CVSSv3 08/15/2018info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1229745.75.65.9
 
 
ZyXEL ZyWALL USG Internet Key Exchange Feature Bleichenbacher weak encryption0.00CVE-2018-9129
1229735.75.65.9
 
 
Clavister cOS Core IKEv1 Bleichenbacher weak encryption0.00CVE-2018-8753
1229714.85.34.3
 
 
Microsoft Exchange Server Profile Data privilege escalation0.00CVE-2018-8374
1229707.47.37.5
 
 
TP-LINK WR840N Authorization Header memory corruption0.00CVE-2018-15172
1229697.56.38.8
 
 
OpenEMR faxq.php command injection0.00CVE-2018-15156
1229687.56.38.8
 
 
OpenEMR fax_dispatch.php command injection0.00CVE-2018-15155
1229677.56.38.8
 
 
OpenEMR sl_eob_search.php command injection0.00CVE-2018-15154
1229667.56.38.8
 
 
OpenEMR daemon_frame.php command injection0.00CVE-2018-15153
1229658.27.39.1
 
 
OpenEMR register.php weak authentication0.05CVE-2018-15152
1229647.56.38.8
 
 
OpenEMR find_code_popup.php sql injection0.00CVE-2018-15151
1229637.56.38.8
 
 
OpenEMR de_identification_screen2.php sql injection0.00CVE-2018-15150
1229627.56.38.8
 
 
OpenEMR Anything_simple.php sql injection0.00CVE-2018-15149
1229617.56.38.8
 
 
OpenEMR search_code.php sql injection0.08CVE-2018-15148
1229607.56.38.8
 
 
OpenEMR forms_admin.php sql injection0.00CVE-2018-15147
1229597.56.38.8
 
 
OpenEMR find_immunization_popup.php sql injection0.00CVE-2018-15146
1229587.47.37.5
 
 
Ericsson-LG iPECS NMS 30M directory traversal0.00CVE-2018-15138
1229574.44.34.6
 
 
Yubico-Piv ykpiv.c _ykpiv_fetch_object()` Out-of-Bounds memory corruption0.00CVE-2018-14780
1229565.54.36.8
 
 
Yubico-Piv Error ykpiv.c ykpiv_transfer_data()` memory corruption0.00CVE-2018-14779
1229558.18.18.1
 
 
btrfsmaintenance evaluate_auto_mountpoint Remote Code Execution0.00CVE-2018-14722
1229548.57.39.8
 
 
Citrix XenServer directory traversal0.00CVE-2018-14007
1229536.45.37.5
 
 
All For One maxRandom information disclosure0.00CVE-2018-12056
1229527.47.37.5
 
 
Bitcoin Red distributeBTR Integer Overflow privilege escalation0.00CVE-2018-11687
1229518.57.39.8
 
 
Nasdaq BWise JMX/RMI Interface privilege escalation0.00CVE-2018-11247
1229505.95.46.5
 
 
Pulp Path Parser privilege escalation0.00CVE-2018-10917
1229496.45.37.5
 
 
Trend Micro Control Manager DLL denial of service0.00CVE-2018-10512
1229488.67.310.0
 
 
Trend Micro Control Manager Server-Side Request Forgery0.00CVE-2018-10511
1229478.57.39.8
 
 
Trend Micro Control Manager Code Execution directory traversal0.00CVE-2018-10510
1229467.04.39.8
 
 
Intelbras Win 240 cross site scripting0.00CVE-2018-10369
1229457.37.86.7
 
 
Cisco Web Security Appliance Account Management Subsystem privilege escalation0.00CVE-2018-0428
1229447.56.38.8
 
 
Cisco Digital Network Architecture Center CronJob Scheduler API command injection0.00CVE-2018-0427

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!