CVSSv3 11/30/2020info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1654524.44.34.6
 
 
Estil Hill Lock Password Manager Safe App backdoor0.04CVE-2020-29392
1654518.06.39.8
 
 
ZeroShell kerbynet os command injection0.09CVE-2020-29390
1654504.13.54.8
 
 
NetArt News Lister News Headline cross site scripting0.00CVE-2020-29364
1654498.06.39.8
 
 
minidlna UPnP HTTP Request buffer overflow0.04CVE-2020-28926
1654487.65.59.8
 
 
UCMS File Upload unrestricted upload0.04CVE-2020-25537
1654474.33.15.5
 
 
IBM Business Automation Workflow log file0.03CVE-2020-4900
1654465.36.34.3
 
 
IBM Cloud Pak for Security session fixiation0.01CVE-2020-4696
1654457.76.59.0
 
 
IBM Cloud Pak for Security csv injection0.00CVE-2020-4627
1654444.75.04.3
 
 
IBM Cloud Pak for Security HTTP Request information disclosure0.00CVE-2020-4626
1654434.53.75.3
 
 
IBM Cloud Pak for Security cookie without 'httponly' flag0.05CVE-2020-4625
1654424.53.75.3
 
 
IBM Cloud Pak for Security inadequate encryption0.02CVE-2020-4624
1654415.96.35.5
 
 
PNGOUT PNG File integer overflow0.09CVE-2020-29384
1654405.86.35.3
 
 
Canto Plugin tree.php server-side request forgery0.00CVE-2020-28978
1654395.86.35.3
 
 
Canto Plugin get.php server-side request forgery0.08CVE-2020-28977
1654385.86.35.3
 
 
Canto Plugin detail.php server-side request forgery0.00CVE-2020-28976
1654378.36.89.8
 
 
Fujitsu Eternus Storage DX200 S4 csp improper restriction of rendered ui layers0.03CVE-2020-29127
1654368.57.39.8
 
 
Synology SafeAccess request.cgi sql injection0.05CVE-2020-27660
1654354.13.54.8
 
 
Synology SafeAccess cross site scripting0.02CVE-2020-27659
1654347.35.59.1
 
 
QEMU Host Controller Driver hcd-ohci.c stack-based overflow0.00CVE-2020-25624

Do you need the next level of professionalism?

Upgrade your account now!