CVSSv3 08/29/2018info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCVE
1233936.37.35.3
 
 
Apache Traffic Server ESI Plugin privilege escalationCVE-2018-8040
1233926.45.37.5
 
 
Apache Traffic Server TLS Handshake Segmentation Fault denial of serviceCVE-2018-8022
1233915.35.35.3
 
 
Apache Traffic Server Range Request Performance denial of serviceCVE-2018-8005
1233906.46.36.5
 
 
Apache Traffic Server HTTP Smuggling privilege escalationCVE-2018-8004
1233895.24.36.1
 
 
Schneider Electric PowerLogic PM5560 Protocol cross site scriptingCVE-2018-7795
1233887.47.37.5
 
 
Schneider Electric Modicon M221 Access Control weak encryptionCVE-2018-7792
1233878.57.39.8
 
 
Schneider Electric Modicon M221 Password Change privilege escalationCVE-2018-7791
1233867.75.69.8
 
 
Schneider Electric Modicon M221 Replay weak authenticationCVE-2018-7790
1233856.45.37.5
 
 
Schneider Electric Modicon M221 Reboot denial of serviceCVE-2018-7789
1233843.92.45.5
 
 
Orbic Wonder RC555L/Wonder RC555 SD Card Log information disclosureCVE-2018-6599
1233836.35.57.1
 
 
Orbic Wonder RC555L/Wonder RC555 Factory Reset denial of serviceCVE-2018-6598
1233826.66.46.8
 
 
Alcatel A30 adb privilege escalationCVE-2018-6597
1233805.24.36.1
 
 
Cybrotech CyBroHttpServer URI cross site scriptingCVE-2018-16134
1233795.96.55.3
 
 
Cybrotech CyBroHttpServer URI directory traversalCVE-2018-16133
1233786.95.38.6
 
 
Open Whisper Signal App Image Renderer Restart denial of serviceCVE-2018-16132
1233778.27.39.1
 
 
Lightbend Akka Random Number Generator privilege escalationCVE-2018-16115
1233767.87.87.8
 
 
manjaro-system manjaro-update-system.sh privilege escalationCVE-2018-15912
1233756.46.36.5
 
 
Technicolor TC8305C memory corruptionCVE-2018-15907
1233744.43.35.5
 
 
QEMU seccomp Policy qemu-seccomp.c denial of serviceCVE-2018-15746
1233738.57.39.8
 
 
Grafana Remember Me Cookie weak authenticationCVE-2018-15727
1233725.24.36.1
 
 
CMS ISWEB index.php cross site scriptingCVE-2018-15562
1233718.57.39.8
 
 
ABB eSOMS LDAP web.config privilege escalationCVE-2018-14805
1233707.56.38.8
 
 
Vivotek FD8/FD9/FE9/IB8/IB9/IP9/IZ9/MS9/SD9 privilege escalationCVE-2018-14768
1233696.45.37.5
 
 
Apache Traffic Server ACL remap.config denial of serviceCVE-2018-1318
1233678.57.39.8
 
 
Adobe Flash Player privilege escalationCVE-2018-12828
1233666.96.37.5
 
 
Adobe Flash Player Out-of-Bounds memory corruptionCVE-2018-12827
1233656.96.37.5
 
 
Adobe Flash Player Out-of-Bounds memory corruptionCVE-2018-12826
1233648.57.39.8
 
 
Adobe Flash Player Bypass privilege escalationCVE-2018-12825
1233585.83.78.0
 
 
D-Link DIR-601 POST Request Credentials information disclosureCVE-2018-12710
1233575.75.65.9
 
 
Norton Identity Safe Initialization weak encryptionCVE-2018-12240

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!