CVSSv3 09/15/2020info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1616658.88.8
 
 
 
FreeBSD ftpd privileges management0.00CVE-2020-7468
1616619.89.8
 
 
 
FreeBSD bhyve SVM Guest privileges management0.06CVE-2020-7467
1616605.35.3
 
 
 
FreeBSD bhyve privileges management0.06CVE-2020-24718
1616597.37.3
 
 
 
FreeBSD ure Device Driver injection0.06CVE-2020-7464
1616423.33.3
 
 
 
Huawei HiSilicon RTSP Stream information disclosure0.00CVE-2020-24216
1616417.37.3
 
 
 
Huawei HiSilicon printf memory corruption0.00CVE-2020-24214
1616405.95.9
 
 
 
Huawei HiSilicon box_ProcessRequest unrestricted upload0.00CVE-2020-24217
1616393.33.3
 
 
 
Huawei HiSilicon box_ProcessRequest path traversal0.06CVE-2020-24219
1616389.89.8
 
 
 
Huawei HiSilicon Telnet Service privileges management0.09CVE-2020-24218
1616378.48.4
 
 
 
Huawei HiSilicon backdoor0.05CVE-2020-24215
1612896.14.18.2
 
 
TIBCO Spotfire Analyst Spotfire Client cross site scriting0.05CVE-2020-9416
1612884.43.35.5
 
 
Lenovo System Interface Foundation Configuration File default permission0.06CVE-2020-8346
1612876.04.87.3
 
 
Lenovo System Update toctou0.00CVE-2020-8342
1612865.34.36.3
 
 
Lenovo System x IMM2 cross site scripting0.05CVE-2020-8340
1612853.93.54.3
 
 
Lenovo IBM BladeCenter Advanced Management Module Web Interface insufficiently protected credentials0.00CVE-2020-8339
1612845.65.55.7
 
 
McAfee Web Gateway Configuration File improper authorization0.00CVE-2020-7296
1612834.55.53.5
 
 
McAfee Web Gateway Access Control improper authorization0.03CVE-2020-7295
1612825.15.54.6
 
 
McAfee Web Gateway REST Interface improper authorization0.00CVE-2020-7294
1612817.76.59.0
 
 
McAfee Web Gateway Access Control Password improper authorization0.00CVE-2020-7293
1612805.44.36.5
 
 
IBM Spectrum Protect Plus path traversal0.06CVE-2020-4711
1612796.75.58.0
 
 
IBM Spectrum Protect Plus Administrative Console unrestricted upload0.06CVE-2020-4703
1612784.74.15.4
 
 
IBM Business Automation Workflow Web UI cross site scripting0.00CVE-2020-4530
1612774.34.34.3
 
 
IBM Maximo Asset Management cross-site request forgery0.07CVE-2020-4526
1612768.88.88.8
 
 
IBM Maximo Asset Management Java deserialization0.04CVE-2020-4521
1612753.33.33.3
 
 
IBM Tivoli Business Service Manager insecure storage of sensitive information0.04CVE-2020-4344
1612746.54.38.8
 
 
BlackCat CMS cross-site request forgery0.06CVE-2020-25453
1612734.43.55.4
 
 
Nifty Project Management cross site scripting0.06CVE-2020-25071
1612726.45.37.5
 
 
ElkarBackup DefaultController.php Source inadequate encryption0.00CVE-2020-24925
1612714.43.55.4
 
 
ElkarBackup Persistent cross site scripting0.00CVE-2020-24924
1612708.27.49.1
 
 
Trend Micro ServerProtect for Linux SPLX Console command injection0.06CVE-2020-24561
1612698.57.39.8
 
 
projectworlds House Rental index.php sql injection0.00CVE-2020-23833
1612688.57.39.8
 
 
SourceCodester Online Course Registration Upload Filter my-profile.php unrestricted upload0.06CVE-2020-23828
1612677.75.69.8
 
 
VR CAM P1 Access Control improper authentication0.08CVE-2020-23512
1612666.54.38.8
 
 
Spiceworks users cross-site request forgery0.09CVE-2020-23451
1612656.45.37.5
 
 
Gallagher Command Centre DCOM Websocket memory corruption0.03CVE-2020-16101
1612646.45.37.5
 
 
Gallagher Command Centre DCOM Websocket denial of service0.07CVE-2020-16100
1612634.34.34.3
 
 
Gallagher Command Centre Guard Tour Event input validation0.00CVE-2020-16099
1612627.55.39.8
 
 
Gallagher Command Centre Credentials improper authentication0.04CVE-2020-16098
1612616.34.37.37.3
 
Gallagher Controller Key insufficiently protected credentials0.04CVE-2020-16097
1612607.45.09.9
 
 
Gallagher Command Centre Credentials improper authorization0.03CVE-2020-16096
1612596.04.18.0
 
 
ScratchSig Extension Stored cross site scripting0.00CVE-2020-15179
1612586.34.78.0
 
 
contactform module Contact Form cross site scripting0.04CVE-2020-15178
1612577.66.58.7
 
 
Act Module Message deserialization0.09CVE-2020-15172
1612567.76.58.9
 
 
Yii unserialize deserialization0.07CVE-2020-15148
1612554.43.35.5
 
 
Linux Kernel XFS File System memory corruption0.00CVE-2020-14385
1612546.55.37.8
 
 
X.org X11 Server integer overflow0.06CVE-2020-14362
1612536.55.37.8
 
 
X.org X11 Server integer overflow0.08CVE-2020-14361
1612526.55.37.8
 
 
X.org X11 Server X Input Extension Protocol Decoder integer overflow0.04CVE-2020-14346
1612516.55.37.8
 
 
X.org X11 Server XkbSetNames memory corruption0.06CVE-2020-14345
1612505.95.36.6
 
 
Linux Kernel Video out-of-bounds write0.05CVE-2020-14331

Interested in the pricing of exploits?

See the underground prices here!