CVSSv3 10/24/2018info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1259536.54.38.8
 
 
Eaton UPS 9PX 8000 SP Administration Panel cross-site request forgery0.00CVE-2018-9281
1259523.82.74.9
 
 
Eaton UPS 9PX 8000 SP SNMP Password credentials management0.00CVE-2018-9280
1259513.82.74.9
 
 
Eaton UPS 9PX 8000 SP Web Page credentials management0.03CVE-2018-9279
1259508.57.39.8
 
 
BitDefender GravityZone Installer signature verification0.03CVE-2018-8955
1259496.85.68.1
 
 
Neato Botvac Connected Setup API initialize command injection0.09CVE-2018-18638
1259485.24.36.1
 
 
D-Link DSL-2640T webcm cross site scripting0.03CVE-2018-18636
1259475.24.36.1
 
 
MailCleaner CE Administration Login Interface UserController.php cross site scripting0.00CVE-2018-18635
1259465.24.36.1
 
 
Communigate Pro Pronto! Mail Composer Stored cross site scripting0.06CVE-2018-18621
1259456.67.35.9
 
 
Polycom VVX 500/VVX 601 X.509 Certificate Validation certificate validation0.00CVE-2018-18568
1259446.67.35.9
 
 
AudioCodes 440HD/450HD X.509 Certificate Validation certificate validation0.00CVE-2018-18567
1259435.35.35.3
 
 
Polycom VVX 500/VVX 601 SIP Service information disclosure0.05CVE-2018-18566
1259424.93.36.5
 
 
ServersCheck Monitoring Software lnk File path traversal0.03CVE-2018-18552
1259415.24.36.1
 
 
ServersCheck Monitoring Software cross site scripting0.00CVE-2018-18551
1259405.24.36.1
 
 
ajenti ajenticp cross site scripting0.05CVE-2018-18548
1259395.24.36.1
 
 
Vesta Control Panel cross site scripting0.00CVE-2018-18547
1259383.62.44.8
 
 
Citrix Netscaler Gateway cross site scripting0.00CVE-2018-18517
1259378.57.39.8
 
 
mysql-binuuid-rails Database Column sql injection0.00CVE-2018-18476
1259366.55.37.8
 
 
Citrix Xen Mobile Configuration Service access control0.03CVE-2018-18014
1259357.57.37.8
 
 
Citrix Xen Mobile Service Port 5001 deserialization0.06CVE-2018-18013
1259347.26.38.1
 
 
Telecrane F25 Series Radio Controls 7pk security0.07CVE-2018-17935
1259336.86.86.9
 
 
SAGA1-L8B improper authentication0.05CVE-2018-17923
1259327.56.38.8
 
 
SAGA1-L8B Pairing access control0.05CVE-2018-17921
1259318.27.39.1
 
 
SAGA1-L8B input validation0.00CVE-2018-17903
1259308.57.39.8
 
 
SaltStack Salt salt-api(netapi) improper authentication0.05CVE-2018-15751
1259295.35.35.3
 
 
SaltStack Salt Salt-api path traversal0.05CVE-2018-15750
1259286.55.37.8
 
 
Cisco Webex Meetings Desktop App Update Service os command injection0.03CVE-2018-15442
1259274.43.55.4
 
 
IBM WebSphere Commerce Enterprise Web UI cross site scripting0.03CVE-2018-1541
1259266.55.37.8
 
 
Fuji Energy Savings Estimator DLL Loader uncontrolled search path0.03CVE-2018-14812
1259258.57.39.8
 
 
Anda App Server API hard-coded credentials0.05CVE-2018-13342
1259245.24.36.1
 
 
Adrenalin HRMS ApplicationtEmployeeSearch Reflected cross site scripting0.07CVE-2018-12650

Do you need the next level of professionalism?

Upgrade your account now!