CVSSv3 12/19/2020info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1666196.36.3
 
 
 
HPE iLO Amplifier Pack Server Remote Privilege Escalation0.00CVE-2020-7203
1666183.53.5
 
 
 
HPE StoreEver MSL2024/StoreEver 1-8 G2 cross-site request forgery0.08CVE-2020-7201
1666176.36.3
 
 
 
HPE Systems Insight Manager Remote Privilege Escalation0.00CVE-2020-7200
1666168.18.1
 
 
 
Marvell QConvergeConsole GUI path traversal0.08CVE-2020-5803
1666154.34.3
 
 
 
HCL Verse Message Content cross site scripting0.08CVE-2020-4080
1666146.36.3
 
 
 
Ceph insufficiently protected credentials0.09CVE-2020-27781
1666136.36.3
 
 
 
ThingsBoard Host Header injection0.08CVE-2020-27687
1666123.53.5
 
 
 
OpenSlides cross site scripting0.09CVE-2020-26280
1666116.36.3
 
 
 
WeiPHP wp_where sql injection0.00CVE-2020-20300
1666105.55.5
 
 
 
WeiPHP POST access control0.09CVE-2020-20299
1666096.36.3
 
 
 
zzzphp zzz_template.php injection0.00CVE-2020-20298
1666083.53.5
 
 
 
zzcms User Login Page login.php cross site scripting0.00CVE-2020-20285
1666077.37.3
 
 
 
uftpd FTP Server common.c compose_abspath pathname traversal0.00CVE-2020-20277
1666067.37.3
 
 
 
uftpd FTP Server common.c handle_PORT buffer overflow0.00CVE-2020-20276
1666056.36.3
 
 
 
Apache Pulsar Manager Verification permission0.00CVE-2020-17520
1666044.34.3
 
 
 
HCL iNotes Message Content or cross site scripting0.07CVE-2020-14271
1666037.37.3
 
 
 
HCL Notes MIME Message buffer overflow0.03CVE-2020-14224
1666028.88.8
 
 
 
Kepware LinkMaster access control0.00CVE-2020-13535
1666015.55.5
 
 
 
NZXT Cam IO Request Packet access control0.00CVE-2020-13519
1666005.55.5
 
 
 
NZXT Cam IO Request Packet access control0.09CVE-2020-13515
1665995.55.5
 
 
 
NZXT Cam IO Request Packet access control0.00CVE-2020-13514
1665985.55.5
 
 
 
NZXT Cam IO Request Packet access control0.08CVE-2020-13513
1665975.55.5
 
 
 
NZXT Cam IO Request Packet access control0.05CVE-2020-13512
1665966.36.3
 
 
 
DolphinScheduler mysql connectorj Remote Privilege Escalation0.08CVE-2020-11974

Interested in the pricing of exploits?

See the underground prices here!