CVSSv3 04/14/2017info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCVE
999006.45.37.5
 
 
flatCore Content Database sql injectionCVE-2017-7879
998997.55.39.8
 
 
flatCore User Database sql injectionCVE-2017-7878
998986.54.38.8
 
 
flatCore CMS Configuration cross site request forgeryCVE-2017-7877
998978.57.39.8
 
 
feh IPC Message wallpaper.c memory corruptionCVE-2017-7875
998965.24.36.1
 
 
trollepierre tdm cross site scriptingCVE-2017-7871
998955.94.77.2
 
 
SAP NetWeaver AS JAVA ES UDDI getUserUddiElements sql injectionCVE-2017-7717
998946.45.37.5
 
 
SAP AS JAVA SSO Authentication Library qr denial of serviceCVE-2017-7696
998936.55.37.8
 
 
Proxifier for Mac KLoader Binary privilege escalationCVE-2017-7690
998927.76.39.1
 
 
Hipchat Server File Import privilege escalationCVE-2017-7357
998914.43.55.4
 
 
Zurmo toggleCollapse cross site scriptingCVE-2017-7188
998907.27.27.2
 
 
Quest Privilege Manager pmmasterd privilege escalationCVE-2017-6554
998897.06.37.8
 
 
Ghostscript zht2.c .sethalftone5 memory corruptionCVE-2016-8602
998884.34.04.6
 
 
Red Hat QuickStart Cloud Installer Web Interface Mask information disclosureCVE-2016-7060
998878.48.38.6
 
 
XmlMapper in the Data format Extension DTD Server-Side Request ForgeryCVE-2016-7051
998866.15.37.0
 
 
Todd Miller sudo sudo_noexec.so popen privilege escalationCVE-2016-7032
998856.55.67.5
 
 
Nettle Decryption Side-Channel information disclosureCVE-2016-6489
998847.87.87.8
 
 
mock scm Plug-in privilege escalationCVE-2016-6299
998834.84.35.3
 
 
Zoho ManageEngine ServiceDesk Plus Cookie information disclosureCVE-2016-4890
998828.07.38.8
 
 
Zoho ManageEngine ServiceDesk Plus privilege escalationCVE-2016-4889
998815.96.35.4
 
 
Zoho ManageEngine ServiceDesk Plus cross site scriptingCVE-2016-4888

Do you want to use VulDB in your project?

Use the official API to access entries easily!