CVSSv3 09/17/2020info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1616727.87.87.8
 
 
Advantech WebAccess Node privilege escalation0.06CVE-2020-16202
1615315.55.57.8
 
 
Nitro Pro Rendering Engine Code Execution memory corruption0.06CVE-2020-6116
1615305.55.57.8
 
 
Nitro Pro Table Use-After-Free memory corruption0.05CVE-2020-6115
1615295.55.57.8
 
 
Nitro Pro Object Stream Parser Integer Overflow memory corruption0.12CVE-2020-6113
1615285.55.57.8
 
 
Nitro Pro JPEG 2000 File Out-of-Bounds memory corruption0.10CVE-2020-6112
1615273.53.56.1
 
 
ZoneMinder download.php cross site scripting0.04CVE-2020-25729
1615264.64.68.8
 
 
Reset Password Add-On weak authentication0.06CVE-2020-25728
1615256.36.37.5
 
 
Reset Password Add-On sql injection0.08CVE-2020-25727
1615246.36.37.3
 
 
Sqreen PHP Agent Daemon Virtual Machine privilege escalation0.06CVE-2020-25490
1615236.36.39.8
 
 
Sqreen PyMiniRacer Heap-based memory corruption0.06CVE-2020-25489
1615225.55.59.8
 
 
yWorks yEd Desktop XSL Remote Code Execution0.05CVE-2020-25216
1615215.55.59.8
 
 
yWorks yEd Desktop XML Data XML External Entity0.14CVE-2020-25215
1615205.55.59.8
 
 
Objective Systems Objective Open CBOR Run-time Stack-based memory corruption0.12CVE-2020-24753
1615195.55.59.8
 
 
FasterXML jackson-databind Serialized privilege escalation0.19CVE-2020-24750
1615184.64.67.2
 
 
TitanHQ SpamTitan Sandbox passwd privilege escalation0.07CVE-2020-24046
1615178.08.07.2
 
 
TitanHQ SpamTitan ISO privilege escalation0.06CVE-2020-24045
1615163.84.53.0
 
 
Helm Plugin privilege escalation0.12CVE-2020-15187
1615154.65.83.4
 
 
Helm Plugin Name privilege escalation0.00CVE-2020-15186
1615143.24.12.2
 
 
Helm Chart Injection privilege escalation0.09CVE-2020-15185
1615134.75.63.7
 
 
Helm Chart.yaml Injection privilege escalation0.09CVE-2020-15184
1615125.52.78.4
 
 
SOY CMS Reflected cross site scripting0.00CVE-2020-15183
1615116.54.78.4
 
 
SOY CMS SOY Inquiry Remote Code Execution0.07CVE-2020-15182
1615105.55.55.3
 
 
Xerces JBoss JAXP XMLSchemaValidator privilege escalation0.17CVE-2020-14338
1615095.55.58.8
 
 
Apache Superset Python Code Injection privilege escalation0.26CVE-2020-13948
1615083.53.56.1
 
 
Apache Airflow Endpoint trigger cross site scripting0.09CVE-2020-13944
1615073.53.5
 
 
 
RAD SecFlow-1v Web-based Management Interface Stored cross site scripting0.81CVE-2020-13260
1615063.53.59.6
 
 
Solarwinds Orion Platform Administrator Account Stored cross site scripting0.14CVE-2020-13169
1615055.55.58.8
 
 
TitanHQ SpamTitan mailqueue.php Code Injection privilege escalation0.00CVE-2020-11804
1615045.55.58.8
 
 
TitanHQ SpamTitan mailqueue.php eval() PHP Code Execution privilege escalation0.09CVE-2020-11803
1615035.55.56.5
 
 
TitanHQ SpamTitan certs-x.php Remote Code Execution0.04CVE-2020-11700
1615025.55.58.8
 
 
TitanHQ SpamTitan certs-x.php Remote Code Execution0.09CVE-2020-11699
1615016.36.39.8
 
 
TitanHQ SpamTitan snmp-x.php command injection0.43CVE-2020-11698
1615004.54.5
 
 
 
Google Android f2fs.h inline_data_addr Integer Overflow memory corruption0.16CVE-2020-0435
1614995.35.37.8
 
 
Google Android Catpipe Library Use-After-Free memory corruption0.00CVE-2020-0434
1614985.35.37.8
 
 
Google Android blk-mq-tag.c blk_mq_queue_tag_busy_iter Use-After-Free memory corruption0.07CVE-2020-0433
1614975.35.37.8
 
 
Google Android networking.c skb_to_mamac Integer Overflow memory corruption0.17CVE-2020-0432
1614965.35.37.8
 
 
Google Android keyboard.c kbd_keycode Out-of-Bounds memory corruption0.10CVE-2020-0431
1614955.35.37.8
 
 
Google Android skbuff.h skb_headlen Out-of-Bounds memory corruption0.04CVE-2020-0430
1614944.54.56.7
 
 
Google Android l2tp_core.c l2tp_session_delete Use-After-Free memory corruption0.73CVE-2020-0429
1614934.54.56.4
 
 
Google Android CamX Use-After-Free memory corruption0.81CVE-2020-0428
1614923.33.35.5
 
 
Google Android core.c create_pinctrl Use-After-Free information disclosure0.05CVE-2020-0427
1614913.33.35.5
 
 
Google Android SyncManager information disclosure0.08CVE-2020-0426
1614903.33.35.5
 
 
Google Android Lockdown information disclosure0.97CVE-2020-0425
1614892.52.54.4
 
 
Google Android Disk Encryption fscrypt_ice.c weak encryption0.21CVE-2020-0407
1614885.35.37.8
 
 
Google Android libmpeg2dec Out-of-Bounds memory corruption0.97CVE-2020-0406
1614877.87.87.8
 
 
Google Android uvc_driver.c uvc_scan_chain_forward privilege escalation0.08CVE-2020-0404
1614864.54.56.7
 
 
Google Android FPC TrustZone Fingerprint App privilege escalation0.05CVE-2020-0403
1614855.35.37.8
 
 
Google Android PackageManagerService.java setInstallerPackageName privilege escalation0.06CVE-2020-0401
1614843.33.35.5
 
 
Google Android NotificationMgr.java showLimitedSimFunctionWarningNotification information disclosure0.17CVE-2020-0399
1614833.33.35.5
 
 
Google Android CarrierServiceStateTracker.java getNotificationBuilder information disclosure0.09CVE-2020-0397

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!