CVSSv3 06/29/2020info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1574666.56.56.5
 
 
NetApp HCI H610S Baseboard Management Controller hard-coded credentials0.00CVE-2020-8573
1574656.55.37.7
 
 
SuSE Linux Enterprise Debuginfo Symlink symlink0.05CVE-2020-8019
1574646.85.97.7
 
 
openSUSE Leap/Tumbleweed symlink0.05CVE-2020-8014
1574634.74.15.4
 
 
IBM Business Automation Workflow Web UI cross site scriting0.09CVE-2020-4557
1574624.83.75.9
 
 
IBM API Connect missing encryption0.00CVE-2020-4452
1574615.33.77.0
 
 
coTURN STUN/TURN initialization0.08CVE-2020-4067
1574605.36.34.3
 
 
OAuth2 Proxy redirect0.07CVE-2020-4037
15745910.010.010.010.0
 
Palo Alto PAN-OS SAML Authentication signature verification0.00CVE-2020-2021
1574584.43.35.5
 
 
Linux Kernel usbtest.c usbtest_disconnect release of resource0.00CVE-2020-15393
1574577.56.38.8
 
 
OpenJPEG opj_decompress.c opj_image_destroy use after free0.04CVE-2020-15389
1574565.55.55.5
 
 
ASRock RGB Driver AsrDrv103.sys unknown vulnerability0.00CVE-2020-15368
1574558.57.39.8
 
 
thingsSDK WiFi Scanner injection0.00CVE-2020-15362
1574547.55.39.8
 
 
ZyXEL CloudCNM SecuManager xmpp_config.py Credentials hard-coded credentials0.09CVE-2020-15324
1574537.55.39.8
 
 
ZyXEL CloudCNM SecuManager hard-coded credentials0.00CVE-2020-15323
1574527.55.39.8
 
 
ZyXEL CloudCNM SecuManager hard-coded credentials0.00CVE-2020-15322
1574517.55.39.8
 
 
ZyXEL CloudCNM SecuManager hard-coded credentials0.00CVE-2020-15321
1574507.55.39.8
 
 
ZyXEL CloudCNM SecuManager hard-coded credentials0.00CVE-2020-15320
1574494.83.75.9
 
 
ZyXEL CloudCNM SecuManager RSA SSH Key mysql hard-coded credentials0.09CVE-2020-15319
1574484.83.75.9
 
 
ZyXEL CloudCNM SecuManager DSA SSH Key mysql hard-coded credentials0.04CVE-2020-15318
1574474.83.75.9
 
 
ZyXEL CloudCNM SecuManager RSA SSH Key axess hard-coded credentials0.00CVE-2020-15317
1574464.83.75.9
 
 
ZyXEL CloudCNM SecuManager ECDSA SSH Key axess hard-coded credentials0.00CVE-2020-15316
1574454.83.75.9
 
 
ZyXEL CloudCNM SecuManager DSA SSH Key axess hard-coded credentials0.05CVE-2020-15315
1574444.83.75.9
 
 
ZyXEL CloudCNM SecuManager RSA SSH Key hard-coded credentials0.04CVE-2020-15314
1574434.83.75.9
 
 
ZyXEL CloudCNM SecuManager ECDSA SSH Key hard-coded credentials0.05CVE-2020-15313
1574424.83.75.9
 
 
ZyXEL CloudCNM SecuManager DSA SSH Key hard-coded credentials0.00CVE-2020-15312
1574418.57.39.8
 
 
Sophos XG Firewall HTTPS Bookmark buffer overflow0.05CVE-2020-15069
1574405.44.36.5
 
 
iBall WRB303N Remote Management cross-site request forgery0.00CVE-2020-15043
1574398.07.38.8
 
 
NeDi pwsec.php os command injection0.00CVE-2020-14414
1574385.24.36.1
 
 
NeDi libmisc.php sanitize cross site scripting0.08CVE-2020-14413
1574378.07.38.8
 
 
NeDi System-Snapshot.php os command injection0.05CVE-2020-14412
1574364.83.75.9
 
 
OpenSSH Algorithm Negotiation information disclosure0.00CVE-2020-14145
1574359.89.89.8
 
 
MK-AUTH auth os command injection0.13CVE-2020-14072
1574345.24.36.1
 
 
MK-AUTH cross site scripting0.07CVE-2020-14071
1574338.57.39.8
 
 
MK-AUTH Web Login executar_login.php hard-coded credentials0.13CVE-2020-14070
1574327.17.36.8
 
 
MK-AUTH arp.php sql injection0.20CVE-2020-14069
1574318.57.39.8
 
 
MK-AUTH Web Login executar_login.php improper authentication0.20CVE-2020-14068
1574304.83.75.9
 
 
PuTTY Algorithm Negotiation information disclosure0.04CVE-2020-14002
1574295.35.35.3
 
 
Maipu MP1800X-50 Web Interface formDeviceVerGet information disclosure0.06CVE-2020-13896
1574285.45.35.5
 
 
Avast/AVG Free Antivirus Hard Link privileges management0.07CVE-2020-13657
1574273.62.44.8
 
 
Form Builder cross site scripting0.00CVE-2020-13423
1574265.24.36.1
 
 
WebForms Pro M2 Extension cross site scripting0.00CVE-2020-12635
1574255.63.77.5
 
 
Phoenix Hemodialysis Delivery System cleartext transmission0.00CVE-2020-12048
1574248.57.39.8
 
 
Baxter Spectrum WBM FTP Service hard-coded password0.00CVE-2020-12047
1574238.57.39.8
 
 
Baxter Spectrum WBM Telnet Service hard-coded password0.00CVE-2020-12045
1574228.57.39.8
 
 
Baxter Spectrum WBM FTP Service operation after expiration0.00CVE-2020-12043
1574218.37.39.4
 
 
Baxter Spectrum WBM Telnet Command-Line Interface permission assignment0.00CVE-2020-12041
1574206.73.79.8
 
 
Baxter SIGMA Spectrum Infusion System cleartext transmission0.08CVE-2020-12040
1574194.66.82.4
 
 
Baxter SIGMA Spectrum Infusion System hard-coded password0.00CVE-2020-12039
1574185.63.77.5
 
 
Baxter PrismaFlex/PrisMax hard-coded password0.00CVE-2020-12037
1574175.63.77.5
 
 
Baxter PrismaFlex/PrisMax cleartext transmission0.00CVE-2020-12036

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!