CVSSv3 10/05/2018info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1249487.37.37.4
 
 
VMware Workspace ONE Unified Endpoint Management Console SAML Authentication improper authentication0.06CVE-2018-6979
1249474.43.55.4
 
 
IBM Robotic Process Automation with Automation Anywhere Persistent cross site scripting0.00CVE-2018-1812
1249465.44.36.5
 
 
ImageMagick pcx.c WritePCXImage resource management0.03CVE-2018-18016
1249456.54.38.8
 
 
razorCMS data cross-site request forgery0.03CVE-2018-17986
1249445.24.36.1
 
 
IBM Robotic Process Automation with Automation Anywhere Web UI cross site scripting0.03CVE-2018-1795
1249435.45.35.5
 
 
IBM Spectrum Scale GPFS Command Line Utility access control0.03CVE-2018-1783
1249425.45.35.5
 
 
IBM Spectrum Scale GPFS Command Line Utility information disclosure0.02CVE-2018-1723
1249414.43.55.4
 
 
IBM Maximo Asset Management Web UI cross site scripting0.02CVE-2018-1686
1249406.46.36.5
 
 
IBM QRadar Incident Forensics path traversal0.03CVE-2018-1649
1249396.45.37.5
 
 
IBM QRadar Incident Forensics resource management0.02CVE-2018-1647
1249386.54.38.8
 
 
Pivotal Container Service IaaS Credential Log credentials management0.00CVE-2018-15763
1249375.75.36.1
 
 
Cisco WebEx Training Center Web-based Management Interface cross site scripting0.02CVE-2018-15436
1249365.75.36.1
 
 
Cisco Unified IP Phone Web-based Management Interface cross site scripting0.01CVE-2018-15434
1249354.34.34.3
 
 
Cisco Prime Infrastructure Server Backup information disclosure0.00CVE-2018-15433
1249344.34.34.3
 
 
Cisco Prime Infrastructure Server Backup information disclosure0.00CVE-2018-15432
1249336.86.37.3
 
 
Cisco WebEx Network Recording Player ARF File input validation0.00CVE-2018-15431
1249326.76.37.2
 
 
Cisco Expressway/TelePresence Video Communication Server input validation0.04CVE-2018-15430
1249315.35.35.3
 
 
Cisco HyperFlex HX Data Platform Web-based UI information disclosure0.02CVE-2018-15429
1249305.23.76.8
 
 
Cisco IOS XR Border Gateway Protocol input validation0.00CVE-2018-15428
1249299.89.89.8
 
 
Cisco Connected Safety/Security Unified Computing System Video Surveillance Manager hard-coded credentials0.00CVE-2018-15427

Want to stay up to date on a daily basis?

Enable the mail alert feature now!