CVSSv3 November 2020info

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

C3BM Index »

Our unique C3BM Index (CVSSv3 Base Meta Index) cumulates the CVSSv3 Meta Base Scores of all entries over time. Comparing this index to the amount of disclosed vulnerabilities helps to pinpoint the most important events.

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

PublishedBaseVDBNVDVendResVulnerabilityCTICVE
11/30/20204.44.34.6
 
 
Estil Hill Lock Password Manager Safe App backdoor0.04CVE-2020-29392
11/30/20208.06.39.8
 
 
ZeroShell kerbynet os command injection0.04CVE-2020-29390
11/30/20204.13.54.8
 
 
NetArt News Lister News Headline cross site scripting0.00CVE-2020-29364
11/30/20208.06.39.8
 
 
minidlna UPnP HTTP Request buffer overflow0.06CVE-2020-28926
11/30/20207.65.59.8
 
 
UCMS File Upload unrestricted upload0.05CVE-2020-25537
11/30/20204.33.15.5
 
 
IBM Business Automation Workflow log file0.05CVE-2020-4900
11/30/20205.36.34.3
 
 
IBM Cloud Pak for Security session fixiation0.05CVE-2020-4696
11/30/20207.76.59.0
 
 
IBM Cloud Pak for Security csv injection0.05CVE-2020-4627
11/30/20204.75.04.3
 
 
IBM Cloud Pak for Security HTTP Request information disclosure0.37CVE-2020-4626
11/30/20204.53.75.3
 
 
IBM Cloud Pak for Security cookie without 'httponly' flag0.00CVE-2020-4625
11/30/20204.53.75.3
 
 
IBM Cloud Pak for Security inadequate encryption0.33CVE-2020-4624
11/30/20205.96.35.5
 
 
PNGOUT PNG File integer overflow0.33CVE-2020-29384
11/30/20205.86.35.3
 
 
Canto Plugin tree.php server-side request forgery0.00CVE-2020-28978
11/30/20205.86.35.3
 
 
Canto Plugin get.php server-side request forgery0.05CVE-2020-28977
11/30/20205.86.35.3
 
 
Canto Plugin detail.php server-side request forgery0.06CVE-2020-28976
11/30/20208.36.89.8
 
 
Fujitsu Eternus Storage DX200 S4 csp improper restriction of rendered ui layers0.05CVE-2020-29127
11/30/20208.57.39.8
 
 
Synology SafeAccess request.cgi sql injection0.04CVE-2020-27660
11/30/20204.13.54.8
 
 
Synology SafeAccess cross site scripting0.05CVE-2020-27659
11/30/20207.35.59.1
 
 
QEMU Host Controller Driver hcd-ohci.c stack-based overflow0.05CVE-2020-25624
11/29/20208.88.8
 
 
 
Fuji Electric V-Server Lite out-of-bounds write0.08CVE-2020-25171
11/29/20205.43.17.8
 
 
V-SOL V1600D4L/V1600D-MINI RSA Private Key hard-coded key0.02CVE-2020-29383
11/29/20205.43.17.8
 
 
V-SOL V1600D/V1600D4L/V1600D-MINI/V1600G1/V1600G2 RSA Private Key hard-coded key0.00CVE-2020-29382
11/29/20208.06.39.8
 
 
V-SOL V1600D/V1600D4L/V1600D-MINI/V1600G1/V1600G2 CLI command injection0.00CVE-2020-29381
11/29/20204.83.75.9
 
 
V-SOL V1600D/V1600D4L/V1600D-MINI/V1600G1/V1600G2 Telnet cleartext transmission0.04CVE-2020-29380
11/29/20205.96.35.5
 
 
V-SOL V1600D4L/V1600D-MINI Firmware Update sh improper authentication0.00CVE-2020-29379
11/29/20207.56.38.8
 
 
V-SOL V1600D/V1600D4L/V1600D-MINI/V1600G1/V1600G2 CLI hard-coded credentials0.04CVE-2020-29378
11/29/20208.57.39.8
 
 
V-SOL V1600D hard-coded credentials0.02CVE-2020-29377
11/29/20208.06.39.8
 
 
V-SOL V1600D/V1600D4L/V1600D-MINI/V1600G1/V1600G2 Telnet Service hard-coded credentials0.03CVE-2020-29376
11/29/20206.13.58.8
 
 
V-SOL V1600D/V1600D4L/V1600D-MINI/V1600G1/V1600G2 hard-coded password0.00CVE-2020-29375
11/28/20206.25.57.0
 
 
Linux Kernel gup gup.c get_user_pages race condition0.04CVE-2020-29374
11/28/20206.05.56.5
 
 
Linux Kernel Filesystem io_uring.c path traversal0.00CVE-2020-29373
11/28/20205.15.54.7
 
 
Linux Kernel madvise.c do_madvise race condition0.05CVE-2020-29372
11/28/20203.43.53.3
 
 
Linux Kernel storage.c romfs_dev_read uninitialized pointer0.08CVE-2020-29371
11/28/20206.25.57.0
 
 
Linux Kernel Slowpath slub.c kmem_cache_alloc_bulk race condition0.04CVE-2020-29370
11/28/20206.25.57.0
 
 
Linux Kernel mmap.c expand_upwards race condition0.03CVE-2020-29369
11/28/20206.25.57.0
 
 
Linux Kernel THP Mapcount Check huge_memory.c __split_huge_pmd race condition0.02CVE-2020-29368
11/28/20204.05.52.5
 
 
Linux Kernel Fair Scheduler show_numa_stats use after free0.04CVE-2019-20934
11/28/20204.65.53.7
 
 
Eclipse Jetty gzip injection0.09CVE-2020-27218
11/27/20206.65.57.8
 
 
Blosc C-Blosc2 Compressed Data blosc2.c heap-based overflow0.03CVE-2020-29367
11/27/20208.57.39.8
 
 
systeminformation Prototype si.inetChecksite os command injection0.01CVE-2020-26245

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!