CVSSv3 10/19/2017info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1083126.97.36.5
 
 
Apache HTTP Server IP Address Filter privilege escalation0.00CVE-2017-12171
1082978.57.39.8
 
 
Apache NiFi Proxy Chain Deserialization privilege escalation0.00CVE-2017-5636
1082967.47.37.5
 
 
Apache NiFi Cluster privilege escalation0.00CVE-2017-5635
1082956.95.38.6
 
 
Cisco Firepower Extensible Operating System/NX-OS AAA denial of service0.00CVE-2017-3883
1082947.47.37.5
 
 
musl Libc DNS Reply lookup_name.c memory corruption0.00CVE-2017-15650
1082936.55.37.8
 
 
Linux Kernel af_packet.c Use-After-Free memory corruption0.00CVE-2017-15649
1082925.24.36.1
 
 
Phpsugar PHP Melody page_manager.php cross site scripting0.08CVE-2017-15648
1082917.06.57.5
 
 
FiberHome Router webproc directory traversal0.00CVE-2017-15647
1082905.24.36.1
 
 
Webmin File Manager privilege escalation0.08CVE-2017-15646
1082896.54.38.8
 
 
Webmin create_job.cgi cross site request forgery0.00CVE-2017-15645
1082888.48.38.6
 
 
Webmin link.cgi Server-Side Request Forgery0.00CVE-2017-15644
1082876.55.67.4
 
 
Ikarus Anti Virus guardxup.exe privilege escalation0.00CVE-2017-15643
1082865.45.35.5
 
 
Sound eXchange AIFF File aiff.c lsx_aiffstartread Use-After-Free memory corruption0.00CVE-2017-15642
1082856.46.36.5
 
 
Mura CMS Draggable Feeds readRSS.cfm privilege escalation0.00CVE-2017-15639
1082845.24.36.1
 
 
Mistune mistune.py cross site scripting0.00CVE-2017-15612
1082836.46.36.5
 
 
Octopus Privileges privilege escalation0.00CVE-2017-15611
1082825.44.36.5
 
 
Octopus Guest Account privilege escalation0.00CVE-2017-15610
1082816.45.37.5
 
 
Octopus JSON File Cleartext information disclosure0.00CVE-2017-15609
1082806.05.36.7
 
 
Progea Movicon Unquoted Search Path privilege escalation0.00CVE-2017-14019
1082796.55.37.8
 
 
Progea Movicon privilege escalation0.00CVE-2017-14017

Want to stay up to date on a daily basis?

Enable the mail alert feature now!