CVSSv3 06/07/2018info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1195526.46.36.5
 
 
Adobe Flash Player out-of-bounds read0.00CVE-2018-5001
1195516.46.36.5
 
 
Adobe Flash Player integer overflow0.00CVE-2018-5000
1195508.06.39.8
 
 
Adobe Flash Player memory corruption0.00CVE-2018-5002
1195497.56.38.8
 
 
Adobe Flash Player type conversion0.04CVE-2018-4945
1192646.46.36.5
 
 
openSUSE Open Build Service InitializeDevelPackage permission0.00CVE-2018-7689
1192636.46.36.5
 
 
openSUSE Open Build Service permission0.00CVE-2018-7688
1192626.46.36.5
 
 
McAfee Common UI ePO Extension xml external entity reference0.03CVE-2018-6670
1192617.56.38.8
 
 
express-cart Module unrestricted upload0.03CVE-2018-3758
1192607.06.37.7
 
 
IBM Robotic Process Automation with Automation Anywhere CSV Export command injection0.00CVE-2018-1547
1192596.54.38.8
 
 
IBM Robotic Process Automation with Automation Anywhere cross-site request forgery0.00CVE-2018-1514
1192585.24.36.1
 
 
Symphony content.blueprintspages.php cross site scripting0.00CVE-2018-12043
1192577.06.57.5
 
 
Roxy Fileman download.php path traversal0.00CVE-2018-12042
1192568.57.39.8
 
 
joyplus-cms index.php sql injection0.00CVE-2018-12039
1192556.14.47.8
 
 
OWASP Dependency-Check Archive path traversal0.03CVE-2018-12036
1192548.16.59.8
 
 
Eaton Intelligent Power Manager node_upgrade_srv.js downloadFirmware path traversal0.00CVE-2018-12031
1192536.45.37.5
 
 
GNOME Web libephymain.so data processing0.03CVE-2018-12016
1192527.06.57.5
 
 
Perl Tar path traversal0.03CVE-2018-12015
1192516.55.37.8
 
 
RSLinx Classic/FactoryTalk Linx Gateway unquoted search path0.03CVE-2018-10619
1192505.75.36.1
 
 
Cisco WebEx Web Framework cross site scripting0.00CVE-2018-0357
1192495.75.36.1
 
 
Cisco WebEx Web Framework cross site scripting0.03CVE-2018-0356
1192485.75.36.1
 
 
Cisco Unified Communications Manager Web UI input validation0.00CVE-2018-0355
1192475.75.36.1
 
 
Cisco Unity Connection Web Framework cross site scripting0.00CVE-2018-0354
1192467.47.37.5
 
 
Cisco Web Security Appliance Traffic Monitor 7pk security0.03CVE-2018-0353
1192457.37.86.7
 
 
Cisco Wide Area Application Services disk-check.sh access control0.03CVE-2018-0352
1192444.84.35.4
 
 
Cisco Unified Communications Manager Web Framework cross site scripting0.03CVE-2018-0340
1192435.75.36.1
 
 
Cisco Identity Services Engine Web-based Management Interface cross site scripting0.00CVE-2018-0339
1192426.55.37.8
 
 
Cisco Unified Computing System RBAC input validation0.03CVE-2018-0338
1192417.56.38.8
 
 
Cisco Prime Collaboration Provisioning Batch Provisioning unrestricted upload0.03CVE-2018-0336
1192405.94.07.8
 
 
Cisco Prime Collaboration Provisioning Web Portal information disclosure0.03CVE-2018-0335
1192396.17.34.8
 
 
Cisco AnyConnect Network Access Manager TLS Certificate Management Subsystem certificate validation0.08CVE-2018-0334

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!