CVSSv3 09/11/2020info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1611656.36.3
 
 
 
Microsoft Windows finger.exe privileges management0.01
1611648.57.39.8
 
 
LG Mobile Devices BT Manager authorization0.02CVE-2020-25283
1611638.57.39.8
 
 
LG Mobile Devices lguicc authorization0.02CVE-2020-25282
1611627.57.57.5
 
 
LG Mobile Devices unknown vulnerability0.02CVE-2020-25281
1611615.54.36.8
 
 
Samsung Mobile Devices Debugging Command privileges management0.06CVE-2020-25280
1611608.57.39.8
 
 
Samsung Mobile Devices Exynos Chipset buffer overflow0.05CVE-2020-25279
1611598.57.39.8
 
 
Samsung Mobile Devices Quram Image Codec Library out-of-bounds write0.04CVE-2020-25278
1611586.54.38.8
 
 
ArGo Soft Mail Server cross-site request forgery0.06CVE-2020-23824
1611576.55.37.8
 
 
libX11 integer overflow0.06CVE-2020-14363
1611564.43.35.5
 
 
Ansible Engine Check Mode neutralization for logs0.00CVE-2020-14332
1611553.92.85.0
 
 
Ansible URI Module neutralization for logs0.03CVE-2020-14330
1611504.43.35.5
 
 
Huawei Smartphone information disclosure0.04CVE-2020-9239
1611496.45.67.3
 
 
PrimeKey EJBCA Client Certificate certificate validation0.05CVE-2020-25276
1611485.44.36.5
 
 
Philips Patient Information Center iX Message Parser denial of service0.03CVE-2020-16224
1611474.34.34.3
 
 
Philips Patient Information Center iX Certificate Enrollment Service denial of service0.00CVE-2020-16220
1611465.44.36.5
 
 
Philips Patient Information Center iX input validation0.00CVE-2020-16216
1611455.54.36.8
 
 
Philips Patient Information Center iX Surveillance Station exposure of resource0.00CVE-2020-16212
1611444.22.55.9
 
 
Bluetooth Core LE/BR/EDR improper authentication0.07CVE-2020-15802
1611435.65.85.4
 
 
Ruby on Rails Action View cross site scripting0.02CVE-2020-15169
1611426.45.37.5
 
 
ZeroMQ TCP Socket resource consumption0.00CVE-2020-15166
1611419.38.89.8
 
 
Xiaomi R3600 set_WAN6 Interface privileges management0.02CVE-2020-14100
1611408.57.39.8
 
 
Xiaomi AI Speaker OTA memory corruption0.03CVE-2020-14096
1611397.47.37.5
 
 
Apache Cocoon StreamGenerator xml external entity reference0.06CVE-2020-11991
1611382.22.42.0
 
 
QNAP Helpdesk cross-site request forgery0.05CVE-2018-19948
1611374.34.34.3
 
 
QNAP Helpdesk information disclosure0.02CVE-2018-19947
1611364.65.04.2
 
 
QNAP Helpdesk Certificate Validation certificate validation0.02CVE-2018-19946
1611355.44.36.5
 
 
InspIRCd pgsql Module use after free0.02CVE-2020-25269
1611346.55.37.8
 
 
Taoensso Nippy deserialization0.05CVE-2020-24164
1611335.34.36.4
 
 
Philips Patient Information Center iX Certificate Revocation unknown vulnerability0.00CVE-2020-16228
1611327.56.38.8
 
 
Philips Patient Information Center iX improper authentication0.03CVE-2020-16222
1611313.53.53.5
 
 
Philips Patient Information Center iX Web Application cross site scripting0.03CVE-2020-16218
1611305.66.15.0
 
 
Philips Patient Information Center iX CSV File csv injection0.00CVE-2020-16214
1611295.44.36.5
 
 
InspIRCd Silence Module use after free0.08CVE-2019-20918
1611285.44.36.5
 
 
InspIRCd MySQL Module null pointer dereference0.02CVE-2019-20917
1611278.57.39.8
 
 
Hyland OnBase JSON deserialization0.04CVE-2020-25260
1611268.57.39.8
 
 
Hyland OnBase XML Data deserialization0.03CVE-2020-25259
1611258.57.39.8
 
 
Hyland OnBase ASP.NET BinaryFormatter.Deserialize deserialization0.02CVE-2020-25258
1611248.57.39.8
 
 
Hyland OnBase XML Data xml external entity reference0.02CVE-2020-25257
1611238.27.39.1
 
 
Hyland OnBase PKI Certificate/Private Key hard-coded credentials0.02CVE-2020-25256
1611226.45.37.5
 
 
Hyland OnBase denial of service0.00CVE-2020-25255

Do you need the next level of professionalism?

Upgrade your account now!