CVSSv3 07/17/2020info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1588104.83.16.5
 
 
Huawei Honor V30 improper authentication0.07CVE-2020-9259
1588096.95.08.8
 
 
Huawei P30 Pro buffer overflow0.04CVE-2020-9257
1588074.43.35.5
 
 
Huawei Honor 10 input validation0.00CVE-2020-9255
1588066.45.07.8
 
 
Huawei P30 Pro injection0.00CVE-2020-9254
1588053.34.22.3
 
 
Huawei Mate 20/Mate 20 X/Mate 20 RS/Honor Magic2 path traversal0.06CVE-2020-9252
1588044.43.35.5
 
 
Huawei Smart Phones Moana-AL00B missing initialization of resource0.00CVE-2020-9227
1588033.33.33.3
 
 
Huawei CloudEngine 7800 information disclosure0.06CVE-2020-9102
1588016.55.37.8
 
 
DaviewIndy Daview.exe input validation0.07CVE-2020-7818
1588008.57.39.8
 
 
nagios-plugins-hpilo code injection0.07CVE-2020-7206
1587994.84.35.4
 
 
Teltonika Persistent cross site scripting0.06CVE-2020-5769
1587985.66.34.9
 
 
Icegram Email Subscribers / Newsletters Plugin sql injection0.00CVE-2020-5768
1587975.95.36.5
 
 
Icegram Email Subscribers / Newsletters Plugin cross-site request forgery0.07CVE-2020-5767
1587968.57.39.8
 
 
Grandstream UCM6200 SSH os command injection0.05CVE-2020-5759
1587957.56.38.8
 
 
Grandstream UCM6200 HTTPS API os command injection0.00CVE-2020-5758
1587948.57.39.8
 
 
Grandstream UCM6200 HTTPS API os command injection0.07CVE-2020-5757
1587937.56.38.8
 
 
Grandstream GWN7000 API Remote Privilege Escalation0.00CVE-2020-5756
1587926.55.37.8
 
 
SonicWALL NetExtender input validation0.07CVE-2020-5131
1587916.37.35.3
 
 
SonicOS SSLVPN LDAP Login input validation0.07CVE-2020-5130
1587904.43.55.4
 
 
HCL BigFix WebUI Software Module Stored cross site scripting0.07CVE-2020-4104
1587895.35.35.3
 
 
Juniper Junos Inline IP Assembly denial of service0.07CVE-2020-1655
1587888.57.39.8
 
 
Juniper Junos SRX ICAP Redirect Service buffer overflow0.08CVE-2020-1654
1587877.57.57.5
 
 
Juniper Junos Routing Engine denial of service0.07CVE-2020-1653
1587865.65.65.6
 
 
Juniper Junos Space OpenNMS Remote Code Execution0.05CVE-2020-1652
1587855.44.36.5
 
 
Juniper Junos MX Packet Forwarding Engine data processing0.07CVE-2020-1651
1587846.45.37.5
 
 
Juniper Junos MX MS-PIC denial of service0.07CVE-2020-1650
1587836.45.37.5
 
 
Juniper Junos Inline IP Assembly denial of service0.00CVE-2020-1649
1587826.45.37.5
 
 
Juniper Junos rpd Daemon denial of service0.05CVE-2020-1648
1587818.57.39.8
 
 
Juniper Junos SRX ICAP Redirect Service double free0.04CVE-2020-1647
1587806.45.37.5
 
 
Juniper Junos rpd Daemon denial of service0.00CVE-2020-1646
1587797.05.88.3
 
 
Juniper Junos Multiservices PIC Management Daemon race condition0.05CVE-2020-1645
1587786.45.37.5
 
 
Juniper Junos RPD denial of service0.05CVE-2020-1644
1587774.43.35.5
 
 
Juniper Junos CLI handling of exceptional conditions0.00CVE-2020-1643
1587765.44.36.5
 
 
Juniper Junos LLDP race condition0.00CVE-2020-1641
1587756.45.37.5
 
 
Juniper Junos RPD denial of service0.06CVE-2020-1640
1587747.56.38.8
 
 
Western Digital WD Discovery User Permission injection0.00CVE-2020-15816
1587735.93.78.1
 
 
Graylog SSL Certificate Validator certificate validation0.06CVE-2020-15813
1587725.35.35.3
 
 
Jalios JCMS ajaxPortal.jsp cross site scriting0.07CVE-2020-15497
1587715.95.06.8
 
 
jupyterhub-kubespawner Default Server authorization0.00CVE-2020-15110
1587706.76.37.1
 
 
GLPI Clone sql injection0.07CVE-2020-15108
1587697.47.37.5
 
 
Grundfos CIM 500 Password Storage missing authentication0.00CVE-2020-10605
1587687.68.86.4
 
 
Google Android char_dev.c cdev_get use after free0.00CVE-2020-0305
1587678.57.39.8
 
 
Google Android out-of-bounds write0.00CVE-2020-0231
1587668.57.39.8
 
 
Google Android out-of-bounds write0.00CVE-2020-0230
1587657.57.57.5
 
 
Google Android information disclosure0.05CVE-2020-0228
1587646.55.37.8
 
 
Google Android CompanionDeviceManagerService.java onCommand default permission1.53CVE-2020-0227
1587636.55.37.8
 
 
Google Android Client.cpp createWithSurfaceParent type confusion1.43CVE-2020-0226
1587628.57.39.8
 
 
Google Android a2dp_vendor_ldac_decoder.cc a2dp_vendor_ldac_decoder_decode_packet out-of-bounds write0.07CVE-2020-0225
1587618.57.39.8
 
 
Google Android keys.cc GetKeysSlow type confusion0.05CVE-2020-0224
1587605.64.56.7
 
 
Google Android AndroidManifest.xml default permission0.07CVE-2020-0122
1587595.94.17.8
 
 
Google Android QCamera3HWI.cpp notifyErrorForPendingRequests out-of-bounds write0.06CVE-2020-0120

Interested in the pricing of exploits?

See the underground prices here!