CVSSv3 08/02/2018info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCVE
1225578.27.39.1
 
 
MikroTik RouterOS Winbox privilege escalationCVE-2018-14847
1226226.86.57.56.5
 
HPE Intelligent Management Center PLAT directory traversalCVE-2018-7092
1225686.67.35.9
 
 
Apache Tomcat Connection Reuse weak authenticationCVE-2018-8037
1225675.24.36.1
 
 
Apache Axis cross site scriptingCVE-2018-8032
1225665.24.36.1
 
 
Monitorix CGI Variable cross site scriptingCVE-2018-7649
1225655.53.77.4
 
 
Insteon Hub HTTP Server denial of serviceCVE-2018-3834
1225644.43.55.4
 
 
IBM Maximo Asset Management Web UI cross site scriptingCVE-2018-1554
1225597.47.37.5
 
 
idreamsoft iCMS Incomplete Fix spider_tools.class.php Server-Side Request ForgeryCVE-2018-14858
1225586.47.35.5
 
 
PHP JPEG File exif.c exif_process_IFD_in_MAKERNOTE memory corruptionCVE-2018-14851
1225566.45.37.5
 
 
Apache Tomcat UTF-8 Decoder Loop denial of serviceCVE-2018-1336
1225555.86.35.3
 
 
Whale Browser Address Bar spoofingCVE-2018-12448
1225544.43.55.4
 
 
Tenable SecurityCenter Report cross site scriptingCVE-2018-1155
1225536.54.38.8
 
 
Tenable SecurityCenter Username information disclosureCVE-2018-1154
1225524.43.35.5
 
 
ttembed Input File Processing denial of serviceCVE-2018-10922
1225517.47.37.5
 
 
ttembed Input File Processing fputc memory corruptionCVE-2018-10921
1225506.25.66.8
 
 
Knot Resolver DNS Resolver Cache Poisoning privilege escalationCVE-2018-10920
1225498.57.39.8
 
 
PHP mysqli_real_escape_string memory corruptionCVE-2017-9120
1225487.47.37.5
 
 
PHP php_pcre_replace_impl memory corruptionCVE-2017-9118
1225474.43.55.4
 
 
PayPal permissions-sdk-php cross site scriptingCVE-2017-6215
1225464.43.55.4
 
 
PayPal invoice-sdk-php cross site scriptingCVE-2017-6213
1225457.26.38.1
 
 
SAP BPC Reporting XML External EntityCVE-2017-16349
1225448.67.49.9
 
 
Insteon Hub HTTP Server memory corruptionCVE-2017-16347
1225438.67.49.9
 
 
Insteon Hub HTTP Server memory corruptionCVE-2017-16346
1225428.67.49.9
 
 
Insteon Hub HTTP Server memory corruptionCVE-2017-16345
1225418.67.49.9
 
 
Insteon Hub HTTP Server memory corruptionCVE-2017-16344
1225408.67.49.9
 
 
Insteon Hub HTTP Server memory corruptionCVE-2017-16343
1225398.67.49.9
 
 
Insteon Hub HTTP Server memory corruptionCVE-2017-16342
1225388.67.49.9
 
 
Insteon Hub HTTP Server memory corruptionCVE-2017-16341
1225378.67.49.9
 
 
Insteon Hub HTTP Server memory corruptionCVE-2017-16340
1225368.67.49.9
 
 
Insteon Hub HTTP Server memory corruptionCVE-2017-16339

Do you need the next level of professionalism?

Upgrade your account now!