CVSSv3 08/17/2020info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1600207.27.37.0
 
 
Huawei E6878-370 WAN authorization0.05CVE-2020-9241
1600195.44.26.7
 
 
Huawei Taurus-AL00B Lock Protection use after free0.03CVE-2020-9237
1600187.86.59.1
 
 
Huawei FusionCompute improper authentication0.01CVE-2020-9233
1600177.56.38.8
 
 
EdgeMAX EdgeSwitch HTTP Interface command injection0.00CVE-2020-8233
1600165.44.36.5
 
 
EdgeMAX EdgeSwitch SNMP information disclosure0.04CVE-2020-8232
1600155.45.35.5
 
 
Nextcloud Desktop Client ASLR/DEP memory corruption0.06CVE-2020-8230
1600145.85.85.8
 
 
phpBB Image Dimension external reference0.07CVE-2020-8226
1600138.57.39.8
 
 
Citrix XenMobile Server Access Control routine0.05CVE-2020-8212
1600128.57.39.8
 
 
Citrix XenMobile Server command injection0.05CVE-2020-8211
1600116.45.37.5
 
 
Citrix XenMobile Server Credentials information disclosure0.04CVE-2020-8210
1600106.45.37.5
 
 
Citrix XenMobile Server Access Control path traversal0.04CVE-2020-8209
1600095.24.36.1
 
 
Citrix XenMobile Server cross site scripting0.00CVE-2020-8208
1600088.57.39.8
 
 
linux-cmdline Prototype privileges management0.08CVE-2020-7704
1600074.24.34.1
 
 
Cisco Webex Meetings Desktop App User Interface input validation0.04CVE-2020-3502
1600064.24.34.1
 
 
Cisco Webex Meetings Desktop App User Interface input validation0.08CVE-2020-3501
1600055.23.76.8
 
 
Cisco StarOS memory corruption0.02CVE-2020-3500
1600044.64.35.0
 
 
Cisco Webex Meeting Contacts information disclosure0.02CVE-2020-3472
1600034.54.34.8
 
 
Cisco UCS Director Web-based Management Interface cross site scripting0.01CVE-2020-3464
1600025.75.36.1
 
 
Cisco Webex Meeting Web-based Management Interface cross site scripting0.04CVE-2020-3463
1600014.85.34.3
 
 
Cisco IOS XR Border Gateway Protocol unusual condition0.07CVE-2020-3449
1600006.67.35.8
 
 
Cisco Cyber Vision Center Access Control access control0.03CVE-2020-3448
1599994.94.35.5
 
 
Cisco Email Security Appliance CLI log file0.06CVE-2020-3447
1599985.45.35.5
 
 
Cisco AnyConnect Secure Mobility Client IPC input validation0.04CVE-2020-3435
1599974.43.35.5
 
 
Cisco AnyConnect Secure Mobility Client IPC input validation0.08CVE-2020-3434
1599967.87.87.8
 
 
Cisco AnyConnect Secure Mobility Client IPC uncontrolled search path0.00CVE-2020-3433
1599954.34.34.3
 
 
Cisco Webex Meeting Scheduled Meeting Template access control0.05CVE-2020-3413
1599944.95.44.3
 
 
Cisco Webex Meeting Scheduled Meeting Template access control0.01CVE-2020-3412
1599936.45.37.5
 
 
Cisco DNA Center information disclosure0.02CVE-2020-3411
1599926.95.38.6
 
 
Cisco Small Business Smart/Managed Switch input validation0.06CVE-2020-3363
1599915.75.36.1
 
 
Cisco Unified Communications Manager Web UI cross site scripting0.00CVE-2020-3346
1599907.47.37.5
 
 
LuaJIT lj_err.c lj_err_run out-of-bounds read0.06CVE-2020-24372
1599895.35.35.3
 
 
Lua lgc.c release of reference0.00CVE-2020-24371
1599886.37.35.3
 
 
Lua ldebug.c integer underflow0.02CVE-2020-24370
1599876.45.37.5
 
 
Lua ldebug.c stripped null pointer dereference0.03CVE-2020-24369
1599867.56.38.8
 
 
ShopXO os command injection0.03CVE-2020-24220
1599858.57.39.8
 
 
SourceCodester Online Shopping Alphaware sql injection0.04CVE-2020-24208
1599848.27.39.1
 
 
ftp-srv PORT Command server-side request forgery0.02CVE-2020-15152
1599837.47.37.5
 
 
Apache Shiro improper authentication0.06CVE-2020-13933
1599825.24.36.1
 
 
Teradici PCoIP Management Console Reflected cross site scripting0.04CVE-2020-13183
1599817.56.38.8
 
 
NoviFlow NoviWare Command-Line Interface os command injection0.09CVE-2020-13122

Interested in the pricing of exploits?

See the underground prices here!