Change: Use score -99 for missing severity in CVEs

When a CVE entry in the nvdcve file has no cvss score, it is stored
with the score SEVERITY_MISSING (-99.0) instead of 0.0.

This allows distinguishing them from CVEs that explicitly have a score
of 0.0 assigned.

src/manage_sql_secinfo.c

@@ -2529,7 +2529,7 @@ insert_cve_from_entry (element_t entry, element_t last_modified,
     }
 
   if (score == NULL)
-    severity_dbl = 0;
+    severity_dbl = SEVERITY_MISSING;
   else
     severity_dbl = atof (element_text (score));