CVSSv3 09/03/2020

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1607174.43.35.5
 
 
Huawei Honor 20 Pro Module information disclosure0.09CVE-2020-9235
1607165.54.36.8
 
 
Huawei B2368-22/B2368-66 code injection0.05CVE-2020-9199
1607152.42.42.4
 
 
Huawei Mate 20 Text input validation0.04CVE-2020-9083
1607145.74.76.8
 
 
Rapid7 Nexpose Unquoted Search Path unquoted search path0.01CVE-2020-7382
1607134.83.85.8
 
 
Rapid7 Nexpose Installer code injection0.00CVE-2020-7381
1607125.94.77.2
 
 
IBM API Connect API Manager privileges management0.05CVE-2020-4638
1607116.46.36.5
 
 
IBM API Connect User Registration privileges management0.00CVE-2020-4337
1607106.45.07.8
 
 
GnuPG/Gpg4win Key Import key-check.c Array Index buffer overflow0.00CVE-2020-25125
1607094.13.44.8
 
 
vBulletin attachment.php&do=rebuild&type cross site scripting0.00CVE-2020-25124
1607084.13.44.8
 
 
vBulletin Admin CP cross site scripting0.00CVE-2020-25123
1607074.13.44.8
 
 
vBulletin Admin CP cross site scripting0.02CVE-2020-25122
1607064.13.44.8
 
 
vBulletin Admin CP cross site scripting0.06CVE-2020-25121
1607054.13.44.8
 
 
vBulletin Admin CP cross site scripting0.07CVE-2020-25120
1607044.13.44.8
 
 
vBulletin Admin CP cross site scripting0.08CVE-2020-25119
1607034.13.44.8
 
 
vBulletin Admin CP cross site scripting0.07CVE-2020-25118
1607024.13.44.8
 
 
vBulletin Admin CP cross site scripting0.00CVE-2020-25117
1607014.13.44.8
 
 
vBulletin Admin CP cross site scripting0.07CVE-2020-25116
1607004.13.44.8
 
 
vBulletin Admin CP cross site scripting0.09CVE-2020-25115
1606996.73.79.8
 
 
Eramba Password Recovery password recovery0.05CVE-2020-25105
1606984.43.55.4
 
 
Eramba Attachment cross site scripting0.06CVE-2020-25104
1606975.24.36.1
 
 
silverstripe-advancedreports item cross site scripting0.00CVE-2020-25102
1606966.75.97.5
 
 
Setelsa Conacwin /../../path/file_to_disclose path traversal0.08CVE-2020-25068
1606955.94.77.2
 
 
Mara CMS unrestricted upload0.09CVE-2020-25042
1606948.57.39.8
 
 
Heybbs login.php sql injection0.00CVE-2020-25006
1606938.57.39.8
 
 
Heybbs msg.php sql injection0.00CVE-2020-25005
1606928.57.39.8
 
 
Heybbs user.php sql injection0.04CVE-2020-25004
1606917.57.37.8
 
 
Xpdf Error.cc fprintf out-of-bounds write0.00CVE-2020-24999
1606907.57.37.8
 
 
Xpdf Catalog.cc ~TextString initialization0.00CVE-2020-24996
1606897.56.38.8
 
 
php-fusion downloads.php privileges management0.08CVE-2020-24949
1606885.94.77.2
 
 
Autoptimize Plugin Ajax unrestricted upload0.08CVE-2020-24948
1606878.57.39.8
 
 
Pancake Session Cookie hard-coded credentials0.00CVE-2020-24876
1606865.45.35.5
 
 
MidnightBSD/FreeBSD Kernel kern_getfsstat out-of-bounds write0.05CVE-2020-24863
1606854.43.35.5
 
 
MidnightBSD/FreeBSD linux_emul.h em_find null pointer dereference0.06CVE-2020-24385
1606848.57.39.8
 
 
Sourcecodetester Daily Tracker System sql injection0.07CVE-2020-24193
1606836.55.37.8
 
 
Shenzhen Tencent App DLL uncontrolled search path0.00CVE-2020-24162
1606826.55.37.8
 
 
Guangzhou NetEase Mail Master DLL untrusted search path0.08CVE-2020-24161
1606816.55.37.8
 
 
Shenzhen Tencent TIM Windows Client DLL untrusted search path0.05CVE-2020-24160
1606807.87.87.8
 
 
Guangzhou NetEase Youdao Dictionary DLL untrusted search path0.00CVE-2020-24159
1606796.55.37.8
 
 
360 Speed Browser DLL untrusted search path0.00CVE-2020-24158
1606785.75.36.1
 
 
xxl-job JobGroupController.java cross site scripting0.00CVE-2020-23814

Do you want to use VulDB in your project?

Use the official API to access entries easily!