CVSSv3 02/01/2018info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1127878.06.39.8
 
 
Adobe Flash Player use after free0.04CVE-2018-4878
1127337.37.3
 
 
 
GNU C Library memalign integer overflow0.04CVE-2018-6485
1127325.95.36.5
 
 
ZZIPlib ZIP File zip.c __zzip_fetch_disk_trailer resource management0.00CVE-2018-6484
1127315.35.3
 
 
 
Nibbleblog .DS_Store information disclosure0.05CVE-2018-6470
1127307.56.38.8
 
 
Citrix Netscaler VPX read_url server-side request forgery0.05CVE-2018-6186
1127296.54.38.8
 
 
Cloud Foundry Audit Event Log information disclosure0.00CVE-2018-1192
1127285.24.36.1
 
 
WP Retina cross site scripting0.00CVE-2018-0511
1127278.57.39.8
 
 
kkcald memory corruption0.05CVE-2018-0510
1127266.54.38.8
 
 
kkcald cross-site request forgery0.00CVE-2018-0509
1127255.24.36.1
 
 
kkcald cross site scripting0.05CVE-2018-0508
1127246.25.07.5
 
 
Puppet Enterprise RBAC Access Token credentials management0.00CVE-2017-2297
1127235.44.36.5
 
 
Puppet Enterprise Display input validation0.00CVE-2017-2296
1127224.84.74.9
 
 
Puppet Enterprise MCollective Configuration 7pk security0.00CVE-2017-2293
1127218.57.39.8
 
 
FishEye/Crucible Double OGNL Evaluation Java access control0.04CVE-2017-16861
1127204.72.57.0
 
 
GNU C Library memory corruption0.00CVE-2017-1000409
1127195.53.37.8
 
 
GNU C Library resource management0.00CVE-2017-1000408
1127186.45.37.5
 
 
Evergreen Access Restriction open-ils.actor.ou_setting.ancestor_default information disclosure0.05CVE-2015-2204
1127175.44.36.5
 
 
Evergreen information disclosure0.00CVE-2015-2203
1127167.47.37.5
 
 
Open Atrium OG Subgroups Module access control0.08CVE-2014-9504
1127156.46.36.5
 
 
Open Atrium Discussions Sub Module access control0.05CVE-2014-9503
1127146.54.38.8
 
 
Open Atrium Menu Callback cross-site request forgery0.00CVE-2014-9502
1127136.97.06.7
 
 
G Data TotalProtection Driver MiniIcpt.sys access control0.06CVE-2014-3752
1127126.46.36.5
 
 
Linux Kernel vzkernel open_by_handle_at access control0.09CVE-2014-3519
1127118.57.39.8
 
 
SugarCRM RSSDashlet Dashlet RSSDashlet.php xml external entity reference0.00CVE-2014-3244
1127108.57.39.8
 
 
Zabbix XML Data xml external entity reference0.06CVE-2014-3005
1127095.44.36.5
 
 
Evergreen open-ils.pcrud Endpoint Permission information disclosure0.00CVE-2013-7435
1127088.57.39.8
 
 
PacketFence login.php LDAP injection ldap injection0.00CVE-2011-4069
1127078.57.39.8
 
 
PacketFence login.php check_password improper authentication0.07CVE-2011-4068
1060563.33.3
 
 
 
Mirmay Secure Private Browser / File Manager Auto Lock race condition0.06

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!