CVSSv3 11/16/2020info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1650173.73.14.3
 
 
IBM Sterling File Gateway Authorization Token missing secure attribute0.00CVE-2020-4763
1650164.13.54.8
 
 
IBM Sterling B2B Integrator Standard Edition Web UI cross site scripting0.00CVE-2020-4705
1650156.95.08.8
 
 
IBM Sterling B2B Integrator Standard Edition Privileges access control0.00CVE-2020-4700
1650145.44.36.5
 
 
IBM Sterling B2B Integrator Standard Edition Dashboard UI information disclosure0.04CVE-2020-4692
1650134.43.55.4
 
 
IBM Business Automation Workflow Web UI cross site scripting0.08CVE-2020-4672
1650125.44.36.5
 
 
IBM Sterling B2B Integrator Standard Edition log file0.09CVE-2020-4671
1650113.73.14.3
 
 
IBM Sterling File Gateway Authorization Token missing secure attribute0.00CVE-2020-4665
1650107.56.38.8
 
 
IBM Sterling B2B Integrator Standard Edition sql injection0.04CVE-2020-4655
1650097.56.38.8
 
 
IBM Sterling File Gateway sql injection0.06CVE-2020-4647
1650085.44.36.5
 
 
IBM Sterling B2B Integrator Standard Edition log file0.00CVE-2020-4566
1650076.45.37.5
 
 
IBM Sterling File Gateway information exposure0.03CVE-2020-4476
1650065.44.36.5
 
 
IBM Sterling B2B Integrator Standard Edition information exposure0.00CVE-2020-4475
1650055.53.57.5
 
 
CloudAvid PParam setAddress memory leak0.00CVE-2020-28723
1650046.76.37.2
 
 
Gila CMS unrestricted upload0.00CVE-2020-28692
1650034.43.55.4
 
 
Nagios XI Account Information cross site scripting0.06CVE-2020-27991
1650024.43.55.4
 
 
Nagios XI Deployment Tool cross site scripting0.00CVE-2020-27990
1650014.43.55.4
 
 
Nagios XI Dashboard Tools cross site scripting0.05CVE-2020-27989
1650004.43.55.4
 
 
Nagios XI Manage Users Page cross site scripting0.08CVE-2020-27988
1649995.74.07.5
 
 
AVideo information disclosure0.00CVE-2020-23490
1649987.56.38.8
 
 
Avideo import.json.php access control0.05CVE-2020-23489
1649975.45.55.3
 
 
JetBrains TeamCity Dependency unknown vulnerability0.00CVE-2020-27629
1649964.95.54.3
 
 
JetBrains TeamCity Audit Record unknown vulnerability0.00CVE-2020-27628
1649955.85.56.1
 
 
JetBrains TeamCity URL injection0.05CVE-2020-27627
1649945.45.55.3
 
 
JetBrains YouTrack server-side request forgery0.05CVE-2020-27626
1649934.43.55.3
 
 
JetBrains YouTrack Notification information disclosure0.08CVE-2020-27625
1649925.45.55.3
 
 
JetBrains YouTrack server-side request forgery0.00CVE-2020-27624
1649915.53.57.5
 
 
JetBrains IdeaVim information disclosure0.00CVE-2020-27623
1649904.43.55.3
 
 
JetBrains IntelliJ IDEA Web Server information disclosure0.06CVE-2020-27622
1649894.83.56.1
 
 
Chronoforeum Post cross site scripting0.00CVE-2020-27459
1649885.53.57.5
 
 
Anuko Time Tracker Password Reset denial of service0.00CVE-2020-27423
1649877.75.69.8
 
 
Anuko Time Tracker password recovery0.00CVE-2020-27422
1649866.96.37.5
 
 
LionWiki index.php file inclusion0.08CVE-2020-27191
1649856.05.56.5
 
 
JetBrains Ktor request smuggling1.71CVE-2020-26129
1649848.57.39.8
 
 
PHPGurukul User Registration & Login/User Management System sql injection0.06CVE-2020-25952
1649835.45.55.3
 
 
JetBrains YouTrack Workflow Rule behavioral workflow0.00CVE-2020-25210
1649825.94.37.5
 
 
JetBrains YouTrack REST API access control0.08CVE-2020-25209
1649818.06.39.8
 
 
JetBrains ToolBox Browser Protocol Remote Privilege Escalation0.00CVE-2020-25207
1649805.53.57.5
 
 
JetBrains ToolBox Browser Protocol denial of service0.04CVE-2020-25013
1649793.43.53.3
 
 
JetBrains YouTrack Backup information disclosure0.00CVE-2020-24366
1649784.43.55.4
 
 
Ivanti Endpoint Manager frm_splitfrm.aspx cross site scripting1.50CVE-2020-13773
1649774.43.55.3
 
 
Ivanti Endpoint Manager ldprov.cgi information disclosure0.05CVE-2020-13772
1649767.56.38.8
 
 
Ivanti Endpoint Manager alert_log.aspx sql injection0.08CVE-2020-13769
1649755.83.58.1
 
 
Amazon AWS Encryption SDK AES-GCM cryptographic issues0.05CVE-2020-8897
1649744.83.56.1
 
 
markdown-it-highlightjs cross site scripting0.00CVE-2020-7773
1649735.55.65.3
 
 
Firebase util DeepCopy.ts deepExtend code injection0.00CVE-2020-7765
1649728.48.08.8
 
 
Citrix SD-WAN Center os command injection0.07CVE-2020-8273
1649716.96.37.5
 
 
Citrix SD-WAN Center improper authentication0.08CVE-2020-8272
1649709.89.89.8
 
 
Citrix SD-WAN Center path traversal0.00CVE-2020-8271
1649698.88.88.8
 
 
Citrix Virtual Apps/XenDesktop os command injection0.00CVE-2020-8270
1649688.88.88.8
 
 
Citrix Virtual Apps/XenDesktop access control0.13CVE-2020-8269

Do you know our Splunk app?

Download it now for free!