CVSSv3 12/25/2020info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1668136.36.3
 
 
 
PHPList Import Administrators Page sql injection0.09CVE-2020-35708
1668123.53.5
 
 
 
Daybyday New Client Screen cross site scripting0.00CVE-2020-35707
1668113.53.5
 
 
 
Daybyday New Project Screen cross site scripting0.00CVE-2020-35706
1668103.53.5
 
 
 
Daybyday New User Screen cross site scripting0.00CVE-2020-35705
1668093.53.5
 
 
 
Daybyday New Lead Screen cross site scripting0.03CVE-2020-35704
1668083.53.5
 
 
 
Huawei TE Mobile information disclosure0.00CVE-2020-9202
1668075.55.5
 
 
 
Huawei NIP6800/Secospace USG6600/Secospace USG9500 DHCP Message out-of-bounds read0.03CVE-2020-9201
1668065.55.5
 
 
 
Huawei iManager NetEco 6000 csv injection0.02CVE-2020-9200
1668055.35.3
 
 
 
Huawei CloudEngine 7800 access control0.02CVE-2020-9137
1668044.34.3
 
 
 
Huawei CloudEngine 1800V Messages resource consumption0.03CVE-2020-9120
1668034.14.1
 
 
 
Huawei Smart Phone access control0.03CVE-2020-9119
1668025.55.5
 
 
 
Poppler PDF Document DCTStream.cc getChars heap-based overflow0.00CVE-2020-35702
1668014.04.0
 
 
 
Samsung Galaxy Note 4 Bluetooth Low Energy information disclosure0.03CVE-2020-35693
1668004.34.3
 
 
 
OpenSMTPD lka_filter.c null pointer dereference0.04CVE-2020-35680
1667993.53.5
 
 
 
OpenSMTPD Message table.c memory leak0.00CVE-2020-35679
1667983.53.5
 
 
 
Pi-hole DNS Query Log cross site scripting0.01CVE-2020-35659
1667976.36.3
 
 
 
EGavilan Media EGM Address Book Admin Panel sql injection0.03CVE-2020-29474
1667966.36.3
 
 
 
EGavilan Media Under Construction Page Admin Panel sql injection0.00CVE-2020-29472
1667953.53.5
 
 
 
WonderCMS Admin Panel cross site scripting0.00CVE-2020-29247
1667946.36.3
 
 
 
TerraMaster TOS access control0.02CVE-2020-29189
1667936.36.3
 
 
 
MariaDB Named Pipe Connection channel accessible0.02CVE-2020-28912
1667923.73.7
 
 
 
TerraMaster TOS Update cleartext transmission0.00CVE-2020-28190
1667917.37.3
 
 
 
TerraMaster TOS makecvs.php os command injection0.02CVE-2020-28188
1667906.36.3
 
 
 
TerraMaster TOS pathname traversal0.00CVE-2020-28187
1667896.36.3
 
 
 
TerraMaster TOS Forgot Password injection0.03CVE-2020-28186
1667885.35.3
 
 
 
TerraMaster TOS initialise.php information disclosure0.02CVE-2020-28185
1667873.53.5
 
 
 
TerraMaster TOS index.php cross site scripting0.00CVE-2020-28184
1667866.36.3
 
 
 
td-agent-builder Plugin permission0.02CVE-2020-28169
1667856.36.3
 
 
 
F5 BIG-IP APM redirect0.04CVE-2020-27729
1667843.53.5
 
 
 
F5 BIG-IP ASM/Advanced WAF AVRD denial of service0.07CVE-2020-27728
1667834.34.3
 
 
 
F5 BIG-IP iAppsLX REST Installer information disclosure0.07CVE-2020-27727
1667823.53.5
 
 
 
F5 BIG-IP APM Resource Information Page cross site scripting0.02CVE-2020-27726
1667813.53.5
 
 
 
F5 BIG-IP DNS/BIG-IP GTM zxfrd memory leak0.05CVE-2020-27725
1667804.34.3
 
 
 
F5 BIG-IP APM TMM resource consumption0.00CVE-2020-27724
1667793.53.5
 
 
 
F5 BIG-IP APM Traffic Management Microkernel denial of service0.07CVE-2020-27723
1667784.34.3
 
 
 
F5 BIG-IP APM VDI Plugin resource consumption0.02CVE-2020-27722
1667773.53.5
 
 
 
F5 BIG-IP DNS/BIG-IP LTM GSLB DNS Response denial of service0.00CVE-2020-27721
1667763.53.5
 
 
 
F5 BIG-IP LTM Traffic Management Microkernel CGNAT denial of service0.01CVE-2020-27720
1667753.53.5
 
 
 
F5 BIG-IP Configuration utility cross site scripting0.02CVE-2020-27719
1667743.53.5
 
 
 
F5 BIG-IP ASM/Advanced WAF JSON Payload resource consumption0.06CVE-2020-27718

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!