CVSSv3 12/17/2020info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1665135.55.5
 
 
 
Hashicorp Vault Enterprise Sentinel EGP Policy Feature unknown vulnerability0.04CVE-2020-35453
1665129.89.8
 
 
 
Memcached Docker Image hard-coded password0.05CVE-2020-35197
1665119.89.8
 
 
 
Rabbitmq Docker Image hard-coded password0.05CVE-2020-35196
1665109.89.8
 
 
 
Haproxy Docker Image hard-coded password0.06CVE-2020-35195
1665099.89.8
 
 
 
Influxdb Docker Image hard-coded password0.00CVE-2020-35194
1665089.89.8
 
 
 
Vault Docker Image hard-coded password0.08CVE-2020-35192
1665079.89.8
 
 
 
Drupal Docker Image hard-coded password0.05CVE-2020-35191
1665069.89.8
 
 
 
Plone Docker Image hard-coded password0.00CVE-2020-35190
1665059.89.8
 
 
 
Kong Docker Image hard-coded password0.02CVE-2020-35189
1665049.89.8
 
 
 
Chronograf Docker Image hard-coded password0.02CVE-2020-35188
1665039.89.8
 
 
 
Telegraf Docker Image hard-coded password0.00CVE-2020-35187
1665029.89.8
 
 
 
Adminer Docker Image hard-coded password0.09CVE-2020-35186
1665019.89.8
 
 
 
Ghost Docker Image hard-coded password0.06CVE-2020-35185
1665009.89.8
 
 
 
Composer Docker Image hard-coded password0.04CVE-2020-35184
1664993.53.5
 
 
 
Hashicorp Vault/Vault Enterprise LDAP Auth Method information disclosure0.06CVE-2020-35177
1664985.55.5
 
 
 
Synacor Zimbra Collaboration Suite SAML Consumer Store Extension xml external entity reference0.05CVE-2020-35123
1664974.34.3
 
 
 
SSH Component denial of service0.04CVE-2020-29652
1664964.34.3
 
 
 
Sonatype Nexus Repository Manager xml external entity reference0.04CVE-2020-29436
1664956.36.3
 
 
 
Magic Home Pro Application improper authentication0.04CVE-2020-27199
1664946.36.3
 
 
 
Oracle Application Server Websocket access control0.02CVE-2020-25096
1664933.53.5
 
 
 
LogRhythm Platform Manager Websocket cross-site request forgery0.02CVE-2020-25095
1664928.88.8
 
 
 
LogRhythm Platform Manager Websocket command injection0.04CVE-2020-25094
1664914.34.3
 
 
 
Kyland KPS2204 webadminget.cgi information disclosure0.04CVE-2020-25011
1664906.36.3
 
 
 
Kyland KPS2204 Instruction unrestricted upload0.06CVE-2020-25010
1664895.05.0
 
 
 
Infraware ML Report MLReportDeamon.exe sub_41EAF0 stack-based overflow0.06CVE-2020-7837
1664887.37.3
 
 
 
connection-tester Package index.js injection0.06CVE-2020-7781
1664877.37.3
 
 
 
Dell BSAFE Micro Edition Suite buffer overflow0.06CVE-2020-5360
1664867.37.3
 
 
 
Dell BSAFE Micro Edition Suite return value0.00CVE-2020-5359
1664855.35.3
 
 
 
IBM Financial Transaction Manager Login Dialog information disclosure0.00CVE-2020-4908
1664845.35.3
 
 
 
IBM Financial Transaction Manager information exposure0.02CVE-2020-4907
1664833.33.3
 
 
 
IBM Financial Transaction Manager information disclosure0.00CVE-2020-4906
1664823.73.7
 
 
 
IBM Financial Transaction Manager cleartext transmission0.04CVE-2020-4905
1664814.34.3
 
 
 
IBM Financial Transaction Manager cross-site request forgery0.04CVE-2020-4904
1664804.34.3
 
 
 
IBM Sterling File Gateway Web UI cross site scripting0.06CVE-2020-4658
1664794.34.3
 
 
 
IBM Sterling B2B Integrator Web UI cross site scripting0.05CVE-2020-4657
1664786.36.3
 
 
 
Vmware macOS Sensor for VMware Carbon Black Cloud Installation Remote Privilege Escalation0.04CVE-2020-4008
1664776.36.3
 
 
 
Irfan Skiljan IrfanView PCX File out-of-bounds write0.05CVE-2020-35133
1664766.36.3
 
 
 
Pluck CMS unrestricted upload0.05CVE-2020-29607
1664754.34.3
 
 
 
Epson EPS TSE Server 8 Administrative Interface cross-site request forgery0.04CVE-2020-28931
1664743.53.5
 
 
 
Epson EPS TSE Server 8 users.php cross site scripting0.00CVE-2020-28930

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!