CVSSv3 07/28/2020info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1591356.45.37.5
 
 
freeDiameter integer underflow0.05CVE-2020-6098
1591318.27.39.1
 
 
Dell EMC OpenManage Server Administrator Web API path traversal0.00CVE-2020-5377
1591186.96.37.5
 
 
Claws Mail IMAP Server imap_scan_tree_recursive recursion0.05CVE-2020-16094
1591177.57.57.5
 
 
Grin Mimblewimble insufficient verification of data authenticity0.04CVE-2020-15899
1591167.47.37.5
 
 
Veeam ONE Reporter_ImportLicense xml external entity reference0.06CVE-2020-15419
1591157.47.37.5
 
 
Veeam ONE SSRSReport xml external entity reference0.00CVE-2020-15418
1591146.36.36.3
 
 
Netgear R6700 File Upload stack-based overflow0.04CVE-2020-15417
1591137.56.38.8
 
 
Netgear R6700 httpd Service stack-based overflow0.00CVE-2020-15416
1591056.45.37.5
 
 
Shopware Error Password insufficiently protected credentials0.05CVE-2020-13997
1591044.43.55.4
 
 
Shopware Mediabrowser File Upload Persistent cross site scripting0.00CVE-2020-13971
1591037.56.38.8
 
 
Shopware Mediabrowser upload by URL server-side request forgery0.06CVE-2020-13970
1591025.94.77.2
 
 
concrete5 File Upload unrestricted upload0.00CVE-2020-11476
1591016.55.37.8
 
 
NCP Secure Enterprise Client Support Assistant enumusb.reg link following0.00CVE-2020-11474
1591003.62.44.8
 
 
Gambio GX coupon_admin.php cross site scripting0.06CVE-2020-10985
1590996.54.38.8
 
 
Gambio GX admin.php cross-site request forgery0.00CVE-2020-10984
1590984.84.74.9
 
 
Gambio GX mobile.php sql injection0.08CVE-2020-10983
1590974.84.74.9
 
 
Gambio GX gv_mail.php sql injection0.03CVE-2020-10982
1590965.44.36.5
 
 
Netgear R6700 URL Credentials access control0.00CVE-2020-10930
1590957.56.38.8
 
 
Netgear R6700 File Upload unknown vulnerability0.00CVE-2020-10929
1590947.36.38.4
 
 
Netgear R6700 File Upload heap-based overflow0.00CVE-2020-10928
1590938.28.87.5
 
 
Netgear R6700 Firmware Update risky encryption0.00CVE-2020-10927
1590928.28.87.5
 
 
Netgear R6700 Firmware Update code download0.00CVE-2020-10926
1590916.25.07.5
 
 
Netgear R6700 File Download certificate validation0.00CVE-2020-10925
1590908.88.88.8
 
 
Netgear R6700 Service Port 5000 stack-based overflow0.04CVE-2020-10924
1590896.46.36.5
 
 
Netgear R6700 Service Port 5000 authentication bypass0.07CVE-2020-10923
1590885.96.35.4
 
 
UmbracoForms File Upload privileges management0.07CVE-2020-7685
1590875.44.36.5
 
 
IBM MQ/MQ Appliance/MQ for HPE NonStop buffer overflow0.00CVE-2020-4465
1590866.45.37.5
 
 
IBM MQ/MQ Appliance/MQ for HPE NonStop release of resource0.00CVE-2020-4375
1590854.34.34.3
 
 
IBM MQ/MQ Appliance/MQ for HPE NonStop Error Message information disclosure0.08CVE-2020-4319
1590844.74.15.4
 
 
IBM Intelligent Operations Center Web UI cross site scripting0.00CVE-2020-4318
1590834.74.15.4
 
 
IBM Intelligent Operations Center Web UI cross site scripting0.00CVE-2020-4317
1590828.57.39.8
 
 
OpenIKED iked ca.c authorization0.00CVE-2020-16088
1590818.06.39.8
 
 
Artifex Ghostscript Access Control Underflow memory corruption0.00CVE-2020-15900
1590807.16.37.9
 
 
QEMU XGMAC Ethernet Controller xgmac.c buffer overflow1.12CVE-2020-15863
1590798.16.39.9
 
 
rConfig search.crud.php code injection0.08CVE-2020-15715
1590787.56.38.8
 
 
rConfig Back-End Database devices.crud.php sql injection0.06CVE-2020-15714
1590777.56.38.8
 
 
rConfig Back-End Database devices.php sql injection0.08CVE-2020-15713
1590764.34.34.3
 
 
rConfig ajaxGetFileByPath.php path traversal0.00CVE-2020-15712
1590756.45.37.5
 
 
CentOS Web Panel ajax_mail_autoreply.php sql injection0.04CVE-2020-15628
1590746.45.37.5
 
 
CentOS Web Panel ajax_mail_autoreply.php sql injection0.04CVE-2020-15627
1590736.45.37.5
 
 
CentOS Web Panel ajax_dashboard.php sql injection0.04CVE-2020-15626
1590726.45.37.5
 
 
CentOS Web Panel ajax_add_mailbox.php sql injection1.46CVE-2020-15625
1590716.45.37.5
 
 
CentOS Web Panel ajax_new_account.php sql injection0.04CVE-2020-15624
1590708.57.39.8
 
 
CentOS Web Panel ajax_mod_security.php routine0.06CVE-2020-15623
1590696.45.37.5
 
 
CentOS Web Panel ajax_mail_autoreply.php sql injection1.32CVE-2020-15622
1590686.45.37.5
 
 
CentOS Web Panel ajax_mail_autoreply.php sql injection0.06CVE-2020-15621
1590676.45.37.5
 
 
CentOS Web Panel ajax_list_accounts.php sql injection0.00CVE-2020-15620
1590666.45.37.5
 
 
CentOS Web Panel ajax_list_accounts.php sql injection0.07CVE-2020-15619
1590656.45.37.5
 
 
CentOS Web Panel ajax_list_accounts.php sql injection0.06CVE-2020-15618
1590646.45.37.5
 
 
CentOS Web Panel ajax_list_accounts.php sql injection0.08CVE-2020-15617

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!