CVSSv3 11/18/2020info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1651106.96.37.5
 
 
cxuucms search.php sql injection0.08CVE-2020-28091
1651095.44.36.5
 
 
TP-LINK TL-WPA4220 POST Request syslog denial of service0.07CVE-2020-28005
1651085.24.36.1
 
 
Cisco Webex Meeting API cross site scriting0.00CVE-2020-27126
1651075.55.5
 
 
 
Trusted Computing Group Trusted Platform Module Library Family initialization0.00CVE-2020-26933
1651065.24.36.1
 
 
RSA Archer URL cross site scripting0.06CVE-2020-26884
1651059.89.89.8
 
 
Planet Technology Corp NVR-915/NVR-1615 Telnet Server hard-coded credentials0.09CVE-2020-26097
1651045.24.36.1
 
 
Cisco IoT Field Network Director Web UI cross site scripting0.00CVE-2020-26081
1651035.26.34.1
 
 
Cisco IoT Field Network Director JSON access control0.00CVE-2020-26080
1651024.64.34.9
 
 
Cisco IoT Field Network Director credentials storage0.00CVE-2020-26079
1651016.46.36.5
 
 
Cisco IoT Field Network Director API file inclusion0.00CVE-2020-26078
1651005.36.34.3
 
 
Cisco IoT Field Network Director access control0.00CVE-2020-26077
1650996.45.37.5
 
 
Cisco IoT Field Network Director access control0.00CVE-2020-26076
1650987.56.38.8
 
 
Cisco IoT Field Network Director REST API sql injection0.00CVE-2020-26075
1650977.66.68.7
 
 
Cisco IoT Field Network Director SOAP API access control0.00CVE-2020-26072
1650965.64.76.5
 
 
Cisco TelePresence Collaboration Endpoint/RoomOS xAPI service authorization0.00CVE-2020-26068
1650956.45.57.3
 
 
lemocms Uploads.php unrestricted upload0.00CVE-2020-25406
1650947.56.38.8
 
 
TP-LINK TL-WPA4220 httpd powerline os command injection0.07CVE-2020-24297
1650937.15.58.8
 
 
Schneider Electric Modicon M340 Web Server buffer overflow0.00CVE-2020-7564
1650927.15.58.8
 
 
Schneider Electric Modicon M340 Web Server out-of-bounds write0.08CVE-2020-7563
1650915.83.58.1
 
 
Schneider Electric Modicon M340 Web Server out-of-bounds read0.07CVE-2020-7562
1650905.55.55.4
 
 
Kamailio Whitespace remove_hf protection mechanism0.40CVE-2020-28361
1650894.13.54.8
 
 
PHPGurukul User Registration & Login/User Management System Admin Panel cross site scripting0.00CVE-2020-24723
1650885.03.56.5
 
 
view_statistics Extension missing encryption0.00CVE-2020-28917
1650874.43.35.5
 
 
Linux Kernel fbcon buffer overflow0.00CVE-2020-28915
1650866.35.57.1
 
 
Kata Containers permission0.06CVE-2020-28914
1650858.06.39.8
 
 
SourceCodester Water Billing System process.php sql injection0.07CVE-2020-28183
1650848.06.39.8
 
 
SourceCodester Online Clothing Store Image Upload Products.php unrestricted upload0.07CVE-2020-28140
1650834.83.56.1
 
 
SourceCodester Online Clothing Store offer.php cross site scripting0.06CVE-2020-28139
1650828.06.39.8
 
 
SourceCodester Online Clothing Store login.php sql injection0.85CVE-2020-28138
1650817.56.38.8
 
 
SourceCodester Tourism Management System create-package.php unrestricted upload1.03CVE-2020-28136
1650808.57.39.8
 
 
SourceCodester Simple Grocery Store Sales and Inventory System login.php sql injection0.40CVE-2020-28133
1650798.06.39.8
 
 
SourceCodester Library Management System Image Upload unrestricted upload0.08CVE-2020-28130
1650784.83.56.1
 
 
SourceCodester Gym Management System cross site scripting0.10CVE-2020-28129
1650774.83.56.1
 
 
PESCMS Team Parameter cross site scripting0.07CVE-2020-28092
1650764.43.55.4
 
 
Kaa IoT Platform Dashboard cross site scripting0.07CVE-2020-26701
1650757.65.59.8
 
 
Aviatrix Controller API unrestricted upload0.08CVE-2020-26553
1650746.96.37.5
 
 
Aviatrix Controller API Endpoint improper authentication0.10CVE-2020-26552
1650735.02.67.5
 
 
Aviatrix Controller credentials storage0.10CVE-2020-26551
1650725.33.17.5
 
 
Aviatrix Controller Encrypted File insufficiently protected credentials0.10CVE-2020-26550
1650716.55.57.5
 
 
Aviatrix Controller .htaccess protection mechanism0.10CVE-2020-26549
1650708.88.88.8
 
 
Aviatrix Controller sudo access control0.00CVE-2020-26548
1650696.36.3
 
 
 
GitLab Community Edition/Enterprise Edition Package Upload path traversal0.07CVE-2020-26405
1650685.24.36.1
 
 
TYPO3 Fluid cross site scripting0.00CVE-2020-26216
1650675.03.56.5
 
 
Genexis Platinum 4410 UPNP/Freeciv Service X_GetAccess information disclosure0.13CVE-2020-25988
1650664.83.56.1
 
 
Kyocera ECOSYS M2640IDW Machine Address Book cross site scripting0.05CVE-2020-25890
1650656.96.37.5
 
 
Taskcafe Project Management Tool Access Token information disclosure0.00CVE-2020-25400
1650644.34.3
 
 
 
GitLab Community Edition/Enterprise Edition Scheduled Pipeline API permission0.09CVE-2020-13351
1650633.93.54.3
 
 
GitLab Community Edition/Enterprise Edition Administration Page cross-site request forgery0.00CVE-2020-13350
1650624.34.3
 
 
 
GitLab Enterprise Edition Advanced Search incorrect regex0.09CVE-2020-13349
1650615.55.5
 
 
 
GitLab Enterprise Edition Branch access control0.00CVE-2020-13348

Interested in the pricing of exploits?

See the underground prices here!