CVSSv3 September 2018info

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

C3BM Index »

Our unique C3BM Index (CVSSv3 Base Meta Index) cumulates the CVSSv3 Meta Base Scores of all entries over time. Comparing this index to the amount of disclosed vulnerabilities helps to pinpoint the most important events.

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

PublishedBaseVDBNVDVendResVulnerabilityCTICVE
09/30/20185.95.46.5
 
 
zzcms ztconfig.php access control0.03CVE-2018-17798
09/30/20185.95.46.5
 
 
zzcms zssave.php path traversal0.04CVE-2018-17797
09/30/20188.57.39.8
 
 
MRCMS WebParam.java getChannel sql injection0.04CVE-2018-17796
09/30/20188.07.38.8
 
 
LibTIFF tiff2pdf.c t2p_write_pdf memory corruption0.06CVE-2018-17795
09/30/20185.44.36.5
 
 
GNU libiberty cplus-dem.c null pointer dereference0.04CVE-2018-17794
09/30/20188.38.3
 
 
 
Virtualenv Sandbox 7pk security0.03CVE-2018-17793
09/30/20187.47.37.5
 
 
Blynk blynk-server path traversal0.06CVE-2018-17785
09/29/20186.45.37.5
 
 
Foxit PhantomPDF/Reader information disclosure0.04CVE-2018-17781
09/29/20185.44.36.5
 
 
Telegram Desktop/App P2P Connection IP Address information disclosure0.08CVE-2018-17780
09/28/20187.56.38.8
 
 
Iomega/Lenovo/LenovoEMC NAS Password Change Session Token session fixiation0.04CVE-2018-9082
09/28/20184.54.34.7
 
 
Iomega/Lenovo/LenovoEMC NAS Self cross site scripting0.04CVE-2018-9081
09/28/20186.67.35.9
 
 
Iomega/Lenovo/LenovoEMC NAS Cookie improper authentication0.10CVE-2018-9080
09/28/20187.04.39.8
 
 
Iomega/Lenovo/LenovoEMC NAS JavaScript DOM-Based argument injection0.06CVE-2018-9079
09/28/20187.56.38.8
 
 
Iomega/Lenovo/LenovoEMC NAS Content Explorer 7pk security0.05CVE-2018-9078
09/28/20186.85.68.1
 
 
Iomega/Lenovo/LenovoEMC NAS Share Name command injection0.07CVE-2018-9077
09/28/20186.85.68.1
 
 
Iomega/Lenovo/LenovoEMC NAS Share Name command injection0.03CVE-2018-9076
09/28/20187.77.38.1
 
 
Iomega/Lenovo/LenovoEMC NAS PersonalCloud Setup command injection0.03CVE-2018-9075
09/28/20187.38.16.5
 
 
Iomega/Lenovo/LenovoEMC NAS Content Explorer path traversal0.10CVE-2018-9074
09/28/20184.43.35.5
 
 
FreeBSD IPv6 Protocol Control Block Flag null pointer dereference0.00CVE-2018-6925
09/28/20188.57.39.8
 
 
TP-LINK EAP Controller RMI Service missing authentication0.06CVE-2018-5393
09/28/20186.55.37.8
 
 
PCProtect Anti-Virus access control0.06CVE-2018-17776
09/28/20185.35.3
 
 
 
FreeBSD Userland Kernel Memory information disclosure0.09CVE-2018-17155
09/28/20183.33.3
 
 
 
FreeBSD System Call freebsd4_getfsstat null pointer dereference0.05CVE-2018-17154
09/28/20184.84.35.4
 
 
IBM Platform Symphony/Spectrum Symphony redirect0.04CVE-2018-1704
09/28/20185.74.37.1
 
 
IBM Platform Symphony/Spectrum Symphony XML Data xml external entity reference0.04CVE-2018-1702
09/28/20188.57.39.8
 
 
Dell EMC ESRS Policy Manager JMX Service config0.13CVE-2018-15764
09/28/20184.43.55.4
 
 
Trend Micro Deep Discovery Inspector Reflected cross site scripting0.03CVE-2018-15365
09/28/20186.45.37.5
 
 
389 Directory Server Search Query do_search resource management0.06CVE-2018-14648
09/28/20187.26.38.1
 
 
Dell EMC Unity/UnityVSA redirect0.08CVE-2018-1251
09/28/20186.46.36.5
 
 
Dell EMC Unity/UnityVSA Unisphere improper authorization0.04CVE-2018-1250

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!