CVSSv3 09/02/2020info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1608366.36.3
 
 
 
FreeBSD IPv4 DHCP Client heap-based overflow0.09CVE-2020-7461
1608355.35.3
 
 
 
FreeBSD SCTP Socket use after free0.06CVE-2020-7463
1608345.35.3
 
 
 
FreeBSD IPv6 Hop-by-Hop Option use after free0.00CVE-2020-7462
1607648.57.39.8
 
 
D-Link COVR 3902 REVA Telnet hard-coded credentials0.00CVE-2018-20432
1606545.96.35.4
 
 
Clustered Data ONTAP authorization0.00CVE-2020-8576
1606535.53.37.8
 
 
RAONWIZ RAON KUpload KUpload agent resource transfer0.00CVE-2020-7830
1606526.45.37.5
 
 
Trading Technologies Messaging Service Port 10200 ttmd.exe strcpy_s denial of service0.07CVE-2020-5779
1606516.45.37.5
 
 
Trading Technologies Messaging Service Port 10200 ttmd.exe input validation0.00CVE-2020-5778
1606505.93.78.1
 
 
Dell EMC ECS DT Object exposure of resource0.06CVE-2020-5386
1606496.86.86.8
 
 
Dell Inspiron 7352 BIOS UEFI BIOS Boot Service protection mechanism0.07CVE-2020-5379
1606486.86.86.8
 
 
Dell G7 17 7790 UEFI BIOS Boot Service use after free0.00CVE-2020-5378
1606476.86.86.8
 
 
Dell Inspiron 7347 BIOS UEFI BIOS Boot Services use after free0.00CVE-2020-5376
1606467.56.38.8
 
 
Dell EMC Isilon OneFS/EMC PowerScale OneFS SyncIQ permission assignment0.06CVE-2020-5369
1606458.27.39.1
 
 
IBM Spectrum Protect Operations Center Export code injection0.07CVE-2020-4693
1606444.74.15.4
 
 
IBM Jazz Team Server Web UI cross site scriting0.00CVE-2020-4546
1606434.74.15.4
 
 
IBM Jazz Team Server Web UI cross site scriting0.00CVE-2020-4522
1606424.74.15.4
 
 
IBM Jazz Team Server Web UI cross site scriting0.06CVE-2020-4445
1606416.55.37.8
 
 
Kaspersky Security Center/Security Center Web Console Installer uncontrolled search path0.08CVE-2020-25045
1606405.74.47.1
 
 
Kaspersky Virus Removal Tool denial of service0.00CVE-2020-25044
1606395.74.47.1
 
 
Kaspersky VPN Secure Connection Installer path traversal0.00CVE-2020-25043
1606386.95.78.2
 
 
Miller Configuration File Support code injection0.00CVE-2020-15167
1606376.75.58.0
 
 
Symfony HttpClient CachingHttpClient Remote Privilege Escalation0.00CVE-2020-15094
1606367.56.38.8
 
 
D-Link DCS-2530L/DCS-2670L ddns_enc.cgi command injection0.09CVE-2020-25079
1606356.45.37.5
 
 
D-Link DCS-2530L/DCS-2670L getuser Password information disclosure0.11CVE-2020-25078
1606344.34.34.3
 
 
sf_event_mgt Extension Access Control authorization0.00CVE-2020-25026
1606334.34.34.3
 
 
l10nmgr authorization0.00CVE-2020-25025
1606326.26.16.3
 
 
KDE ark path traversal0.02CVE-2020-24654
1606315.75.36.1
 
 
Ignite Realtime Openfire server-properties.jsp Reflected cross site scripting0.05CVE-2020-24604
1606305.24.36.1
 
 
Ignite Realtime Openfire Reflected cross site scripting0.00CVE-2020-24602
1606295.24.36.1
 
 
Ignite Realtime Openfire Stored cross site scripting0.00CVE-2020-24601
1606285.24.36.1
 
 
Google Go CGI cross site scripting0.00CVE-2020-24553
1606278.57.39.8
 
 
ForLogic Qualiex operation after expiration0.00CVE-2020-24030
1606268.57.39.8
 
 
ForLogic Qualiex Password Change improper authentication0.00CVE-2020-24029
1606257.56.38.8
 
 
ForLogic Qualiex permission assignment0.00CVE-2020-24028
1606245.74.37.1
 
 
SourceCodester Stock Management System changeUsername.php cross-site request forgery0.00CVE-2020-23830
1606234.43.55.4
 
 
MultiUx SaveMailbox Stored cross site scripting0.07CVE-2020-17458
1606224.22.95.5
 
 
Trusted Firmware mbed TLS ssl_msg.c mbedtls_ssl_decrypt_buf information exposure0.07CVE-2020-16150
1606216.46.36.5
 
 
Squid Web Proxy Cache request smuggling0.00CVE-2020-15811
1606206.46.36.5
 
 
Squid Web Proxy Header Parsing request smuggling0.09CVE-2020-15810
1606197.56.38.8
 
 
Dolibarr CRM File Upload unrestricted upload0.00CVE-2020-14209

Do you need the next level of professionalism?

Upgrade your account now!