CVSSv3 10/28/2020info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1640326.46.36.5
 
 
IBM WebSphere Application Server path traversal0.04CVE-2020-4782
1640315.94.37.5
 
 
Microsoft Sterling Connect Direct buffer overflow0.04CVE-2020-4767
1640306.45.37.5
 
 
Shibboleth Identify Provider Login Flow denial of service0.00CVE-2020-27978
1640298.06.39.8
 
 
osCommerce Phoenix CE POST Parameter mail.php os command injection0.04CVE-2020-27976
1640286.13.58.8
 
 
osCommerce Phoenix CE define_language.php cross-site request forgery0.06CVE-2020-27975
1640274.83.56.1
 
 
NeoPost Mail Accounting Software Pro FUS_SCM_BlockStart.php cross site scripting0.04CVE-2020-27974
1640264.83.56.1
 
 
Grafana Query cross site scripting0.04CVE-2020-24303
1640255.53.57.5
 
 
Snap7 Server COTP Protocol denial of service0.00CVE-2020-22552
1640247.65.59.8
 
 
Winston API command injection0.04CVE-2020-16257
1640236.96.37.5
 
 
Red Discord Bot Mod Module access control0.00CVE-2020-15278
1640224.43.55.4
 
 
Pulse Connect Secure User Web Interface cross site scripting0.00CVE-2020-8263
1640214.83.56.1
 
 
Pulse Connect Secure/Pulse Policy Secure User Web Interface cross site scripting0.00CVE-2020-8262
1640204.95.54.3
 
 
Pulse Connect Secure/Pulse Policy Secure Cookie buffer overflow0.04CVE-2020-8261
1640196.76.37.2
 
 
Pulse Connect Secure Admin Web Interface unrestricted upload0.00CVE-2020-8260
1640185.66.34.9
 
 
Pulse Connect Secure Admin Web Interface input validation0.00CVE-2020-8255
1640177.56.38.8
 
 
Pulse Secure Desktop Client Dynamic Certificate Trust path traversal0.06CVE-2020-8254
1640166.55.37.8
 
 
Pulse Secure Desktop Client access control0.04CVE-2020-8250
1640156.55.37.8
 
 
Pulse Secure Desktop Client buffer overflow0.07CVE-2020-8249
1640146.55.37.8
 
 
Pulse Secure Desktop Client access control0.07CVE-2020-8248
1640136.55.67.5
 
 
Pulse Secure Desktop Client channel accessible0.04CVE-2020-8241
1640126.65.57.8
 
 
Pulse Secure Desktop Client Embedded Browser unknown vulnerability0.05CVE-2020-8240
1640117.65.59.8
 
 
Pulse Secure Desktop Client Registry Privileges access control0.00CVE-2020-8239
1640103.92.65.3
 
 
Mozilla Firefox EC Scalar Point Multiplication key management0.00CVE-2020-6829
1640097.46.38.6
 
 
SonicWALL Global VPN Client Library uncontrolled search path0.00CVE-2020-5145
1640087.87.87.8
 
 
SonicWALL Global VPN Client untrusted search path0.00CVE-2020-5144
1640074.43.35.5
 
 
Apple Music Application information disclosure0.00CVE-2020-9982
1640057.56.38.8
 
 
Apple tvOS Web Contents memory corruption1.13CVE-2020-9932
1640047.56.38.8
 
 
Apple iOS/iPadOS Web Contents memory corruption0.12CVE-2020-9932
1640037.56.38.8
 
 
Apple Safari Web Contents memory corruption3.05CVE-2020-9932
1640025.96.35.4
 
 
Apple Safari Javascript input validation0.12CVE-2020-9860
1640014.35.33.3
 
 
Apple macOS Application access control0.06CVE-2020-9786
1640006.45.47.5
 
 
Apple macOS Path Validation path traversal2.85CVE-2020-9782
1639995.53.57.5
 
 
Apple macOS Siri Suggestion access control1.24CVE-2020-9774
1639985.35.3
 
 
 
dat.gui RGB/RGBA incorrect regex0.12CVE-2020-7755
1639976.65.57.8
 
 
Apple macOS Image out-of-bounds read0.12CVE-2020-3880
1639966.65.57.8
 
 
Apple tvOS Image out-of-bounds read0.06CVE-2020-3880
1639956.65.57.8
 
 
Apple iOS/iPadOS Image out-of-bounds read0.06CVE-2020-3880
1639946.65.57.8
 
 
Apple watchOS Image out-of-bounds read0.00CVE-2020-3880
1639937.87.87.8
 
 
Apple macOS Application memory corruption2.19CVE-2020-3863
1639924.84.35.4
 
 
MediaWiki RandomGameUnit Extension hard-coded credentials0.00CVE-2020-27957
1639918.06.39.8
 
 
SourceCodester Car Rental Management System File Upload unrestricted upload0.00CVE-2020-27956
1639905.53.57.5
 
 
Texas Instruments CC2538 Zigbee Protocol zclParseInDiscCmdsRspCmd stack-based buffer overflow0.44CVE-2020-27892
1639895.53.57.5
 
 
Texas Instruments CC2538 Zigbee Protocol zclHandleExternal stack-based buffer overflow0.04CVE-2020-27891
1639885.83.58.2
 
 
Texas Instruments CC2538 Zigbee Protocol zclParseInWriteCmd stack-based buffer overflow2.01CVE-2020-27890
1639876.04.67.5
 
 
Ubiquiti UniFi Meshing Access Point UAP-AC-M Credential Cache state issue0.04CVE-2020-27888
1639867.04.39.8
 
 
Wire AVS/Secure Messenger sdp.c sdp_media_set_lattr denial of service2.70CVE-2020-27853
1639858.06.39.8
 
 
Western Digital My Cloud NAS AvailableApps.php privileges management0.05CVE-2020-27160
1639848.06.39.8
 
 
Western Digital My Cloud NAS DsdkProxy.php input validation0.00CVE-2020-27159
1639838.06.39.8
 
 
Western Digital My Cloud cgi_api.php access control0.00CVE-2020-27158
1639828.06.39.8
 
 
Western Digital My Cloud reg_device.php input validation0.04CVE-2020-25765

Interested in the pricing of exploits?

See the underground prices here!