CVSSv3 03/20/2018info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1148466.55.37.8
 
 
NASM Netwide Assembler parser.c parse_line memory corruption0.00CVE-2018-8883
1148456.55.37.8
 
 
NASM Netwide Assembler float.c ieee_shr memory corruption0.00CVE-2018-8882
1148446.35.37.3
 
 
NASM Netwide Assembler preproc.c tokenize memory corruption0.00CVE-2018-8881
1148436.65.57.8
 
 
2345 Security Guard Driver 2345Wrath.sys Blue Screen input validation0.00CVE-2018-8876
1148426.65.57.8
 
 
2345 Security Guard Driver 2345Wrath.sys Blue Screen input validation0.00CVE-2018-8875
1148416.65.57.8
 
 
2345 Security Guard 2345Wrath.sys Blue Screen input validation0.00CVE-2018-8874
1148406.65.57.8
 
 
2345 Security Guard 2345NetFirewall.sys Blue Screen input validation0.00CVE-2018-8873
1148393.62.44.8
 
 
enhavo user-group cross site scripting0.00CVE-2018-8832
1148388.57.39.8
 
 
Kamailio REGISTER Message tmx_pretran.c tmx_check_pretran memory corruption0.07CVE-2018-8828
1148375.53.37.8
 
 
Linux Kernel ncplib_kernel.c ncp_read_kernel memory corruption0.04CVE-2018-8822
1148365.55.55.5
 
 
Jungo DriverWizard WinDriver windrvr1260.sys Blue Screen input validation0.00CVE-2018-8821
1148354.44.34.6
 
 
Alkacon OpenCms SVG Image gallery cross site scripting0.05CVE-2018-8815
1148347.05.38.8
 
 
OpenCms user_role.jsp cross-site request forgery0.06CVE-2018-8811
1148336.47.35.5
 
 
radare2 mach0_classes.c get_ivar_list_t memory corruption0.05CVE-2018-8810
1148326.47.35.5
 
 
radare2 anal_dalvik.c dalvik_op memory corruption0.05CVE-2018-8809
1148316.47.35.5
 
 
radare2 asm.c r_asm_disassemble memory corruption0.05CVE-2018-8808
1148305.95.36.5
 
 
libming SWF File decompile.c decompileCALLFUNCTION use after free0.00CVE-2018-8807
1148295.95.36.5
 
 
libming SWF File decompile.c decompileArithmeticOp use after free0.00CVE-2018-8806
1148285.24.36.1
 
 
Yxcms Building System extend_guestbook.php cross site scripting0.00CVE-2018-8805
1148277.05.38.8
 
 
ImageMagick ept.c WriteEPTImage double free0.00CVE-2018-8804
1148268.57.39.8
 
 
QOS.ch SLF4J slf4j-ext deserialization0.05CVE-2018-8088
1148255.35.35.3
 
 
Eaton ELCSoft input validation0.00CVE-2018-7511
1148248.57.39.8
 
 
Tenda AC15 telnetd telnet access control0.04CVE-2018-5770
1148238.57.39.8
 
 
Tenda AC15 Cookie Header hard-coded credentials0.05CVE-2018-5768
1148227.47.37.5
 
 
NCR S2 Dispenser Controller Firmware out-of-bounds write0.05CVE-2018-5717
1148215.85.36.3
 
 
Philips ISCV Session Expiration session expiration0.00CVE-2018-5438
1148205.84.96.7
 
 
Siemens SIMATIC WinCC CONTROL Script access control0.00CVE-2018-4844
1148195.44.36.5
 
 
Siemens SIMATIC PROFINET DCP Request input validation0.00CVE-2018-4843
1148185.97.04.7
 
 
Intel SGX SDK Edger8r information disclosure0.06CVE-2018-3626
1148174.64.34.9
 
 
Apache Syncope Search information disclosure0.00CVE-2018-1322

Do you want to use VulDB in your project?

Use the official API to access entries easily!