CVSSv3 12/04/2018info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1275193.32.34.4
 
 
Data Ontap 7-Mode information disclosure0.03CVE-2018-5496
1275176.55.37.8
 
 
CX-One CX-Programmer/CX-Server memory corruption0.00CVE-2018-18993
1275165.24.36.1
 
 
SCADA Webserver Reflected cross site scripting0.07CVE-2018-18991
1275156.55.37.8
 
 
CX-One CX-Programmer/CX-Server Project File use after free0.00CVE-2018-18989
1275149.18.310.0
 
 
GitLab Enterprise Edition Kubernetes server-side request forgery0.03CVE-2018-18843
1275136.45.37.5
 
 
GitLab Community Edition/Enterprise Edition Error Message information disclosure0.03CVE-2018-18648
1275126.46.36.5
 
 
GitLab Community Edition/Enterprise Edition Authorization improper authorization0.03CVE-2018-18647
1275117.56.38.8
 
 
GitLab Community Edition/Enterprise Edition server-side request forgery0.00CVE-2018-18646
1275104.34.34.3
 
 
GitLab Community Edition/Enterprise Edition Email Reply information disclosure0.00CVE-2018-18645
1275095.44.36.5
 
 
GitLab Community Edition/Enterprise Edition Prometheus information disclosure0.00CVE-2018-18644
1275085.24.36.1
 
 
GitLab Community Edition/Enterprise Edition cross site scripting0.08CVE-2018-18642
1275077.55.39.8
 
 
GitLab Community Edition/Enterprise Edition credentials management0.08CVE-2018-18641
1275065.44.36.5
 
 
GitLab Community Edition/Enterprise Edition Bowser Cache information disclosure0.00CVE-2018-18640
1275055.44.36.5
 
 
GitLab Community Edition Epic Change Description information disclosure0.00CVE-2018-17976
1275045.35.35.3
 
 
GitLab Community Edition GFM Markdown API information disclosure0.00CVE-2018-17975
1275036.45.37.5
 
 
GitLab Community Edition/Enterprise Edition JSON Endpoint information disclosure0.00CVE-2018-17939
1275029.18.310.0
 
 
FreeBSD bhyve input validation0.00CVE-2018-17160
1275019.07.39.89.8
 
Red Hat OpenShift Container Platform 3 7pk error0.00CVE-2018-1002105
1275005.75.65.9
 
 
Huawei P20 out-of-bounds write0.00CVE-2018-7987
1274996.37.35.3
 
 
Huawei VIP App Brute Force improper authentication0.00CVE-2018-7956
1274986.15.86.5
 
 
VMware ESXi vmxnet3 Virtual Network Adapter information disclosure0.06CVE-2018-6982
1274978.58.38.8
 
 
VMware ESXi/Workstation/Fusion vmxnet3 Virtual Network Adapter memory corruption0.00CVE-2018-6981
1274967.96.39.6
 
 
Google Chrome File Download Page.downloadBehavior unrestricted upload0.00CVE-2018-6152
1274956.46.36.5
 
 
Google Chrome WebAssembly null pointer dereference0.00CVE-2018-6116
1274946.46.36.5
 
 
Google Chrome File Download Malware input validation0.00CVE-2018-6115
1274936.46.36.5
 
 
Google Chrome URL Formatter Domain Name data processing0.00CVE-2018-6108
1274926.46.36.5
 
 
Google Chrome URL Formatter Domain Name data processing0.00CVE-2018-6107
1274916.46.36.5
 
 
Google Chrome Omnibox Domain Name data processing0.00CVE-2018-6105
1274906.46.36.5
 
 
Google Chrome URL Formatter data processing0.00CVE-2018-6104
1274896.97.36.5
 
 
Google Chrome Prompts Policy input validation0.09CVE-2018-6103

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!