CVSSv3 06/08/2017info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1022269.48.39.810.0
 
HPE Universal Configuration Management Database privilege escalation0.05CVE-2017-8947
1021538.87.89.8
 
 
VMware Horizon View Service Startup Script privilege escalation0.00CVE-2017-4918
1021527.57.57.5
 
 
IBM Tivoli Federated Identity Manager Sessio Cookie cross site scripting0.00CVE-2017-1319
1021514.83.75.9
 
 
IBM BigFix Compliance weak encryption0.00CVE-2017-1179
1021504.43.55.4
 
 
IBM Business Process Manager Web UI cross site scripting0.00CVE-2017-1140
1021496.14.38.0
 
 
IBM Sterling Order Management cross site request forgery0.00CVE-2016-9991
1021485.35.35.3
 
 
IBM WebSphere Application Server SOAP Request information disclosure0.00CVE-2016-9736
1021476.75.48.1
 
 
IBM Rhapsody DM XML XML External Entity0.05CVE-2016-9698
1021464.34.34.3
 
 
IBM Maximo Asset Management information disclosure0.00CVE-2016-8987
1021459.910.09.8
 
 
Red Hat Enterprise Linux Desktop RESTEasy SerializableProvider privilege escalation0.00CVE-2016-7050
1021447.47.37.5
 
 
Blue Coat Advanced Secure Gateway/CacheFlow/ProxySG Bypass privilege escalation0.00CVE-2016-6594
1021437.26.38.1
 
 
IBM Tivoli Key Lifecycle Manager Permission privilege escalation0.05CVE-2016-6098
1021428.06.39.8
 
 
IBM Tivoli Key Lifecycle Manager Password Policy weak authentication0.00CVE-2016-6093
1021416.37.35.3
 
 
Acer Portal App SSL Certificate Man-in-the-Middle weak authentication0.00CVE-2016-5648
1021406.45.37.5
 
 
Red Hat Enterprise Linux Desktop 389 Directory Server information disclosure0.00CVE-2016-5416
1021397.55.39.8
 
 
Red Hat Enterprise Linux Desktop 389 Directory Server Password information disclosure0.00CVE-2016-5405
1021386.45.37.5
 
 
Red Hat Enterprise Linux Desktop 389 Directory Server information disclosure0.00CVE-2016-4992
1021378.57.39.8
 
 
PHP phar_object.c Use-After-Free memory corruption0.00CVE-2016-4473
1021367.56.38.8
 
 
CloudForms ManageIQ privilege escalation0.00CVE-2016-4471
1021358.57.39.8
 
 
Red Hat JBoss EAP PooledInvokerServlet privilege escalation0.05CVE-2016-3690

Do you want to use VulDB in your project?

Use the official API to access entries easily!