix24 server-side request forgery0.06CVE-2020-13484
1572175.24.36.1
 
 
Bitrix24 Web Application Firewall cross site scripting0.00CVE-2020-13483
1572167.56.38.8
 
 
ExpressionEngine unrestricted upload0.04CVE-2020-13443
1572154.43.55.4
 
 
BooleBox Secure File Sharing Utility Account.aspx Stored cross site scripting0.08CVE-2020-13248
1572146.04.87.3
 
 
BooleBox Secure File Sharing Utility Export injection0.08CVE-2020-13247
1572134.63.55.7
 
 
Sane Backend null pointer dereference0.00CVE-2020-12866
1572126.75.58.0
 
 
Sane Backend out-of-bounds write0.00CVE-2020-12865
1572114.34.34.3
 
 
Sane Backend uninitialized resource0.04CVE-2020-12864
1572104.34.34.3
 
 
Sane Backend out-of-bounds read0.00CVE-2020-12863
1572094.34.34.3
 
 
Sane Backend out-of-bounds read0.09CVE-2020-12862
1572087.56.38.8
 
 
Sane Backend out-of-bounds write0.05CVE-2020-12861
1572076.45.37.5
 
 
Xiaomi R3600 get_config_result information disclosure0.04CVE-2020-11961

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!