CVSSv3 04/23/2018info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCVE
1169825.35.35.3
 
 
CMS Made Simple directory traversalCVE-2018-9921
1169816.45.37.5
 
 
Lutron Quantum BACnet Integration User Authentication deviceIP information disclosureCVE-2018-8880
1169807.87.87.8
 
 
Linux Kernel udldrmfb Driver udl_fb.c udl_fb_mmap memory corruptionCVE-2018-8781
1169793.52.44.6
 
 
Siemens SIMATIC WinCC OA Operator iOS App Session Key information disclosureCVE-2018-4847
1169787.56.38.8
 
 
Foxit Reader Javascript Engine Use-After-Free memory corruptionCVE-2018-3850
1169775.45.35.5
 
 
PackageKit weak authenticationCVE-2018-1106
1169767.56.38.8
 
 
Foxit Reader/PhantomPDF Use-After-Free memory corruptionCVE-2018-10303
1169757.06.37.8
 
 
Foxit Reader/PhantomPDF Use-After-Free memory corruptionCVE-2018-10302
1169745.75.36.1
 
 
Web-Dorado Instagram Feed WD Plugin cross site scriptingCVE-2018-10301
1169735.75.36.1
 
 
Web-Dorado Instagram Feed WD Plugin cross site scriptingCVE-2018-10300
1169724.13.54.8
 
 
User Profile & Membership Plugin cross site scriptingCVE-2018-10234
1169716.54.38.8
 
 
User Profile & Membership Plugin cross site request forgeryCVE-2018-10233
1169708.16.59.8
 
 
SaltStack Salt Impersonation spoofingCVE-2017-7893
1169694.84.35.3
 
 
IBM WebSphere MQ Memory Leak denial of serviceCVE-2017-1786
1169688.57.39.8
 
 
OpenSLP Heap-based memory corruptionCVE-2017-17833
1169674.72.57.0
 
 
IBM Cognos Business Intelligence Credentials information disclosureCVE-2017-1764
1169667.56.38.8
 
 
IBM Team Concert Credential Storage weak encryptionCVE-2017-1701
1169655.24.36.1
 
 
IBM Cognos Business Intelligence Web UI cross site scriptingCVE-2017-1486
1169647.47.37.5
 
 
IBM Security Access Manager weak encryptionCVE-2017-1473
1169637.56.38.8
 
 
Foxit Reader Javascript Engine Use-After-Free memory corruptionCVE-2017-14458
1169625.75.36.1
 
 
QNAP Photo Station cross site scriptingCVE-2017-13073
1169616.96.37.5
 
 
Beauty Ecosystem Coin Ethereum ERC20 Token batchTransfer memory corruptionCVE-2018-10299

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!