CVSSv2 March 2019info

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

PublishedVDBNVDVendResVulnerabilityCTICVE
03/31/20195.05.0
 
 
Domoticz End of Line crlf injection0.03CVE-2019-10678
03/31/20193.5
 
 
 
WordPress PNG File exif_imagetype Path information disclosure0.00CVE-2019-10675
03/31/20197.57.5
 
 
libmysofa Calculation btree.c treeRead input validation0.09CVE-2019-10672
03/31/20197.57.5
 
 
Domoticz WebServer.cpp GetFloorplanImage sql injection0.00CVE-2019-10664
03/30/20196.06.5
 
 
Grandstream UCM6204 API listCodeblueGroup sql injection0.03CVE-2019-10663
03/30/20196.09.0
 
 
Grandstream UCM6204 command injection0.07CVE-2019-10662
03/30/20199.310.0
 
 
Grandstream GXV3611IR_HD Empty credentials management0.00CVE-2019-10661
03/30/20196.06.5
 
 
Grandstream GXV3611IR_HD command injection0.02CVE-2019-10660
03/30/20196.06.5
 
 
Grandstream GXV3370/WP820 command injection0.01CVE-2019-10659
03/30/20196.06.5
 
 
Grandstream GWN7610 API controller.icc.update_nds_webroot_from_tmp command injection0.08CVE-2019-10658
03/30/20193.54.0
 
 
Grandstream GWN7000/GWN7610 uci.apply Password information disclosure0.06CVE-2019-10657
03/30/20196.09.0
 
 
Grandstream GWN7000 API uci.apply update_nds_webroot_from_tmp command injection0.05CVE-2019-10656
03/30/20196.87.5
 
 
Grandstream GAC2500/GXP2200/GVC3202/GXV3275/GXV3240 memory corruption0.00CVE-2019-10655
03/30/20194.34.3
 
 
LZO Archive liblzo2.so.2 lzo1x_decompress out-of-bounds read0.02CVE-2019-10654
03/30/20196.06.5
 
 
flatCore Addons Feature acp.php unrestricted upload0.03CVE-2019-10652
03/30/20196.85.8
 
 
ImageMagick tiff.c WriteTIFFImage out-of-bounds read0.01CVE-2019-10650
03/30/20194.34.3
 
 
ImageMagick svg.c SVGKeyValuePairs resource management0.01CVE-2019-10649
03/30/20196.87.5
 
 
Robocode input validation0.05CVE-2019-10648
03/30/20197.57.5
 
 
ZZZCMS zzzphp unrestricted upload0.00CVE-2019-10647
03/30/20194.34.3
 
 
Wolf CMS Add SNippet add cross site scripting0.05CVE-2019-10646
03/30/20194.36.8
 
 
HYBBS user.html cross-site request forgery0.03CVE-2019-10644
03/29/20194.34.3
 
 
MyBB ModCP Profile Editor Reflected cross site scripting0.00CVE-2018-19201
03/29/20197.57.5
 
 
Provisio SiteKiosk Call Dispatcher access control0.07CVE-2018-18766
03/29/20195.05.0
 
 
TP-LINK TL-WR840N memory corruption0.03CVE-2018-15840
03/29/20197.55.0
 
 
Harmis JE Messenger path traversal0.02CVE-2019-9922
03/29/20194.04.0
 
 
Harmis JE Messenger access control0.06CVE-2019-9921
03/29/20196.56.5
 
 
Harmis JE Messenger access control0.01CVE-2019-9920
03/29/20193.53.5
 
 
Harmis JE Messenger Message cross site scripting0.01CVE-2019-9919
03/29/20196.86.4
 
 
Harmis JE Messenger sql injection0.09CVE-2019-9918
03/29/20194.47.2
 
 
Symantec Norton Core code injection0.00CVE-2019-9695

Do you know our Splunk app?

Download it now for free!